1 /*
2 * Copyright (c) 2012 Jakub Zawadzki
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. The name of the author may not be used to endorse or promote
15 * products derived from this software without specific prior written
16 * permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31 #include <config.h>
32
33 #include <string.h>
34
35 #include <time.h>
36 #include <sys/time.h>
37
38 #include <dbus/dbus.h>
39
40 #include "pcap-int.h"
41 #include "pcap-dbus.h"
42
43 /*
44 * Private data for capturing on D-Bus.
45 */
46 struct pcap_dbus {
47 DBusConnection *conn;
48 u_int packets_read; /* count of packets read */
49 };
50
51 static int
dbus_read(pcap_t * handle,int max_packets _U_,pcap_handler callback,u_char * user)52 dbus_read(pcap_t *handle, int max_packets _U_, pcap_handler callback, u_char *user)
53 {
54 struct pcap_dbus *handlep = handle->priv;
55
56 struct pcap_pkthdr pkth;
57 DBusMessage *message;
58
59 char *raw_msg;
60 int raw_msg_len;
61
62 int count = 0;
63
64 message = dbus_connection_pop_message(handlep->conn);
65
66 while (!message) {
67 /* XXX handle->opt.timeout = timeout_ms; */
68 if (!dbus_connection_read_write(handlep->conn, 100)) {
69 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Connection closed");
70 return -1;
71 }
72
73 if (handle->break_loop) {
74 handle->break_loop = 0;
75 return -2;
76 }
77
78 message = dbus_connection_pop_message(handlep->conn);
79 }
80
81 if (dbus_message_is_signal(message, DBUS_INTERFACE_LOCAL, "Disconnected")) {
82 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Disconnected");
83 return -1;
84 }
85
86 if (dbus_message_marshal(message, &raw_msg, &raw_msg_len)) {
87 pkth.caplen = pkth.len = raw_msg_len;
88 /* pkth.caplen = min (payload_len, handle->snapshot); */
89
90 gettimeofday(&pkth.ts, NULL);
91 if (handle->fcode.bf_insns == NULL ||
92 pcapint_filter(handle->fcode.bf_insns, (u_char *)raw_msg, pkth.len, pkth.caplen)) {
93 handlep->packets_read++;
94 callback(user, &pkth, (u_char *)raw_msg);
95 count++;
96 }
97
98 dbus_free(raw_msg);
99 }
100 return count;
101 }
102
103 static int
dbus_write(pcap_t * handle,const void * buf,int size)104 dbus_write(pcap_t *handle, const void *buf, int size)
105 {
106 /* XXX, not tested */
107 struct pcap_dbus *handlep = handle->priv;
108
109 DBusError error = DBUS_ERROR_INIT;
110 DBusMessage *msg;
111
112 if (!(msg = dbus_message_demarshal(buf, size, &error))) {
113 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "dbus_message_demarshal() failed: %s", error.message);
114 dbus_error_free(&error);
115 return -1;
116 }
117
118 dbus_connection_send(handlep->conn, msg, NULL);
119 dbus_connection_flush(handlep->conn);
120
121 dbus_message_unref(msg);
122 return 0;
123 }
124
125 static int
dbus_stats(pcap_t * handle,struct pcap_stat * stats)126 dbus_stats(pcap_t *handle, struct pcap_stat *stats)
127 {
128 struct pcap_dbus *handlep = handle->priv;
129
130 stats->ps_recv = handlep->packets_read;
131 stats->ps_drop = 0;
132 stats->ps_ifdrop = 0;
133 return 0;
134 }
135
136 static void
dbus_cleanup(pcap_t * handle)137 dbus_cleanup(pcap_t *handle)
138 {
139 struct pcap_dbus *handlep = handle->priv;
140
141 dbus_connection_unref(handlep->conn);
142
143 pcapint_cleanup_live_common(handle);
144 }
145
146 /*
147 * We don't support non-blocking mode. I'm not sure what we'd
148 * do to support it and, given that we don't support select()/
149 * poll()/epoll_wait()/kevent() etc., it probably doesn't
150 * matter.
151 */
152 static int
dbus_getnonblock(pcap_t * p)153 dbus_getnonblock(pcap_t *p)
154 {
155 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
156 "Non-blocking mode isn't supported for capturing on D-Bus");
157 return (-1);
158 }
159
160 static int
dbus_setnonblock(pcap_t * p,int nonblock _U_)161 dbus_setnonblock(pcap_t *p, int nonblock _U_)
162 {
163 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
164 "Non-blocking mode isn't supported for capturing on D-Bus");
165 return (-1);
166 }
167
168 static int
dbus_activate(pcap_t * handle)169 dbus_activate(pcap_t *handle)
170 {
171 #define EAVESDROPPING_RULE "eavesdrop=true,"
172
173 static const char *rules[] = {
174 EAVESDROPPING_RULE "type='signal'",
175 EAVESDROPPING_RULE "type='method_call'",
176 EAVESDROPPING_RULE "type='method_return'",
177 EAVESDROPPING_RULE "type='error'",
178 };
179
180 #define N_RULES sizeof(rules)/sizeof(rules[0])
181
182 struct pcap_dbus *handlep = handle->priv;
183 const char *dev = handle->opt.device;
184
185 DBusError error = DBUS_ERROR_INIT;
186 u_int i;
187
188 if (strcmp(dev, "dbus-system") == 0) {
189 if (!(handlep->conn = dbus_bus_get(DBUS_BUS_SYSTEM, &error))) {
190 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to get system bus: %s", error.message);
191 dbus_error_free(&error);
192 return PCAP_ERROR;
193 }
194
195 } else if (strcmp(dev, "dbus-session") == 0) {
196 if (!(handlep->conn = dbus_bus_get(DBUS_BUS_SESSION, &error))) {
197 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to get session bus: %s", error.message);
198 dbus_error_free(&error);
199 return PCAP_ERROR;
200 }
201
202 } else if (strncmp(dev, "dbus://", 7) == 0) {
203 const char *addr = dev + 7;
204
205 if (!(handlep->conn = dbus_connection_open(addr, &error))) {
206 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to open connection to: %s: %s", addr, error.message);
207 dbus_error_free(&error);
208 return PCAP_ERROR;
209 }
210
211 if (!dbus_bus_register(handlep->conn, &error)) {
212 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to register bus %s: %s\n", addr, error.message);
213 dbus_error_free(&error);
214 return PCAP_ERROR;
215 }
216
217 } else {
218 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't get bus address from %s", handle->opt.device);
219 return PCAP_ERROR;
220 }
221
222 /* Initialize some components of the pcap structure. */
223 handle->bufsize = 0;
224 handle->offset = 0;
225 handle->linktype = DLT_DBUS;
226 handle->read_op = dbus_read;
227 handle->inject_op = dbus_write;
228 handle->setfilter_op = pcapint_install_bpf_program; /* XXX, later add support for dbus_bus_add_match() */
229 handle->setdirection_op = NULL;
230 handle->set_datalink_op = NULL; /* can't change data link type */
231 handle->getnonblock_op = dbus_getnonblock;
232 handle->setnonblock_op = dbus_setnonblock;
233 handle->stats_op = dbus_stats;
234 handle->cleanup_op = dbus_cleanup;
235
236 #ifndef _WIN32
237 /*
238 * Unfortunately, trying to do a select()/poll()/epoll_wait()/
239 * kevent()/etc. on a D-Bus connection isn't a simple
240 * case of "give me an FD on which to wait".
241 *
242 * Apparently, you have to register "add watch", "remove watch",
243 * and "toggle watch" functions with
244 * dbus_connection_set_watch_functions(),
245 * keep a *set* of FDs, add to that set in the "add watch"
246 * function, subtract from it in the "remove watch" function,
247 * and either add to or subtract from that set in the "toggle
248 * watch" function, and do the wait on *all* of the FDs in the
249 * set. (Yes, you need the "toggle watch" function, so that
250 * the main loop doesn't itself need to check for whether
251 * a given watch is enabled or disabled - most libpcap programs
252 * know nothing about D-Bus and shouldn't *have* to know anything
253 * about D-Bus other than how to decode D-Bus messages.)
254 *
255 * Implementing that would require considerable changes in
256 * the way libpcap exports "selectable FDs" to its client.
257 * Until that's done, we just say "you can't do that".
258 */
259 handle->selectable_fd = handle->fd = -1;
260 #endif
261
262 if (handle->opt.rfmon) {
263 /*
264 * Monitor mode doesn't apply to dbus connections.
265 */
266 dbus_cleanup(handle);
267 return PCAP_ERROR_RFMON_NOTSUP;
268 }
269
270 /*
271 * Turn a negative snapshot value (invalid), a snapshot value of
272 * 0 (unspecified), or a value bigger than the normal maximum
273 * value, into the maximum message length for D-Bus (128MB).
274 */
275 if (handle->snapshot <= 0 || handle->snapshot > 134217728)
276 handle->snapshot = 134217728;
277
278 /* dbus_connection_set_max_message_size(handlep->conn, handle->snapshot); */
279 if (handle->opt.buffer_size != 0)
280 dbus_connection_set_max_received_size(handlep->conn, handle->opt.buffer_size);
281
282 for (i = 0; i < N_RULES; i++) {
283 dbus_bus_add_match(handlep->conn, rules[i], &error);
284 if (dbus_error_is_set(&error)) {
285 dbus_error_free(&error);
286
287 /* try without eavesdrop */
288 dbus_bus_add_match(handlep->conn, rules[i] + strlen(EAVESDROPPING_RULE), &error);
289 if (dbus_error_is_set(&error)) {
290 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to add bus match: %s\n", error.message);
291 dbus_error_free(&error);
292 dbus_cleanup(handle);
293 return PCAP_ERROR;
294 }
295 }
296 }
297
298 return 0;
299 }
300
301 pcap_t *
dbus_create(const char * device,char * ebuf,int * is_ours)302 dbus_create(const char *device, char *ebuf, int *is_ours)
303 {
304 pcap_t *p;
305
306 if (strcmp(device, "dbus-system") &&
307 strcmp(device, "dbus-session") &&
308 strncmp(device, "dbus://", 7))
309 {
310 *is_ours = 0;
311 return NULL;
312 }
313
314 *is_ours = 1;
315 p = PCAP_CREATE_COMMON(ebuf, struct pcap_dbus);
316 if (p == NULL)
317 return (NULL);
318
319 p->activate_op = dbus_activate;
320 /*
321 * Set these up front, so that, even if our client tries
322 * to set non-blocking mode before we're activated, or
323 * query the state of non-blocking mode, they get an error,
324 * rather than having the non-blocking mode option set
325 * for use later.
326 */
327 p->getnonblock_op = dbus_getnonblock;
328 p->setnonblock_op = dbus_setnonblock;
329 return (p);
330 }
331
332 int
dbus_findalldevs(pcap_if_list_t * devlistp,char * err_str)333 dbus_findalldevs(pcap_if_list_t *devlistp, char *err_str)
334 {
335 /*
336 * The notion of "connected" vs. "disconnected" doesn't apply.
337 * XXX - what about the notions of "up" and "running"?
338 */
339 if (pcapint_add_dev(devlistp, "dbus-system",
340 PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE, "D-Bus system bus",
341 err_str) == NULL)
342 return -1;
343 if (pcapint_add_dev(devlistp, "dbus-session",
344 PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE, "D-Bus session bus",
345 err_str) == NULL)
346 return -1;
347 return 0;
348 }
349
350