Wireshark  4.3.0
The Wireshark network protocol analyzer
addr_resolv.h
Go to the documentation of this file.
1 
12 /* The buffers returned by these functions are all allocated with a
13  * packet lifetime and does not have to be freed.
14  * However, take into account that when the packet dissection
15  * completes, these buffers will be automatically reclaimed/freed.
16  * If you need the buffer to remain for a longer scope than packet lifetime
17  * you must copy the content to an wmem_file_scope() buffer.
18  */
19 
20 #ifndef __RESOLV_H__
21 #define __RESOLV_H__
22 
23 #include <epan/address.h>
24 #include <epan/tvbuff.h>
25 #include <wsutil/inet_cidr.h>
26 #include <epan/to_str.h>
27 #include <wiretap/wtap.h>
28 #include "ws_symbol_export.h"
29 
30 #ifdef __cplusplus
31 extern "C" {
32 #endif /* __cplusplus */
33 
34 #ifndef MAXNAMELEN
35 #define MAXNAMELEN 64 /* max name length (hostname and port name) */
36 #endif
37 
38 #ifndef MAXVLANNAMELEN
39 #define MAXVLANNAMELEN 128 /* max vlan name length */
40 #endif
41 
42 #define BASE_ENTERPRISES BASE_CUSTOM
43 #define STRINGS_ENTERPRISES CF_FUNC(enterprises_base_custom)
44 
48 typedef struct _e_addr_resolve {
49  bool mac_name;
50  bool network_name;
55  bool vlan_name;
56  bool ss7pc_name;
59 
60 #define ADDR_RESOLV_MACADDR(at) \
61  (((at)->type == AT_ETHER))
62 
63 #define ADDR_RESOLV_NETADDR(at) \
64  (((at)->type == AT_IPv4) || ((at)->type == AT_IPv6) || ((at)->type == AT_IPX))
65 
66 struct hashether;
67 typedef struct hashether hashether_t;
68 
69 struct hashwka;
70 typedef struct hashwka hashwka_t;
71 
72 struct hashmanuf;
73 typedef struct hashmanuf hashmanuf_t;
74 
75 typedef struct serv_port {
76  const char *udp_name;
77  const char *tcp_name;
78  const char *sctp_name;
79  const char *dccp_name;
80  const char *numeric;
81 } serv_port_t;
82 
83 typedef struct _resolved_name {
84  char name[MAXNAMELEN];
86 
87 /*
88  * Flags for various resolved name hash table entries.
89  */
90 #define TRIED_RESOLVE_ADDRESS (1U<<0) /* XXX - what does this bit *really* mean? */
91 #define NAME_RESOLVED (1U<<1) /* the name field contains a host name, not a printable address */
92 #define RESOLVED_ADDRESS_USED (1U<<2) /* a get_hostname* call returned the host name */
93 #define STATIC_HOSTNAME (1U<<3) /* do not update entries from hosts file with DNS responses */
94 #define NAME_RESOLVED_PREFIX (1U<<4) /* name was generated from a prefix (e.g., OUI) instead of the entire address */
95 
96 #define TRIED_OR_RESOLVED_MASK (TRIED_RESOLVE_ADDRESS | NAME_RESOLVED)
97 #define USED_AND_RESOLVED_MASK (NAME_RESOLVED | RESOLVED_ADDRESS_USED)
98 
99 /*
100  * Flag controlling what names to resolve.
101  */
102 WS_DLL_PUBLIC e_addr_resolve gbl_resolv_flags;
103 
104 /* global variables */
105 
106 extern gchar *g_ethers_path;
107 extern gchar *g_ipxnets_path;
108 extern gchar *g_pethers_path;
109 extern gchar *g_pipxnets_path;
110 
111 /* Functions in addr_resolv.c */
112 
113 /*
114  * udp_port_to_display() returns the port name corresponding to that UDP port,
115  * or the port number as a string if not found.
116  */
117 WS_DLL_PUBLIC gchar *udp_port_to_display(wmem_allocator_t *allocator, guint port);
118 
119 /*
120  * tcp_port_to_display() returns the port name corresponding to that TCP port,
121  * or the port number as a string if not found.
122  */
123 WS_DLL_PUBLIC gchar *tcp_port_to_display(wmem_allocator_t *allocator, guint port);
124 
125 /*
126  * dccp_port_to_display() returns the port name corresponding to that DCCP port,
127  * or the port number as a string if not found.
128  */
129 extern gchar *dccp_port_to_display(wmem_allocator_t *allocator, guint port);
130 
131 /*
132  * sctp_port_to_display() returns the port name corresponding to that SCTP port,
133  * or the port number as a string if not found.
134  */
135 WS_DLL_PUBLIC gchar *sctp_port_to_display(wmem_allocator_t *allocator, guint port);
136 
137 /*
138  * serv_name_lookup() returns the well known service name string, or numeric
139  * representation if one doesn't exist.
140  */
141 WS_DLL_PUBLIC const gchar *serv_name_lookup(port_type proto, guint port);
142 
143 /*
144  * enterprises_lookup() returns the private enterprise code string, or 'unknown_str'
145  * if one doesn't exist, or "<Unknown>" if that is NULL.
146  */
147 WS_DLL_PUBLIC const gchar *enterprises_lookup(guint32 value, const char *unknown_str);
148 
149 /*
150  * try_enterprises_lookup() returns the private enterprise code string, or NULL if not found.
151  */
152 WS_DLL_PUBLIC const gchar *try_enterprises_lookup(guint32 value);
153 
154 /*
155  * enterprises_base_custom() prints the "name (decimal)" string to 'buf'.
156  * (Used with BASE_CUSTOM field display).
157  */
158 WS_DLL_PUBLIC void enterprises_base_custom(char *buf, guint32 value);
159 
160 /*
161  * try_serv_name_lookup() returns the well known service name string, or NULL if
162  * one doesn't exist.
163  */
164 WS_DLL_PUBLIC const gchar *try_serv_name_lookup(port_type proto, guint port);
165 
166 /*
167  * port_with_resolution_to_str() prints the "<resolved> (<numerical>)" port
168  * string.
169  */
170 WS_DLL_PUBLIC gchar *port_with_resolution_to_str(wmem_allocator_t *scope,
171  port_type proto, guint port);
172 
173 /*
174  * port_with_resolution_to_str_buf() prints the "<resolved> (<numerical>)" port
175  * string to 'buf'. Return value is the same as snprintf().
176  */
177 WS_DLL_PUBLIC int port_with_resolution_to_str_buf(gchar *buf, gulong buf_size,
178  port_type proto, guint port);
179 
180 /*
181  * Asynchronous host name lookup initialization, processing, and cleanup
182  */
183 
184 /* Setup name resolution preferences */
185 struct pref_module;
186 extern void addr_resolve_pref_init(struct pref_module *nameres);
187 extern void addr_resolve_pref_apply(void);
188 
189 /*
190  * disable_name_resolution() sets all relevant gbl_resolv_flags to FALSE.
191  */
192 WS_DLL_PUBLIC void disable_name_resolution(void);
193 
201 WS_DLL_PUBLIC gboolean host_name_lookup_process(void);
202 
203 /* get_hostname returns the host name or "%d.%d.%d.%d" if not found */
204 WS_DLL_PUBLIC const gchar *get_hostname(const guint addr);
205 
206 /* get_hostname6 returns the host name, or numeric addr if not found */
207 WS_DLL_PUBLIC const gchar *get_hostname6(const ws_in6_addr *ad);
208 
209 /* get_ether_name returns the logical name if found in ethers files else
210  "<vendor>_%02x:%02x:%02x" if the vendor code is known else
211  "%02x:%02x:%02x:%02x:%02x:%02x" */
212 WS_DLL_PUBLIC const gchar *get_ether_name(const guint8 *addr);
213 
214 /* get_hostname_ss7pc returns the logical name if found in ss7pcs file else
215  '\0' on the first call or the unresolved Point Code in the subsequent calls */
216 const gchar *get_hostname_ss7pc(const guint8 ni, const guint32 pc);
217 
218 /* fill_unresolved_ss7pc initializes the unresolved Point Code Address string in the hashtable */
219 void fill_unresolved_ss7pc(const gchar * pc_addr, const guint8 ni, const guint32 pc);
220 
221 
222 /* Same as get_ether_name with tvb support */
223 WS_DLL_PUBLIC const gchar *tvb_get_ether_name(tvbuff_t *tvb, gint offset);
224 
225 /* get_ether_name_if_known returns the logical name if an exact match is
226  * found (in ethers files or from ARP) else NULL.
227  * @note: It returns NULL for addresses if only a prefix can be resolved
228  * into a manufacturer name.
229  */
230 const gchar *get_ether_name_if_known(const guint8 *addr);
231 
232 /*
233  * Given a sequence of 3 octets containing an OID, get_manuf_name()
234  * returns an abbreviated form of the vendor name, or "%02x:%02x:%02x"
235  * if not known. (The short form of the name is roughly similar in length
236  * to the hexstring, so that they may be used in similar places.)
237  * @note: This only looks up entries in the 24-bit OUI table (and the
238  * CID table), not the MA-M and MA-S tables. The hex byte string is
239  * returned for sequences registered to the IEEE Registration Authority
240  * for the purposes of being subdivided into MA-M and MA-S.
241  */
242 extern const gchar *get_manuf_name(const guint8 *addr, size_t size);
243 
244 /*
245  * Given a sequence of 3 or more octets containing an OUI,
246  * get_manuf_name_if_known() returns the vendor name, or NULL if not known.
247  * @note Unlike get_manuf_name() above, this returns the full vendor name.
248  * @note If size is 6 or larger, vendor names will be looked up in the MA-M
249  * and MA-S tables as well (but note that the length of the sequence is
250  * not returned.) If size is less than 6, only the 24 bit tables are searched,
251  * and NULL is returned for sequences registered to the IEEE Registration
252  * Authority for purposes of being subdivided into MA-M and MA-S.
253  */
254 WS_DLL_PUBLIC const gchar *get_manuf_name_if_known(const guint8 *addr, size_t size);
255 
256 /*
257  * Given an integer containing a 24-bit OUI (or CID),
258  * uint_get_manuf_name_if_known() returns the vendor name, or NULL if not known.
259  * @note NULL is returned for sequences registered to the IEEE Registration
260  * Authority for purposes of being subdivided into MA-M and MA-S.
261  */
262 extern const gchar *uint_get_manuf_name_if_known(const guint32 oid);
263 
264 /*
265  * Given a tvbuff and an offset in that tvbuff for a 3-octet OID,
266  * tvb_get_manuf_name() returns an abbreviated vendor name, or "%02x:%02x:%02x"
267  * if not known.
268  * @note: This only looks up entries in the 24-bit OUI table (and the
269  * CID table), not the MA-M and MA-S tables. The hex byte string is
270  * returned for sequences registered to the IEEE Registration Authority
271  * for the purposes of being subdivided into MA-M and MA-S.
272  */
273 WS_DLL_PUBLIC const gchar *tvb_get_manuf_name(tvbuff_t *tvb, gint offset);
274 
275 /*
276  * Given a tvbuff and an offset in that tvbuff for a 3-octet OID,
277  * tvb_get_manuf_name_if_known() returns the full vendor name, or NULL
278  * if not known.
279  * @note NULL is returned for sequences registered to the IEEE Registration
280  * Authority for purposes of being subdivided into MA-M and MA-S.
281  */
282 WS_DLL_PUBLIC const gchar *tvb_get_manuf_name_if_known(tvbuff_t *tvb, gint offset);
283 
284 /* eui64_to_display returns "<vendor>_%02x:%02x:%02x:%02x:%02x:%02x" if the
285  * vendor code is known (or as appropriate for MA-M and MA-S), and if not,
286  * "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x"
287 */
288 extern gchar *eui64_to_display(wmem_allocator_t *allocator, const guint64 addr);
289 
290 /* get_ipxnet_name returns the logical name if found in an ipxnets file,
291  * or a string formatted with "%X" if not */
292 extern gchar *get_ipxnet_name(wmem_allocator_t *allocator, const guint32 addr);
293 
294 /* get_vlan_name returns the logical name if found in a vlans file,
295  * or the VLAN ID itself as a string if not found*/
296 extern gchar *get_vlan_name(wmem_allocator_t *allocator, const guint16 id);
297 
298 WS_DLL_PUBLIC guint get_hash_ether_status(hashether_t* ether);
299 WS_DLL_PUBLIC bool get_hash_ether_used(hashether_t* ether);
300 WS_DLL_PUBLIC char* get_hash_ether_hexaddr(hashether_t* ether);
301 WS_DLL_PUBLIC char* get_hash_ether_resolved_name(hashether_t* ether);
302 
303 WS_DLL_PUBLIC bool get_hash_manuf_used(hashmanuf_t* manuf);
304 WS_DLL_PUBLIC char* get_hash_manuf_resolved_name(hashmanuf_t* manuf);
305 
306 WS_DLL_PUBLIC bool get_hash_wka_used(hashwka_t* wka);
307 WS_DLL_PUBLIC char* get_hash_wka_resolved_name(hashwka_t* wka);
308 
309 /* adds a hostname/IPv4 in the hash table */
310 WS_DLL_PUBLIC void add_ipv4_name(const guint addr, const gchar *name, const bool static_entry);
311 
312 /* adds a hostname/IPv6 in the hash table */
313 WS_DLL_PUBLIC void add_ipv6_name(const ws_in6_addr *addr, const gchar *name, const bool static_entry);
314 
324 WS_DLL_PUBLIC gboolean add_hosts_file (const char *hosts_file);
325 
326 /* adds a hostname in the hash table */
327 WS_DLL_PUBLIC gboolean add_ip_name_from_string (const char *addr, const char *name);
328 
329 /* Get the user defined name, for a given address */
330 WS_DLL_PUBLIC resolved_name_t* get_edited_resolved_name(const char* addr);
331 
332 
339 WS_DLL_PUBLIC addrinfo_lists_t *get_addrinfo_list(void);
340 
341 /* add ethernet address / name corresponding to IP address */
342 extern void add_ether_byip(const guint ip, const guint8 *eth);
343 
355 WS_DLL_PUBLIC
356 gboolean get_host_ipaddr(const char *host, guint32 *addrp);
357 
369 WS_DLL_PUBLIC
370 gboolean get_host_ipaddr6(const char *host, ws_in6_addr *addrp);
371 
372 WS_DLL_PUBLIC
373 wmem_map_t *get_manuf_hashtable(void);
374 
375 WS_DLL_PUBLIC
376 wmem_map_t *get_wka_hashtable(void);
377 
378 WS_DLL_PUBLIC
379 wmem_map_t *get_eth_hashtable(void);
380 
381 WS_DLL_PUBLIC
382 wmem_map_t *get_serv_port_hashtable(void);
383 
384 WS_DLL_PUBLIC
385 wmem_map_t *get_ipxnet_hash_table(void);
386 
387 WS_DLL_PUBLIC
388 wmem_map_t *get_vlan_hash_table(void);
389 
390 WS_DLL_PUBLIC
391 wmem_map_t *get_ipv4_hash_table(void);
392 
393 WS_DLL_PUBLIC
394 wmem_map_t *get_ipv6_hash_table(void);
395 
396 /*
397  * XXX - if we ever have per-session host name etc. information, we
398  * should probably have the "resolve synchronously or asynchronously"
399  * flag be per-session, set with an epan API.
400  */
401 WS_DLL_PUBLIC
402 void set_resolution_synchrony(gboolean synchronous);
403 
404 /*
405  * private functions (should only be called by epan directly)
406  */
407 
408 WS_DLL_LOCAL
409 void name_resolver_init(void);
410 
411 /* Reinitialize hostname resolution subsystem */
412 WS_DLL_LOCAL
413 void host_name_lookup_reset(void);
414 
415 WS_DLL_LOCAL
416 void addr_resolv_init(void);
417 
418 WS_DLL_LOCAL
419 void addr_resolv_cleanup(void);
420 
421 WS_DLL_PUBLIC
422 gboolean str_to_ip(const char *str, void *dst);
423 
424 WS_DLL_PUBLIC
425 gboolean str_to_ip6(const char *str, void *dst);
426 
427 WS_DLL_LOCAL
428 gboolean str_to_eth(const char *str, char *eth_bytes);
429 
430 WS_DLL_LOCAL
431 guint ipv6_oat_hash(gconstpointer key);
432 
433 WS_DLL_LOCAL
434 gboolean ipv6_equal(gconstpointer v1, gconstpointer v2);
435 
436 #ifdef __cplusplus
437 }
438 #endif /* __cplusplus */
439 
440 #endif /* __RESOLV_H__ */
WS_DLL_PUBLIC gboolean get_host_ipaddr(const char *host, guint32 *addrp)
Definition: addr_resolv.c:3883
WS_DLL_PUBLIC gboolean host_name_lookup_process(void)
Definition: addr_resolv.c:3290
WS_DLL_PUBLIC gboolean add_hosts_file(const char *hosts_file)
Definition: addr_resolv.c:2685
WS_DLL_PUBLIC gboolean get_host_ipaddr6(const char *host, ws_in6_addr *addrp)
Definition: addr_resolv.c:3948
WS_DLL_PUBLIC addrinfo_lists_t * get_addrinfo_list(void)
Definition: addr_resolv.c:2812
struct _e_addr_resolve e_addr_resolve
Flags to control name resolution.
Flags to control name resolution.
Definition: addr_resolv.h:48
bool dns_pkt_addr_resolution
Definition: addr_resolv.h:52
bool maxmind_geoip
Definition: addr_resolv.h:57
bool ss7pc_name
Definition: addr_resolv.h:56
bool use_external_net_name_resolver
Definition: addr_resolv.h:54
bool handshake_sni_addr_resolution
Definition: addr_resolv.h:53
bool transport_name
Definition: addr_resolv.h:51
bool mac_name
Definition: addr_resolv.h:49
bool network_name
Definition: addr_resolv.h:50
bool vlan_name
Definition: addr_resolv.h:55
Definition: addr_resolv.h:83
Definition: wmem_allocator.h:27
Definition: wmem_map.c:44
Definition: wtap.h:1505
Definition: inet_addr.h:21
Definition: addr_resolv.c:162
Definition: addr_resolv.c:174
Definition: addr_resolv.c:169
Definition: prefs-int.h:27
const char * name
Definition: prefs-int.h:28
Definition: addr_resolv.h:75
Definition: tvbuff-int.h:35