Commit Graph

835 Commits

Author SHA1 Message Date
Kaian a64525441d cc: remove parameters from msg_create and capture_launch_thread definition #471 2023-12-20 10:27:56 +01:00
Axel Sommerfeldt a4a2357355 CMake build support revised
- Compiler options '-Wall -pedantic' added
- Definition of _XOPEN_SOURCE_EXTENDED added
- Template configuration header file src/config.h.cmake added
- README updated

See also: https://github.com/irontec/sngrep/pull/462
2023-11-29 16:27:00 +01:00
Kaian c8c1b38ea5 main: -F flag should not require extra arguments #461 2023-11-29 16:15:22 +01:00
Christian Schnell ba59a9d18f Redefine usage of POSIX signals.
Use signal SIGUSR1 instead of SIGHUP to detect when to rotate the pcap dump file.
Use signal SIGHUP instead of SIGCONT to detect when the controlling terminal closed.

This signal usage provides that sngrep closes cleanly when its controlling (SSH) terminal closes.
2023-11-07 17:19:42 +01:00
Kaian 71e454c687 capture: properly check link layer header size before IP reassembly #446 2023-08-22 11:44:49 +02:00
Kaian 85bc4924e0 capture: only validate BPF filters against libpcap sources #452 2023-08-21 13:01:21 +02:00
Lixeiden 69758cb85e Fix: typo in comment line 2023-08-04 07:49:43 +02:00
Kaian ad1daf15c8 capture: properly validate WS packet payload size #438 2023-06-09 14:29:59 +02:00
Andreas Heil a7b8436818 fix remove unused variables and uset getmaxx() or getmaxy() for remaining variables 2023-05-23 12:30:32 +02:00
Andreas Heil 6ea5fa4d31 fix compiler warnings about unused variables 2023-05-23 12:30:32 +02:00
Victor Seva ae8e0a4472 fix typo in message, thanks to lintian 2023-05-02 16:27:49 +02:00
Gang Zhuo e9f9bcc748 Initialize text_outfile to NULL.
'device' and 'outfile' are initialized from 'settings' in the later code,
but 'text_outfile' is not initialized, which may lead to writing to an unknown file.
2023-03-10 09:05:30 +01:00
Kaian f39fa0b59b capture: validate frame has at least IP header before assembly #431 2023-03-03 12:51:36 +01:00
Kaian 038a658835 capture: properly validate capture length calculated from IP headers #430 2023-03-01 12:55:10 +01:00
Kaian e1d2b322ac core: stop running when ssh connection has lost #424 2023-02-24 11:08:11 +01:00
Kaian 6aa93f242e hep: disable HEP listen during offline capture mode 2023-02-24 10:29:50 +01:00
Sebastian Kupiecki b1cb6467df
Instant convert pcap to txt file (#427)
* add siplify command for saving pcap to txt file

* remove unnecessary printf and commented code

* Refactor siplify into text; minor changes according to pull request review
2023-02-14 10:51:40 +01:00
psykose 5977b92d65 ui: import strings.h and config.h
strings.h required for strncasecmp, fixes an implicit function
declaration

config.h needed for the actual configuration, it sets -D_GNU_SOURCE that
is needed for strsep.
2023-01-09 08:39:44 +01:00
Sean Bright b32c2b406d ui_save.c: Fix spelling of 'exists.' 2022-12-12 11:01:36 +01:00
Kaian b537a94d02 openssl: fix decrpyt for TLS_RSA_WITH_AES_256_GCM_SHA384 cipher #418 2022-11-22 11:52:32 +01:00
Kaian 8e30b39448 ui: fix raw payload new line print logic #410 2022-08-23 14:07:53 +02:00
Gerd v. Egidy 58b7601d17 Implement reading & writing of gzip compressed pcap files
libpcap doesn't directly support this, so this is implemented using the
Linux call fopencookie which rereoutes the read,write,seek,close functions.
*BSD seems to have something similar (funopen) which is not implemented in
this patch because I'm not familiar enough with BSD.

gzip detection for read is done by first directly opening the given file
like before. If this fails, we retry with gzip.

gzip detection for write is done by looking at the filename to write to.
If it ends in ".gz" we activate gzip compression.

This currently just works for the commandline option --output because only
there you get to set the filename suffix freely. To make this usable in
the curses gui, the save dialog would have to be extended to allow setting
a .pcap.gz filename extension.

gzip compression must be compiled in to be active. This is done with the
--with-zlib configure option.
2022-07-18 11:11:36 +02:00
Gerd v. Egidy c02f439d73 implement autoconf/automake support for libz and fopencookie usage 2022-07-11 20:40:03 +02:00
Gerd v. Egidy 6004df9dfd Do proper shutdown upon SIGTERM, SIGINT or SIGQUIT
Before this patch the process was just terminated by the default signal
handler. This could lead for example to incompletely written pcap files.
So proper shutdown like in this patch is always a good idea. But it becomes
mandadory when implementing more complex file I/O with buffering, for
example with gzip streaming.

To not conflict with the threading used in sngrep, the signal handler
just sets a atomic flag. This flag is then checked in one of the two
main loops (with/without curses UI).
2022-07-11 20:05:11 +02:00
Gerd v. Egidy 56c5e8eac1 show dialog count without rotation when using --no-interface
When using --no-interface without --quiet, a dialog counter
is shown and continously updated. Without this patch this
counter just shows the number of calls that are stored in RAM.
When rotation is used, it never shows more calls than the
rotation limit.

Since the --no-interface option is usually just used for
capturing, using it with a small number for rotation (down to 1)
is recommended to not waste RAM. This means the shown value
is useless.

This patch introduces the function sip_calls_count_unrotated() that
can be used to get the full number of calls since program start.
This is then used in the shown dialog count.
2022-07-08 08:59:33 +02:00
Gerd v. Egidy f5f379408f replace #elifdef with #elif defined()
The #elifdef preprocessor directive will only become available with the
upcoming C2x standard.

I do not think that using it already is a good idea, since support for
it is very sparse and no long-term-stable distro has support for it.
Also replacing it with "#elif defined()" doesn't really complicate the code.
2022-07-07 12:22:01 +02:00
Kaian 5dcce932cb hash: fix memory leak removing hash table entries #399 2022-07-05 13:40:47 +02:00
Kaian cac42deab5 pcre: add support for libpcre2
Fixes #383
2022-06-30 16:21:28 +02:00
Gerd v. Egidy a2b88f9b33 add SIGHUP signal handler to allow rotation of pcap dump files 2022-05-31 08:59:21 +02:00
Kaian 600511fd0d capture: add support for DLT_LINUX_SLL2 link type #402 2022-05-30 11:34:18 +02:00
Gerd v. Egidy f64df86647 fix recvfrom() call in capture_eep_receive_v*()
- the addrlen parameter must be filled with the size available for src_addr before
  calling recvfrom()
- the size of the src_addr isn't really known before calling recvfrom, it can be
  of different types. So use struct sockaddr_storage for it which is large enough
  to allow different actual address types
2022-05-09 16:40:17 +02:00
Kaian ffe39e7218 hep: free fake frame data after packet creation #399 2022-05-06 11:01:48 +02:00
Jarrod Baumann cc3342b652 [msg_get_attribute] check message element exists before strchr and null terminate value 2022-05-04 11:41:07 +02:00
Kaian 90d70b214d capture: check packet size after assembly #387 2022-05-02 10:29:03 +02:00
Kaian 429b60be48 capture: add capture thread function for offline pcap capture 2022-05-02 09:27:42 +02:00
Kaian 7ee20e58a8 capture: avoid pcap_breakloop for HEP capture threads 2022-05-02 09:23:37 +02:00
Kaian 0d48912646 hep: add support to command line dumper output #270 #396 2022-05-02 09:10:12 +02:00
Kaian cde88e7a4b capture: add support for custom capture functions threads 2022-05-02 09:08:49 +02:00
Fabrice Fontaine 4e1406ad0d src/capture_openssl.h: fix build with libressl >= 3.5.0
Fix the following build failure with libressl >= 3.5.0:

capture_openssl.c: In function 'P_hash':
capture_openssl.c:101:18: error: storage size of 'hm' isn't known
  101 |         HMAC_CTX hm;
      |                  ^~

Fixes:
 - http://autobuild.buildroot.org/results/f1e8cdb3ac35a30055ab79d41e6cc038e5339c37

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2022-05-02 08:40:08 +02:00
Kaian 3a63a0836c hep: support saving HEP packets to PCAP #270 2022-04-26 15:41:35 +02:00
TAKIFUJI Shigeo 74795ddc23 Implement IPv6 packet fragmentation reassembly 2022-03-28 12:14:25 +02:00
Ozzyboshi 8fc1e5c9a3 Check tls handshake and LS 1.0, 1.1 or 1.2 connections 2022-03-28 12:11:02 +02:00
FIRST_NAME LAST_NAME 7ed9942c85 panel: reoder panel and window deallocation during destroy #389 2022-02-07 11:21:10 +01:00
FIRST_NAME LAST_NAME 5673f9ef0e ui: add KDMQ method checkbox to filter screen
Fixes #384
2022-01-17 12:05:03 +01:00
FIRST_NAME LAST_NAME 2cf842c9dd settings: increase max setting value to 500 chars 2022-01-17 12:02:39 +01:00
Evgeny Khramtsov f1492d8e41 capture: add support for IP-IP tunnel 2021-12-22 11:09:12 +01:00
Sergei Trofimovich d2f1187ec6 always use "%s"-style format for printf()-style functions
`ncuses-6.3` added printf-style function attributes and now makes
it easier to catch cases when user input is used in palce of format
string when built with CFLAGS=-Werror=format-security:

    curses/ui_msg_diff.c: In function 'msg_diff_draw_message':
    curses/ui_msg_diff.c:190:5: error: format not a string literal and no format arguments [-Werror=format-security]
      190 |     mvwprintw(win, 0, 0, sip_get_msg_header(msg, header));
          |     ^~~~~~~~~

Let's wrap all the missing places with "%s" format.
2021-11-19 10:47:36 +01:00
FIRST_NAME LAST_NAME 35a978e80e cc: remove possible truncation in call flow ports using IPv6 2021-11-19 10:44:30 +01:00
FIRST_NAME LAST_NAME d69d940ddf cc: remove format warnings using size_t for length 2021-11-19 10:37:05 +01:00
FIRST_NAME LAST_NAME da6d4b917a cc: properly escape % character in stats panel
Fixes #381
2021-11-19 10:35:49 +01:00