| /* |
| * Copyright (c) 2012 Jakub Zawadzki |
| * All rights reserved. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions |
| * are met: |
| * |
| * 1. Redistributions of source code must retain the above copyright |
| * notice, this list of conditions and the following disclaimer. |
| * 2. Redistributions in binary form must reproduce the above copyright |
| * notice, this list of conditions and the following disclaimer in the |
| * documentation and/or other materials provided with the distribution. |
| * 3. The name of the author may not be used to endorse or promote |
| * products derived from this software without specific prior written |
| * permission. |
| * |
| * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
| |
| #ifdef HAVE_CONFIG_H |
| #include <config.h> |
| #endif |
| |
| #include <string.h> |
| |
| #include <time.h> |
| #include <sys/time.h> |
| |
| #include <dbus/dbus.h> |
| |
| #include "pcap-int.h" |
| #include "pcap-dbus.h" |
| |
| /* |
| * Private data for capturing on D-Bus. |
| */ |
| struct pcap_dbus { |
| DBusConnection *conn; |
| u_int packets_read; /* count of packets read */ |
| }; |
| |
| static int |
| dbus_read(pcap_t *handle, int max_packets _U_, pcap_handler callback, u_char *user) |
| { |
| struct pcap_dbus *handlep = handle->priv; |
| |
| struct pcap_pkthdr pkth; |
| DBusMessage *message; |
| |
| char *raw_msg; |
| int raw_msg_len; |
| |
| int count = 0; |
| |
| message = dbus_connection_pop_message(handlep->conn); |
| |
| while (!message) { |
| /* XXX handle->opt.timeout = timeout_ms; */ |
| if (!dbus_connection_read_write(handlep->conn, 100)) { |
| pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Connection closed"); |
| return -1; |
| } |
| |
| if (handle->break_loop) { |
| handle->break_loop = 0; |
| return -2; |
| } |
| |
| message = dbus_connection_pop_message(handlep->conn); |
| } |
| |
| if (dbus_message_is_signal(message, DBUS_INTERFACE_LOCAL, "Disconnected")) { |
| pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Disconnected"); |
| return -1; |
| } |
| |
| if (dbus_message_marshal(message, &raw_msg, &raw_msg_len)) { |
| pkth.caplen = pkth.len = raw_msg_len; |
| /* pkth.caplen = min (payload_len, handle->snapshot); */ |
| |
| gettimeofday(&pkth.ts, NULL); |
| if (handle->fcode.bf_insns == NULL || |
| bpf_filter(handle->fcode.bf_insns, (u_char *)raw_msg, pkth.len, pkth.caplen)) { |
| handlep->packets_read++; |
| callback(user, &pkth, (u_char *)raw_msg); |
| count++; |
| } |
| |
| dbus_free(raw_msg); |
| } |
| return count; |
| } |
| |
| static int |
| dbus_write(pcap_t *handle, const void *buf, size_t size) |
| { |
| /* XXX, not tested */ |
| struct pcap_dbus *handlep = handle->priv; |
| |
| DBusError error = DBUS_ERROR_INIT; |
| DBusMessage *msg; |
| |
| if (!(msg = dbus_message_demarshal(buf, size, &error))) { |
| pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "dbus_message_demarshal() failed: %s", error.message); |
| dbus_error_free(&error); |
| return -1; |
| } |
| |
| dbus_connection_send(handlep->conn, msg, NULL); |
| dbus_connection_flush(handlep->conn); |
| |
| dbus_message_unref(msg); |
| return 0; |
| } |
| |
| static int |
| dbus_stats(pcap_t *handle, struct pcap_stat *stats) |
| { |
| struct pcap_dbus *handlep = handle->priv; |
| |
| stats->ps_recv = handlep->packets_read; |
| stats->ps_drop = 0; |
| stats->ps_ifdrop = 0; |
| return 0; |
| } |
| |
| static void |
| dbus_cleanup(pcap_t *handle) |
| { |
| struct pcap_dbus *handlep = handle->priv; |
| |
| dbus_connection_unref(handlep->conn); |
| |
| pcap_cleanup_live_common(handle); |
| } |
| |
| /* |
| * We don't support non-blocking mode. I'm not sure what we'd |
| * do to support it and, given that we don't support select()/ |
| * poll()/epoll_wait()/kevent() etc., it probably doesn't |
| * matter. |
| */ |
| static int |
| dbus_getnonblock(pcap_t *p) |
| { |
| pcap_snprintf(p->errbuf, PCAP_ERRBUF_SIZE, |
| "Non-blocking mode isn't supported for capturing on D-Bus"); |
| return (-1); |
| } |
| |
| static int |
| dbus_setnonblock(pcap_t *p, int nonblock _U_) |
| { |
| pcap_snprintf(p->errbuf, PCAP_ERRBUF_SIZE, |
| "Non-blocking mode isn't supported for capturing on D-Bus"); |
| return (-1); |
| } |
| |
| static int |
| dbus_activate(pcap_t *handle) |
| { |
| #define EAVESDROPPING_RULE "eavesdrop=true," |
| |
| static const char *rules[] = { |
| EAVESDROPPING_RULE "type='signal'", |
| EAVESDROPPING_RULE "type='method_call'", |
| EAVESDROPPING_RULE "type='method_return'", |
| EAVESDROPPING_RULE "type='error'", |
| }; |
| |
| #define N_RULES sizeof(rules)/sizeof(rules[0]) |
| |
| struct pcap_dbus *handlep = handle->priv; |
| const char *dev = handle->opt.device; |
| |
| DBusError error = DBUS_ERROR_INIT; |
| u_int i; |
| |
| if (strcmp(dev, "dbus-system") == 0) { |
| if (!(handlep->conn = dbus_bus_get(DBUS_BUS_SYSTEM, &error))) { |
| pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to get system bus: %s", error.message); |
| dbus_error_free(&error); |
| return PCAP_ERROR; |
| } |
| |
| } else if (strcmp(dev, "dbus-session") == 0) { |
| if (!(handlep->conn = dbus_bus_get(DBUS_BUS_SESSION, &error))) { |
| pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to get session bus: %s", error.message); |
| dbus_error_free(&error); |
| return PCAP_ERROR; |
| } |
| |
| } else if (strncmp(dev, "dbus://", 7) == 0) { |
| const char *addr = dev + 7; |
| |
| if (!(handlep->conn = dbus_connection_open(addr, &error))) { |
| pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to open connection to: %s: %s", addr, error.message); |
| dbus_error_free(&error); |
| return PCAP_ERROR; |
| } |
| |
| if (!dbus_bus_register(handlep->conn, &error)) { |
| pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to register bus %s: %s\n", addr, error.message); |
| dbus_error_free(&error); |
| return PCAP_ERROR; |
| } |
| |
| } else { |
| pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't get bus address from %s", handle->opt.device); |
| return PCAP_ERROR; |
| } |
| |
| /* Initialize some components of the pcap structure. */ |
| handle->bufsize = 0; |
| handle->offset = 0; |
| handle->linktype = DLT_DBUS; |
| handle->read_op = dbus_read; |
| handle->inject_op = dbus_write; |
| handle->setfilter_op = install_bpf_program; /* XXX, later add support for dbus_bus_add_match() */ |
| handle->setdirection_op = NULL; |
| handle->set_datalink_op = NULL; /* can't change data link type */ |
| handle->getnonblock_op = dbus_getnonblock; |
| handle->setnonblock_op = dbus_setnonblock; |
| handle->stats_op = dbus_stats; |
| handle->cleanup_op = dbus_cleanup; |
| |
| #ifndef _WIN32 |
| /* |
| * Unfortunately, trying to do a select()/poll()/epoll_wait()/ |
| * kevent()/etc. on a D-Bus connection isn't a simple |
| * case of "give me an FD on which to wait". |
| * |
| * Apparently, you have to register "add watch", "remove watch", |
| * and "toggle watch" functions with |
| * dbus_connection_set_watch_functions(), |
| * keep a *set* of FDs, add to that set in the "add watch" |
| * function, subtract from it in the "remove watch" function, |
| * and either add to or subtract from that set in the "toggle |
| * watch" function, and do the wait on *all* of the FDs in the |
| * set. (Yes, you need the "toggle watch" function, so that |
| * the main loop doesn't itself need to check for whether |
| * a given watch is enabled or disabled - most libpcap programs |
| * know nothing about D-Bus and shouldn't *have* to know anything |
| * about D-Bus other than how to decode D-Bus messages.) |
| * |
| * Implementing that would require considerable changes in |
| * the way libpcap exports "selectable FDs" to its client. |
| * Until that's done, we just say "you can't do that". |
| */ |
| handle->selectable_fd = handle->fd = -1; |
| #endif |
| |
| if (handle->opt.rfmon) { |
| /* |
| * Monitor mode doesn't apply to dbus connections. |
| */ |
| dbus_cleanup(handle); |
| return PCAP_ERROR_RFMON_NOTSUP; |
| } |
| |
| /* |
| * Turn a negative snapshot value (invalid), a snapshot value of |
| * 0 (unspecified), or a value bigger than the normal maximum |
| * value, into the maximum message length for D-Bus (128MB). |
| */ |
| if (handle->snapshot <= 0 || handle->snapshot > 134217728) |
| handle->snapshot = 134217728; |
| |
| /* dbus_connection_set_max_message_size(handlep->conn, handle->snapshot); */ |
| if (handle->opt.buffer_size != 0) |
| dbus_connection_set_max_received_size(handlep->conn, handle->opt.buffer_size); |
| |
| for (i = 0; i < N_RULES; i++) { |
| dbus_bus_add_match(handlep->conn, rules[i], &error); |
| if (dbus_error_is_set(&error)) { |
| dbus_error_free(&error); |
| |
| /* try without eavesdrop */ |
| dbus_bus_add_match(handlep->conn, rules[i] + strlen(EAVESDROPPING_RULE), &error); |
| if (dbus_error_is_set(&error)) { |
| pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to add bus match: %s\n", error.message); |
| dbus_error_free(&error); |
| dbus_cleanup(handle); |
| return PCAP_ERROR; |
| } |
| } |
| } |
| |
| return 0; |
| } |
| |
| pcap_t * |
| dbus_create(const char *device, char *ebuf, int *is_ours) |
| { |
| pcap_t *p; |
| |
| if (strcmp(device, "dbus-system") && |
| strcmp(device, "dbus-session") && |
| strncmp(device, "dbus://", 7)) |
| { |
| *is_ours = 0; |
| return NULL; |
| } |
| |
| *is_ours = 1; |
| p = pcap_create_common(ebuf, sizeof (struct pcap_dbus)); |
| if (p == NULL) |
| return (NULL); |
| |
| p->activate_op = dbus_activate; |
| /* |
| * Set these up front, so that, even if our client tries |
| * to set non-blocking mode before we're activated, or |
| * query the state of non-blocking mode, they get an error, |
| * rather than having the non-blocking mode option set |
| * for use later. |
| */ |
| p->getnonblock_op = dbus_getnonblock; |
| p->setnonblock_op = dbus_setnonblock; |
| return (p); |
| } |
| |
| int |
| dbus_findalldevs(pcap_if_list_t *devlistp, char *err_str) |
| { |
| /* |
| * The notion of "connected" vs. "disconnected" doesn't apply. |
| * XXX - what about the notions of "up" and "running"? |
| */ |
| if (add_dev(devlistp, "dbus-system", |
| PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE, "D-Bus system bus", |
| err_str) == NULL) |
| return -1; |
| if (add_dev(devlistp, "dbus-session", |
| PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE, "D-Bus session bus", |
| err_str) == NULL) |
| return -1; |
| return 0; |
| } |
| |