1 /* 2 * Copyright (c) 1993, 1994, 1995, 1996, 1997 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that: (1) source code distributions 7 * retain the above copyright notice and this paragraph in its entirety, (2) 8 * distributions including binary code include the above copyright notice and 9 * this paragraph in its entirety in the documentation or other materials 10 * provided with the distribution, and (3) all advertising materials mentioning 11 * features or use of this software display the following acknowledgement: 12 * ``This product includes software developed by the University of California, 13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 14 * the University nor the names of its contributors may be used to endorse 15 * or promote products derived from this software without specific prior 16 * written permission. 17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 20 * 21 * This code contributed by Atanu Ghosh (atanu@cs.ucl.ac.uk), 22 * University College London, and subsequently modified by 23 * Guy Harris (guy@alum.mit.edu), Mark Pizzolato 24 * <List-tcpdump-workers@subscriptions.pizzolato.net>, 25 * Mark C. Brown (mbrown@hp.com), and Sagun Shakya <Sagun.Shakya@Sun.COM>. 26 */ 27 28 /* 29 * Packet capture routine for DLPI under SunOS 5, HP-UX 9/10/11, and AIX. 30 * 31 * Notes: 32 * 33 * - The DLIOCRAW ioctl() is specific to SunOS. 34 * 35 * - There is a bug in bufmod(7) such that setting the snapshot 36 * length results in data being left of the front of the packet. 37 * 38 * - It might be desirable to use pfmod(7) to filter packets in the 39 * kernel when possible. 40 * 41 * - An older version of the HP-UX DLPI Programmer's Guide, which 42 * I think was advertised as the 10.20 version, used to be available 43 * at 44 * 45 * http://docs.hp.com/hpux/onlinedocs/B2355-90093/B2355-90093.html 46 * 47 * but is no longer available; it can still be found at 48 * 49 * http://h21007.www2.hp.com/dspp/files/unprotected/Drivers/Docs/Refs/B2355-90093.pdf 50 * 51 * in PDF form. 52 * 53 * - The HP-UX 10.x, 11.0, and 11i v1.6 version of the HP-UX DLPI 54 * Programmer's Guide, which I think was once advertised as the 55 * 11.00 version is available at 56 * 57 * http://docs.hp.com/en/B2355-90139/index.html 58 * 59 * - The HP-UX 11i v2 version of the HP-UX DLPI Programmer's Guide 60 * is available at 61 * 62 * http://docs.hp.com/en/B2355-90871/index.html 63 * 64 * - All of the HP documents describe raw-mode services, which are 65 * what we use if DL_HP_RAWDLS is defined. XXX - we use __hpux 66 * in some places to test for HP-UX, but use DL_HP_RAWDLS in 67 * other places; do we support any versions of HP-UX without 68 * DL_HP_RAWDLS? 69 */ 70 71 #ifdef HAVE_CONFIG_H 72 #include <config.h> 73 #endif 74 75 #include <sys/types.h> 76 #include <sys/time.h> 77 #ifdef HAVE_SYS_BUFMOD_H 78 #include <sys/bufmod.h> 79 #endif 80 #include <sys/dlpi.h> 81 #ifdef HAVE_SYS_DLPI_EXT_H 82 #include <sys/dlpi_ext.h> 83 #endif 84 #ifdef HAVE_HPUX9 85 #include <sys/socket.h> 86 #endif 87 #ifdef DL_HP_PPA_REQ 88 #include <sys/stat.h> 89 #endif 90 #include <sys/stream.h> 91 #if defined(HAVE_SOLARIS) && defined(HAVE_SYS_BUFMOD_H) 92 #include <sys/systeminfo.h> 93 #endif 94 95 #ifdef HAVE_HPUX9 96 #include <net/if.h> 97 #endif 98 99 #include <ctype.h> 100 #ifdef HAVE_HPUX9 101 #include <nlist.h> 102 #endif 103 #include <errno.h> 104 #include <fcntl.h> 105 #include <memory.h> 106 #include <stdio.h> 107 #include <stdlib.h> 108 #include <string.h> 109 #include <stropts.h> 110 #include <unistd.h> 111 112 #ifdef HAVE_LIMITS_H 113 #include <limits.h> 114 #else 115 #define INT_MAX 2147483647 116 #endif 117 118 #include "pcap-int.h" 119 #include "dlpisubs.h" 120 121 #ifdef HAVE_OS_PROTO_H 122 #include "os-proto.h" 123 #endif 124 125 #if defined(__hpux) 126 /* 127 * HP-UX has a /dev/dlpi device; you open it and set the PPA of the actual 128 * network device you want. 129 */ 130 #define HAVE_DEV_DLPI 131 #elif defined(_AIX) 132 /* 133 * AIX has a /dev/dlpi directory, with devices named after the interfaces 134 * underneath it. 135 */ 136 #define PCAP_DEV_PREFIX "/dev/dlpi" 137 #elif defined(HAVE_SOLARIS) 138 /* 139 * Solaris has devices named after the interfaces underneath /dev. 140 */ 141 #define PCAP_DEV_PREFIX "/dev" 142 #endif 143 144 #define MAXDLBUF 8192 145 146 /* Forwards */ 147 static char *split_dname(char *, u_int *, char *); 148 static int dl_doattach(int, int, char *); 149 #ifdef DL_HP_RAWDLS 150 static int dl_dohpuxbind(int, char *); 151 #endif 152 static int dlpromiscon(pcap_t *, bpf_u_int32); 153 static int dlbindreq(int, bpf_u_int32, char *); 154 static int dlbindack(int, char *, char *, int *); 155 static int dlokack(int, const char *, char *, char *); 156 static int dlinforeq(int, char *); 157 static int dlinfoack(int, char *, char *); 158 159 #ifdef HAVE_DL_PASSIVE_REQ_T 160 static void dlpassive(int, char *); 161 #endif 162 163 #ifdef DL_HP_RAWDLS 164 static int dlrawdatareq(int, const u_char *, int); 165 #endif 166 static int recv_ack(int, int, const char *, char *, char *, int *); 167 static char *dlstrerror(char *, size_t, bpf_u_int32); 168 static char *dlprim(char *, size_t, bpf_u_int32); 169 #if defined(HAVE_SOLARIS) && defined(HAVE_SYS_BUFMOD_H) 170 #define GET_RELEASE_BUFSIZE 32 171 static void get_release(char *, size_t, bpf_u_int32 *, bpf_u_int32 *, 172 bpf_u_int32 *); 173 #endif 174 static int send_request(int, char *, int, char *, char *); 175 #ifdef HAVE_HPUX9 176 static int dlpi_kread(int, off_t, void *, u_int, char *); 177 #endif 178 #ifdef HAVE_DEV_DLPI 179 static int get_dlpi_ppa(int, const char *, u_int, u_int *, char *); 180 #endif 181 182 /* 183 * Cast a buffer to "union DL_primitives" without provoking warnings 184 * from the compiler. 185 */ 186 #define MAKE_DL_PRIMITIVES(ptr) ((union DL_primitives *)(void *)(ptr)) 187 188 static int 189 pcap_read_dlpi(pcap_t *p, int cnt, pcap_handler callback, u_char *user) 190 { 191 int cc; 192 u_char *bp; 193 int flags; 194 bpf_u_int32 ctlbuf[MAXDLBUF]; 195 struct strbuf ctl = { 196 MAXDLBUF, 197 0, 198 (char *)ctlbuf 199 }; 200 struct strbuf data; 201 202 flags = 0; 203 cc = p->cc; 204 if (cc == 0) { 205 data.buf = (char *)p->buffer + p->offset; 206 data.maxlen = p->bufsize; 207 data.len = 0; 208 do { 209 /* 210 * Has "pcap_breakloop()" been called? 211 */ 212 if (p->break_loop) { 213 /* 214 * Yes - clear the flag that indicates 215 * that it has, and return -2 to 216 * indicate that we were told to 217 * break out of the loop. 218 */ 219 p->break_loop = 0; 220 return (-2); 221 } 222 /* 223 * XXX - check for the DLPI primitive, which 224 * would be DL_HP_RAWDATA_IND on HP-UX 225 * if we're in raw mode? 226 */ 227 ctl.buf = (char *)ctlbuf; 228 ctl.maxlen = MAXDLBUF; 229 ctl.len = 0; 230 if (getmsg(p->fd, &ctl, &data, &flags) < 0) { 231 /* Don't choke when we get ptraced */ 232 switch (errno) { 233 234 case EINTR: 235 cc = 0; 236 continue; 237 238 case EAGAIN: 239 return (0); 240 } 241 pcap_fmt_errmsg_for_errno(p->errbuf, 242 sizeof(p->errbuf), errno, "getmsg"); 243 return (-1); 244 } 245 cc = data.len; 246 } while (cc == 0); 247 bp = (u_char *)p->buffer + p->offset; 248 } else 249 bp = p->bp; 250 251 return (pcap_process_pkts(p, callback, user, cnt, bp, cc)); 252 } 253 254 static int 255 pcap_inject_dlpi(pcap_t *p, const void *buf, size_t size) 256 { 257 #ifdef DL_HP_RAWDLS 258 struct pcap_dlpi *pd = p->priv; 259 #endif 260 int ret; 261 262 #if defined(DLIOCRAW) 263 ret = write(p->fd, buf, size); 264 if (ret == -1) { 265 pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE, 266 errno, "send"); 267 return (-1); 268 } 269 #elif defined(DL_HP_RAWDLS) 270 if (pd->send_fd < 0) { 271 pcap_snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 272 "send: Output FD couldn't be opened"); 273 return (-1); 274 } 275 ret = dlrawdatareq(pd->send_fd, buf, size); 276 if (ret == -1) { 277 pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE, 278 errno, "send"); 279 return (-1); 280 } 281 /* 282 * putmsg() returns either 0 or -1; it doesn't indicate how 283 * many bytes were written (presumably they were all written 284 * or none of them were written). OpenBSD's pcap_inject() 285 * returns the number of bytes written, so, for API compatibility, 286 * we return the number of bytes we were told to write. 287 */ 288 ret = size; 289 #else /* no raw mode */ 290 /* 291 * XXX - this is a pain, because you might have to extract 292 * the address from the packet and use it in a DL_UNITDATA_REQ 293 * request. That would be dependent on the link-layer type. 294 * 295 * I also don't know what SAP you'd have to bind the descriptor 296 * to, or whether you'd need separate "receive" and "send" FDs, 297 * nor do I know whether you'd need different bindings for 298 * D/I/X Ethernet and 802.3, or for {FDDI,Token Ring} plus 299 * 802.2 and {FDDI,Token Ring} plus 802.2 plus SNAP. 300 * 301 * So, for now, we just return a "you can't send" indication, 302 * and leave it up to somebody with a DLPI-based system lacking 303 * both DLIOCRAW and DL_HP_RAWDLS to supply code to implement 304 * packet transmission on that system. If they do, they should 305 * send it to us - but should not send us code that assumes 306 * Ethernet; if the code doesn't work on non-Ethernet interfaces, 307 * it should check "p->linktype" and reject the send request if 308 * it's anything other than DLT_EN10MB. 309 */ 310 pcap_strlcpy(p->errbuf, "send: Not supported on this version of this OS", 311 PCAP_ERRBUF_SIZE); 312 ret = -1; 313 #endif /* raw mode */ 314 return (ret); 315 } 316 317 #ifndef DL_IPATM 318 #define DL_IPATM 0x12 /* ATM Classical IP interface */ 319 #endif 320 321 #ifdef HAVE_SOLARIS 322 /* 323 * For SunATM. 324 */ 325 #ifndef A_GET_UNITS 326 #define A_GET_UNITS (('A'<<8)|118) 327 #endif /* A_GET_UNITS */ 328 #ifndef A_PROMISCON_REQ 329 #define A_PROMISCON_REQ (('A'<<8)|121) 330 #endif /* A_PROMISCON_REQ */ 331 #endif /* HAVE_SOLARIS */ 332 333 static void 334 pcap_cleanup_dlpi(pcap_t *p) 335 { 336 #ifdef DL_HP_RAWDLS 337 struct pcap_dlpi *pd = p->priv; 338 339 if (pd->send_fd >= 0) { 340 close(pd->send_fd); 341 pd->send_fd = -1; 342 } 343 #endif 344 pcap_cleanup_live_common(p); 345 } 346 347 static int 348 open_dlpi_device(const char *name, u_int *ppa, char *errbuf) 349 { 350 int status; 351 char dname[100]; 352 char *cp; 353 int fd; 354 #ifdef HAVE_DEV_DLPI 355 u_int unit; 356 #else 357 char dname2[100]; 358 #endif 359 360 #ifdef HAVE_DEV_DLPI 361 /* 362 ** Remove any "/dev/" on the front of the device. 363 */ 364 cp = strrchr(name, '/'); 365 if (cp == NULL) 366 pcap_strlcpy(dname, name, sizeof(dname)); 367 else 368 pcap_strlcpy(dname, cp + 1, sizeof(dname)); 369 370 /* 371 * Split the device name into a device type name and a unit number; 372 * chop off the unit number, so "dname" is just a device type name. 373 */ 374 cp = split_dname(dname, &unit, errbuf); 375 if (cp == NULL) 376 return (PCAP_ERROR_NO_SUCH_DEVICE); 377 *cp = '\0'; 378 379 /* 380 * Use "/dev/dlpi" as the device. 381 * 382 * XXX - HP's DLPI Programmer's Guide for HP-UX 11.00 says that 383 * the "dl_mjr_num" field is for the "major number of interface 384 * driver"; that's the major of "/dev/dlpi" on the system on 385 * which I tried this, but there may be DLPI devices that 386 * use a different driver, in which case we may need to 387 * search "/dev" for the appropriate device with that major 388 * device number, rather than hardwiring "/dev/dlpi". 389 */ 390 cp = "/dev/dlpi"; 391 if ((fd = open(cp, O_RDWR)) < 0) { 392 if (errno == EPERM || errno == EACCES) 393 status = PCAP_ERROR_PERM_DENIED; 394 else 395 status = PCAP_ERROR; 396 pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE, 397 errno, "%s", cp); 398 return (status); 399 } 400 401 /* 402 * Get a table of all PPAs for that device, and search that 403 * table for the specified device type name and unit number. 404 */ 405 status = get_dlpi_ppa(fd, dname, unit, ppa, errbuf); 406 if (status < 0) { 407 close(fd); 408 return (status); 409 } 410 #else 411 /* 412 * If the device name begins with "/", assume it begins with 413 * the pathname of the directory containing the device to open; 414 * otherwise, concatenate the device directory name and the 415 * device name. 416 */ 417 if (*name == '/') 418 pcap_strlcpy(dname, name, sizeof(dname)); 419 else 420 pcap_snprintf(dname, sizeof(dname), "%s/%s", PCAP_DEV_PREFIX, 421 name); 422 423 /* 424 * Get the unit number, and a pointer to the end of the device 425 * type name. 426 */ 427 cp = split_dname(dname, ppa, errbuf); 428 if (cp == NULL) 429 return (PCAP_ERROR_NO_SUCH_DEVICE); 430 431 /* 432 * Make a copy of the device pathname, and then remove the unit 433 * number from the device pathname. 434 */ 435 pcap_strlcpy(dname2, dname, sizeof(dname)); 436 *cp = '\0'; 437 438 /* Try device without unit number */ 439 if ((fd = open(dname, O_RDWR)) < 0) { 440 if (errno != ENOENT) { 441 if (errno == EPERM || errno == EACCES) 442 status = PCAP_ERROR_PERM_DENIED; 443 else 444 status = PCAP_ERROR; 445 pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE, 446 errno, "%s", dname); 447 return (status); 448 } 449 450 /* Try again with unit number */ 451 if ((fd = open(dname2, O_RDWR)) < 0) { 452 if (errno == ENOENT) { 453 status = PCAP_ERROR_NO_SUCH_DEVICE; 454 455 /* 456 * We provide an error message even 457 * for this error, for diagnostic 458 * purposes (so that, for example, 459 * the app can show the message if the 460 * user requests it). 461 * 462 * In it, we just report "No DLPI device 463 * found" with the device name, so people 464 * don't get confused and think, for example, 465 * that if they can't capture on "lo0" 466 * on Solaris prior to Solaris 11 the fix 467 * is to change libpcap (or the application 468 * that uses it) to look for something other 469 * than "/dev/lo0", as the fix is to use 470 * Solaris 11 or some operating system 471 * other than Solaris - you just *can't* 472 * capture on a loopback interface 473 * on Solaris prior to Solaris 11, the lack 474 * of a DLPI device for the loopback 475 * interface is just a symptom of that 476 * inability. 477 */ 478 pcap_snprintf(errbuf, PCAP_ERRBUF_SIZE, 479 "%s: No DLPI device found", name); 480 } else { 481 if (errno == EPERM || errno == EACCES) 482 status = PCAP_ERROR_PERM_DENIED; 483 else 484 status = PCAP_ERROR; 485 pcap_fmt_errmsg_for_errno(errbuf, 486 PCAP_ERRBUF_SIZE, errno, "%s", dname2); 487 } 488 return (status); 489 } 490 /* XXX Assume unit zero */ 491 *ppa = 0; 492 } 493 #endif 494 return (fd); 495 } 496 497 static int 498 pcap_activate_dlpi(pcap_t *p) 499 { 500 #ifdef DL_HP_RAWDLS 501 struct pcap_dlpi *pd = p->priv; 502 #endif 503 int status = 0; 504 int retv; 505 u_int ppa; 506 #ifdef HAVE_SOLARIS 507 int isatm = 0; 508 #endif 509 register dl_info_ack_t *infop; 510 #ifdef HAVE_SYS_BUFMOD_H 511 bpf_u_int32 ss; 512 #ifdef HAVE_SOLARIS 513 char release[GET_RELEASE_BUFSIZE]; 514 bpf_u_int32 osmajor, osminor, osmicro; 515 #endif 516 #endif 517 bpf_u_int32 buf[MAXDLBUF]; 518 519 p->fd = open_dlpi_device(p->opt.device, &ppa, p->errbuf); 520 if (p->fd < 0) { 521 status = p->fd; 522 goto bad; 523 } 524 525 #ifdef DL_HP_RAWDLS 526 /* 527 * XXX - HP-UX 10.20 and 11.xx don't appear to support sending and 528 * receiving packets on the same descriptor - you need separate 529 * descriptors for sending and receiving, bound to different SAPs. 530 * 531 * If the open fails, we just leave -1 in "pd->send_fd" and reject 532 * attempts to send packets, just as if, in pcap-bpf.c, we fail 533 * to open the BPF device for reading and writing, we just try 534 * to open it for reading only and, if that succeeds, just let 535 * the send attempts fail. 536 */ 537 pd->send_fd = open("/dev/dlpi", O_RDWR); 538 #endif 539 540 /* 541 ** Attach if "style 2" provider 542 */ 543 if (dlinforeq(p->fd, p->errbuf) < 0 || 544 dlinfoack(p->fd, (char *)buf, p->errbuf) < 0) { 545 status = PCAP_ERROR; 546 goto bad; 547 } 548 infop = &(MAKE_DL_PRIMITIVES(buf))->info_ack; 549 #ifdef HAVE_SOLARIS 550 if (infop->dl_mac_type == DL_IPATM) 551 isatm = 1; 552 #endif 553 if (infop->dl_provider_style == DL_STYLE2) { 554 retv = dl_doattach(p->fd, ppa, p->errbuf); 555 if (retv < 0) { 556 status = retv; 557 goto bad; 558 } 559 #ifdef DL_HP_RAWDLS 560 if (pd->send_fd >= 0) { 561 retv = dl_doattach(pd->send_fd, ppa, p->errbuf); 562 if (retv < 0) { 563 status = retv; 564 goto bad; 565 } 566 } 567 #endif 568 } 569 570 if (p->opt.rfmon) { 571 /* 572 * This device exists, but we don't support monitor mode 573 * any platforms that support DLPI. 574 */ 575 status = PCAP_ERROR_RFMON_NOTSUP; 576 goto bad; 577 } 578 579 #ifdef HAVE_DL_PASSIVE_REQ_T 580 /* 581 * Enable Passive mode to be able to capture on aggregated link. 582 * Not supported in all Solaris versions. 583 */ 584 dlpassive(p->fd, p->errbuf); 585 #endif 586 /* 587 ** Bind (defer if using HP-UX 9 or HP-UX 10.20 or later, totally 588 ** skip if using SINIX) 589 */ 590 #if !defined(HAVE_HPUX9) && !defined(HAVE_HPUX10_20_OR_LATER) && !defined(sinix) 591 #ifdef _AIX 592 /* 593 ** AIX. 594 ** According to IBM's AIX Support Line, the dl_sap value 595 ** should not be less than 0x600 (1536) for standard Ethernet. 596 ** However, we seem to get DL_BADADDR - "DLSAP addr in improper 597 ** format or invalid" - errors if we use 1537 on the "tr0" 598 ** device, which, given that its name starts with "tr" and that 599 ** it's IBM, probably means a Token Ring device. (Perhaps we 600 ** need to use 1537 on "/dev/dlpi/en" because that device is for 601 ** D/I/X Ethernet, the "SAP" is actually an Ethernet type, and 602 ** it rejects invalid Ethernet types.) 603 ** 604 ** So if 1537 fails, we try 2, as Hyung Sik Yoon of IBM Korea 605 ** says that works on Token Ring (he says that 0 does *not* 606 ** work; perhaps that's considered an invalid LLC SAP value - I 607 ** assume the SAP value in a DLPI bind is an LLC SAP for network 608 ** types that use 802.2 LLC). 609 */ 610 if ((dlbindreq(p->fd, 1537, p->errbuf) < 0 && 611 dlbindreq(p->fd, 2, p->errbuf) < 0) || 612 dlbindack(p->fd, (char *)buf, p->errbuf, NULL) < 0) { 613 status = PCAP_ERROR; 614 goto bad; 615 } 616 #elif defined(DL_HP_RAWDLS) 617 /* 618 ** HP-UX 10.0x and 10.1x. 619 */ 620 if (dl_dohpuxbind(p->fd, p->errbuf) < 0) { 621 status = PCAP_ERROR; 622 goto bad; 623 } 624 if (pd->send_fd >= 0) { 625 /* 626 ** XXX - if this fails, just close send_fd and 627 ** set it to -1, so that you can't send but can 628 ** still receive? 629 */ 630 if (dl_dohpuxbind(pd->send_fd, p->errbuf) < 0) { 631 status = PCAP_ERROR; 632 goto bad; 633 } 634 } 635 #else /* neither AIX nor HP-UX */ 636 /* 637 ** Not Sinix, and neither AIX nor HP-UX - Solaris, and any other 638 ** OS using DLPI. 639 **/ 640 if (dlbindreq(p->fd, 0, p->errbuf) < 0 || 641 dlbindack(p->fd, (char *)buf, p->errbuf, NULL) < 0) { 642 status = PCAP_ERROR; 643 goto bad; 644 } 645 #endif /* AIX vs. HP-UX vs. other */ 646 #endif /* !HP-UX 9 and !HP-UX 10.20 or later and !SINIX */ 647 648 /* 649 * Turn a negative snapshot value (invalid), a snapshot value of 650 * 0 (unspecified), or a value bigger than the normal maximum 651 * value, into the maximum allowed value. 652 * 653 * If some application really *needs* a bigger snapshot 654 * length, we should just increase MAXIMUM_SNAPLEN. 655 */ 656 if (p->snapshot <= 0 || p->snapshot > MAXIMUM_SNAPLEN) 657 p->snapshot = MAXIMUM_SNAPLEN; 658 659 #ifdef HAVE_SOLARIS 660 if (isatm) { 661 /* 662 ** Have to turn on some special ATM promiscuous mode 663 ** for SunATM. 664 ** Do *NOT* turn regular promiscuous mode on; it doesn't 665 ** help, and may break things. 666 */ 667 if (strioctl(p->fd, A_PROMISCON_REQ, 0, NULL) < 0) { 668 status = PCAP_ERROR; 669 pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE, 670 errno, "A_PROMISCON_REQ"); 671 goto bad; 672 } 673 } else 674 #endif 675 if (p->opt.promisc) { 676 /* 677 ** Enable promiscuous (not necessary on send FD) 678 */ 679 retv = dlpromiscon(p, DL_PROMISC_PHYS); 680 if (retv < 0) { 681 if (retv == PCAP_ERROR_PERM_DENIED) 682 status = PCAP_ERROR_PROMISC_PERM_DENIED; 683 else 684 status = retv; 685 goto bad; 686 } 687 688 /* 689 ** Try to enable multicast (you would have thought 690 ** promiscuous would be sufficient). (Skip if using 691 ** HP-UX or SINIX) (Not necessary on send FD) 692 */ 693 #if !defined(__hpux) && !defined(sinix) 694 retv = dlpromiscon(p, DL_PROMISC_MULTI); 695 if (retv < 0) 696 status = PCAP_WARNING; 697 #endif 698 } 699 /* 700 ** Try to enable SAP promiscuity (when not in promiscuous mode 701 ** when using HP-UX, when not doing SunATM on Solaris, and never 702 ** under SINIX) (Not necessary on send FD) 703 */ 704 #ifndef sinix 705 #if defined(__hpux) 706 /* HP-UX - only do this when not in promiscuous mode */ 707 if (!p->opt.promisc) { 708 #elif defined(HAVE_SOLARIS) 709 /* Solaris - don't do this on SunATM devices */ 710 if (!isatm) { 711 #else 712 /* Everything else (except for SINIX) - always do this */ 713 { 714 #endif 715 retv = dlpromiscon(p, DL_PROMISC_SAP); 716 if (retv < 0) { 717 if (p->opt.promisc) { 718 /* 719 * Not fatal, since the DL_PROMISC_PHYS mode 720 * worked. 721 * 722 * Report it as a warning, however. 723 */ 724 status = PCAP_WARNING; 725 } else { 726 /* 727 * Fatal. 728 */ 729 status = retv; 730 goto bad; 731 } 732 } 733 } 734 #endif /* sinix */ 735 736 /* 737 ** HP-UX 9, and HP-UX 10.20 or later, must bind after setting 738 ** promiscuous options. 739 */ 740 #if defined(HAVE_HPUX9) || defined(HAVE_HPUX10_20_OR_LATER) 741 if (dl_dohpuxbind(p->fd, p->errbuf) < 0) { 742 status = PCAP_ERROR; 743 goto bad; 744 } 745 /* 746 ** We don't set promiscuous mode on the send FD, but we'll defer 747 ** binding it anyway, just to keep the HP-UX 9/10.20 or later 748 ** code together. 749 */ 750 if (pd->send_fd >= 0) { 751 /* 752 ** XXX - if this fails, just close send_fd and 753 ** set it to -1, so that you can't send but can 754 ** still receive? 755 */ 756 if (dl_dohpuxbind(pd->send_fd, p->errbuf) < 0) { 757 status = PCAP_ERROR; 758 goto bad; 759 } 760 } 761 #endif 762 763 /* 764 ** Determine link type 765 ** XXX - get SAP length and address length as well, for use 766 ** when sending packets. 767 */ 768 if (dlinforeq(p->fd, p->errbuf) < 0 || 769 dlinfoack(p->fd, (char *)buf, p->errbuf) < 0) { 770 status = PCAP_ERROR; 771 goto bad; 772 } 773 774 infop = &(MAKE_DL_PRIMITIVES(buf))->info_ack; 775 if (pcap_process_mactype(p, infop->dl_mac_type) != 0) { 776 status = PCAP_ERROR; 777 goto bad; 778 } 779 780 #ifdef DLIOCRAW 781 /* 782 ** This is a non standard SunOS hack to get the full raw link-layer 783 ** header. 784 */ 785 if (strioctl(p->fd, DLIOCRAW, 0, NULL) < 0) { 786 status = PCAP_ERROR; 787 pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE, 788 errno, "DLIOCRAW"); 789 goto bad; 790 } 791 #endif 792 793 #ifdef HAVE_SYS_BUFMOD_H 794 ss = p->snapshot; 795 796 /* 797 ** There is a bug in bufmod(7). When dealing with messages of 798 ** less than snaplen size it strips data from the beginning not 799 ** the end. 800 ** 801 ** This bug is fixed in 5.3.2. Also, there is a patch available. 802 ** Ask for bugid 1149065. 803 */ 804 #ifdef HAVE_SOLARIS 805 get_release(release, sizeof (release), &osmajor, &osminor, &osmicro); 806 if (osmajor == 5 && (osminor <= 2 || (osminor == 3 && osmicro < 2)) && 807 getenv("BUFMOD_FIXED") == NULL) { 808 pcap_snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 809 "WARNING: bufmod is broken in SunOS %s; ignoring snaplen.", 810 release); 811 ss = 0; 812 status = PCAP_WARNING; 813 } 814 #endif 815 816 /* Push and configure bufmod. */ 817 if (pcap_conf_bufmod(p, ss) != 0) { 818 status = PCAP_ERROR; 819 goto bad; 820 } 821 #endif 822 823 /* 824 ** As the last operation flush the read side. 825 */ 826 if (ioctl(p->fd, I_FLUSH, FLUSHR) != 0) { 827 status = PCAP_ERROR; 828 pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE, 829 errno, "FLUSHR"); 830 goto bad; 831 } 832 833 /* Allocate data buffer. */ 834 if (pcap_alloc_databuf(p) != 0) { 835 status = PCAP_ERROR; 836 goto bad; 837 } 838 839 /* 840 * Success. 841 * 842 * "p->fd" is an FD for a STREAMS device, so "select()" and 843 * "poll()" should work on it. 844 */ 845 p->selectable_fd = p->fd; 846 847 p->read_op = pcap_read_dlpi; 848 p->inject_op = pcap_inject_dlpi; 849 p->setfilter_op = install_bpf_program; /* no kernel filtering */ 850 p->setdirection_op = NULL; /* Not implemented.*/ 851 p->set_datalink_op = NULL; /* can't change data link type */ 852 p->getnonblock_op = pcap_getnonblock_fd; 853 p->setnonblock_op = pcap_setnonblock_fd; 854 p->stats_op = pcap_stats_dlpi; 855 p->cleanup_op = pcap_cleanup_dlpi; 856 857 return (status); 858 bad: 859 pcap_cleanup_dlpi(p); 860 return (status); 861 } 862 863 /* 864 * Split a device name into a device type name and a unit number; 865 * return the a pointer to the beginning of the unit number, which 866 * is the end of the device type name, and set "*unitp" to the unit 867 * number. 868 * 869 * Returns NULL on error, and fills "ebuf" with an error message. 870 */ 871 static char * 872 split_dname(char *device, u_int *unitp, char *ebuf) 873 { 874 char *cp; 875 char *eos; 876 long unit; 877 878 /* 879 * Look for a number at the end of the device name string. 880 */ 881 cp = device + strlen(device) - 1; 882 if (*cp < '0' || *cp > '9') { 883 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s missing unit number", 884 device); 885 return (NULL); 886 } 887 888 /* Digits at end of string are unit number */ 889 while (cp-1 >= device && *(cp-1) >= '0' && *(cp-1) <= '9') 890 cp--; 891 892 errno = 0; 893 unit = strtol(cp, &eos, 10); 894 if (*eos != '\0') { 895 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s bad unit number", device); 896 return (NULL); 897 } 898 if (errno == ERANGE || unit > INT_MAX) { 899 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s unit number too large", 900 device); 901 return (NULL); 902 } 903 if (unit < 0) { 904 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s unit number is negative", 905 device); 906 return (NULL); 907 } 908 *unitp = (u_int)unit; 909 return (cp); 910 } 911 912 static int 913 dl_doattach(int fd, int ppa, char *ebuf) 914 { 915 dl_attach_req_t req; 916 bpf_u_int32 buf[MAXDLBUF]; 917 int err; 918 919 req.dl_primitive = DL_ATTACH_REQ; 920 req.dl_ppa = ppa; 921 if (send_request(fd, (char *)&req, sizeof(req), "attach", ebuf) < 0) 922 return (PCAP_ERROR); 923 924 err = dlokack(fd, "attach", (char *)buf, ebuf); 925 if (err < 0) 926 return (err); 927 return (0); 928 } 929 930 #ifdef DL_HP_RAWDLS 931 static int 932 dl_dohpuxbind(int fd, char *ebuf) 933 { 934 int hpsap; 935 int uerror; 936 bpf_u_int32 buf[MAXDLBUF]; 937 938 /* 939 * XXX - we start at 22 because we used to use only 22, but 940 * that was just because that was the value used in some 941 * sample code from HP. With what value *should* we start? 942 * Does it matter, given that we're enabling SAP promiscuity 943 * on the input FD? 944 */ 945 hpsap = 22; 946 for (;;) { 947 if (dlbindreq(fd, hpsap, ebuf) < 0) 948 return (-1); 949 if (dlbindack(fd, (char *)buf, ebuf, &uerror) >= 0) 950 break; 951 /* 952 * For any error other than a UNIX EBUSY, give up. 953 */ 954 if (uerror != EBUSY) { 955 /* 956 * dlbindack() has already filled in ebuf for 957 * this error. 958 */ 959 return (-1); 960 } 961 962 /* 963 * For EBUSY, try the next SAP value; that means that 964 * somebody else is using that SAP. Clear ebuf so 965 * that application doesn't report the "Device busy" 966 * error as a warning. 967 */ 968 *ebuf = '\0'; 969 hpsap++; 970 if (hpsap > 100) { 971 pcap_strlcpy(ebuf, 972 "All SAPs from 22 through 100 are in use", 973 PCAP_ERRBUF_SIZE); 974 return (-1); 975 } 976 } 977 return (0); 978 } 979 #endif 980 981 #define STRINGIFY(n) #n 982 983 static int 984 dlpromiscon(pcap_t *p, bpf_u_int32 level) 985 { 986 dl_promiscon_req_t req; 987 bpf_u_int32 buf[MAXDLBUF]; 988 int err; 989 990 req.dl_primitive = DL_PROMISCON_REQ; 991 req.dl_level = level; 992 if (send_request(p->fd, (char *)&req, sizeof(req), "promiscon", 993 p->errbuf) < 0) 994 return (PCAP_ERROR); 995 err = dlokack(p->fd, "promiscon" STRINGIFY(level), (char *)buf, 996 p->errbuf); 997 if (err < 0) 998 return (err); 999 return (0); 1000 } 1001 1002 /* 1003 * Not all interfaces are DLPI interfaces, and thus not all interfaces 1004 * can be opened with DLPI (for example, the loopback interface is not 1005 * a DLPI interface on Solaris prior to Solaris 11), so try to open 1006 * the specified interface; return 0 if we fail with PCAP_ERROR_NO_SUCH_DEVICE 1007 * and 1 otherwise. 1008 */ 1009 static int 1010 is_dlpi_interface(const char *name) 1011 { 1012 int fd; 1013 u_int ppa; 1014 char errbuf[PCAP_ERRBUF_SIZE]; 1015 1016 fd = open_dlpi_device(name, &ppa, errbuf); 1017 if (fd < 0) { 1018 /* 1019 * Error - was it PCAP_ERROR_NO_SUCH_DEVICE? 1020 */ 1021 if (fd == PCAP_ERROR_NO_SUCH_DEVICE) { 1022 /* 1023 * Yes, so we can't open this because it's 1024 * not a DLPI interface. 1025 */ 1026 return (0); 1027 } 1028 /* 1029 * No, so, in the case where there's a single DLPI 1030 * device for all interfaces of this type ("style 1031 * 2" providers?), we don't know whether it's a DLPI 1032 * interface or not, as we didn't try an attach. 1033 * Say it is a DLPI device, so that the user can at 1034 * least try to open it and report the error (which 1035 * is probably "you don't have permission to open that 1036 * DLPI device"; reporting those interfaces means 1037 * users will ask "why am I getting a permissions error 1038 * when I try to capture" rather than "why am I not 1039 * seeing any interfaces", making the underlying problem 1040 * clearer). 1041 */ 1042 return (1); 1043 } 1044 1045 /* 1046 * Success. 1047 */ 1048 close(fd); 1049 return (1); 1050 } 1051 1052 static int 1053 get_if_flags(const char *name _U_, bpf_u_int32 *flags _U_, char *errbuf _U_) 1054 { 1055 /* 1056 * Nothing we can do other than mark loopback devices as "the 1057 * connected/disconnected status doesn't apply". 1058 * 1059 * XXX - on Solaris, can we do what the dladm command does, 1060 * i.e. get a connected/disconnected indication from a kstat? 1061 * (Note that you can also get the link speed, and possibly 1062 * other information, from a kstat as well.) 1063 */ 1064 if (*flags & PCAP_IF_LOOPBACK) { 1065 /* 1066 * Loopback devices aren't wireless, and "connected"/ 1067 * "disconnected" doesn't apply to them. 1068 */ 1069 *flags |= PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE; 1070 return (0); 1071 } 1072 return (0); 1073 } 1074 1075 int 1076 pcap_platform_finddevs(pcap_if_list_t *devlistp, char *errbuf) 1077 { 1078 #ifdef HAVE_SOLARIS 1079 int fd; 1080 union { 1081 u_int nunits; 1082 char pad[516]; /* XXX - must be at least 513; is 516 1083 in "atmgetunits" */ 1084 } buf; 1085 char baname[2+1+1]; 1086 u_int i; 1087 #endif 1088 1089 /* 1090 * Get the list of regular interfaces first. 1091 */ 1092 if (pcap_findalldevs_interfaces(devlistp, errbuf, is_dlpi_interface, 1093 get_if_flags) == -1) 1094 return (-1); /* failure */ 1095 1096 #ifdef HAVE_SOLARIS 1097 /* 1098 * We may have to do special magic to get ATM devices. 1099 */ 1100 if ((fd = open("/dev/ba", O_RDWR)) < 0) { 1101 /* 1102 * We couldn't open the "ba" device. 1103 * For now, just give up; perhaps we should 1104 * return an error if the problem is neither 1105 * a "that device doesn't exist" error (ENOENT, 1106 * ENXIO, etc.) or a "you're not allowed to do 1107 * that" error (EPERM, EACCES). 1108 */ 1109 return (0); 1110 } 1111 1112 if (strioctl(fd, A_GET_UNITS, sizeof(buf), (char *)&buf) < 0) { 1113 pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE, 1114 errno, "A_GET_UNITS"); 1115 return (-1); 1116 } 1117 for (i = 0; i < buf.nunits; i++) { 1118 pcap_snprintf(baname, sizeof baname, "ba%u", i); 1119 /* 1120 * XXX - is there a notion of "up" and "running"? 1121 * And is there a way to determine whether the 1122 * interface is plugged into a network? 1123 */ 1124 if (add_dev(devlistp, baname, 0, NULL, errbuf) == NULL) 1125 return (-1); 1126 } 1127 #endif 1128 1129 return (0); 1130 } 1131 1132 static int 1133 send_request(int fd, char *ptr, int len, char *what, char *ebuf) 1134 { 1135 struct strbuf ctl; 1136 int flags; 1137 1138 ctl.maxlen = 0; 1139 ctl.len = len; 1140 ctl.buf = ptr; 1141 1142 flags = 0; 1143 if (putmsg(fd, &ctl, (struct strbuf *) NULL, flags) < 0) { 1144 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1145 errno, "send_request: putmsg \"%s\"", what); 1146 return (-1); 1147 } 1148 return (0); 1149 } 1150 1151 static int 1152 recv_ack(int fd, int size, const char *what, char *bufp, char *ebuf, int *uerror) 1153 { 1154 union DL_primitives *dlp; 1155 struct strbuf ctl; 1156 int flags; 1157 char errmsgbuf[PCAP_ERRBUF_SIZE]; 1158 char dlprimbuf[64]; 1159 1160 /* 1161 * Clear out "*uerror", so it's only set for DL_ERROR_ACK/DL_SYSERR, 1162 * making that the only place where EBUSY is treated specially. 1163 */ 1164 if (uerror != NULL) 1165 *uerror = 0; 1166 1167 ctl.maxlen = MAXDLBUF; 1168 ctl.len = 0; 1169 ctl.buf = bufp; 1170 1171 flags = 0; 1172 if (getmsg(fd, &ctl, (struct strbuf*)NULL, &flags) < 0) { 1173 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1174 errno, "recv_ack: %s getmsg", what); 1175 return (PCAP_ERROR); 1176 } 1177 1178 dlp = MAKE_DL_PRIMITIVES(ctl.buf); 1179 switch (dlp->dl_primitive) { 1180 1181 case DL_INFO_ACK: 1182 case DL_BIND_ACK: 1183 case DL_OK_ACK: 1184 #ifdef DL_HP_PPA_ACK 1185 case DL_HP_PPA_ACK: 1186 #endif 1187 /* These are OK */ 1188 break; 1189 1190 case DL_ERROR_ACK: 1191 switch (dlp->error_ack.dl_errno) { 1192 1193 case DL_SYSERR: 1194 if (uerror != NULL) 1195 *uerror = dlp->error_ack.dl_unix_errno; 1196 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1197 dlp->error_ack.dl_unix_errno, 1198 "recv_ack: %s: UNIX error", what); 1199 if (dlp->error_ack.dl_unix_errno == EPERM || 1200 dlp->error_ack.dl_unix_errno == EACCES) 1201 return (PCAP_ERROR_PERM_DENIED); 1202 break; 1203 1204 default: 1205 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1206 "recv_ack: %s: %s", what, 1207 dlstrerror(errmsgbuf, sizeof (errmsgbuf), dlp->error_ack.dl_errno)); 1208 if (dlp->error_ack.dl_errno == DL_BADPPA) 1209 return (PCAP_ERROR_NO_SUCH_DEVICE); 1210 else if (dlp->error_ack.dl_errno == DL_ACCESS) 1211 return (PCAP_ERROR_PERM_DENIED); 1212 break; 1213 } 1214 return (PCAP_ERROR); 1215 1216 default: 1217 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1218 "recv_ack: %s: Unexpected primitive ack %s", 1219 what, dlprim(dlprimbuf, sizeof (dlprimbuf), dlp->dl_primitive)); 1220 return (PCAP_ERROR); 1221 } 1222 1223 if (ctl.len < size) { 1224 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1225 "recv_ack: %s: Ack too small (%d < %d)", 1226 what, ctl.len, size); 1227 return (PCAP_ERROR); 1228 } 1229 return (ctl.len); 1230 } 1231 1232 static char * 1233 dlstrerror(char *errbuf, size_t errbufsize, bpf_u_int32 dl_errno) 1234 { 1235 switch (dl_errno) { 1236 1237 case DL_ACCESS: 1238 return ("Improper permissions for request"); 1239 1240 case DL_BADADDR: 1241 return ("DLSAP addr in improper format or invalid"); 1242 1243 case DL_BADCORR: 1244 return ("Seq number not from outstand DL_CONN_IND"); 1245 1246 case DL_BADDATA: 1247 return ("User data exceeded provider limit"); 1248 1249 case DL_BADPPA: 1250 #ifdef HAVE_DEV_DLPI 1251 /* 1252 * With a single "/dev/dlpi" device used for all 1253 * DLPI providers, PPAs have nothing to do with 1254 * unit numbers. 1255 */ 1256 return ("Specified PPA was invalid"); 1257 #else 1258 /* 1259 * We have separate devices for separate devices; 1260 * the PPA is just the unit number. 1261 */ 1262 return ("Specified PPA (device unit) was invalid"); 1263 #endif 1264 1265 case DL_BADPRIM: 1266 return ("Primitive received not known by provider"); 1267 1268 case DL_BADQOSPARAM: 1269 return ("QOS parameters contained invalid values"); 1270 1271 case DL_BADQOSTYPE: 1272 return ("QOS structure type is unknown/unsupported"); 1273 1274 case DL_BADSAP: 1275 return ("Bad LSAP selector"); 1276 1277 case DL_BADTOKEN: 1278 return ("Token used not an active stream"); 1279 1280 case DL_BOUND: 1281 return ("Attempted second bind with dl_max_conind"); 1282 1283 case DL_INITFAILED: 1284 return ("Physical link initialization failed"); 1285 1286 case DL_NOADDR: 1287 return ("Provider couldn't allocate alternate address"); 1288 1289 case DL_NOTINIT: 1290 return ("Physical link not initialized"); 1291 1292 case DL_OUTSTATE: 1293 return ("Primitive issued in improper state"); 1294 1295 case DL_SYSERR: 1296 return ("UNIX system error occurred"); 1297 1298 case DL_UNSUPPORTED: 1299 return ("Requested service not supplied by provider"); 1300 1301 case DL_UNDELIVERABLE: 1302 return ("Previous data unit could not be delivered"); 1303 1304 case DL_NOTSUPPORTED: 1305 return ("Primitive is known but not supported"); 1306 1307 case DL_TOOMANY: 1308 return ("Limit exceeded"); 1309 1310 case DL_NOTENAB: 1311 return ("Promiscuous mode not enabled"); 1312 1313 case DL_BUSY: 1314 return ("Other streams for PPA in post-attached"); 1315 1316 case DL_NOAUTO: 1317 return ("Automatic handling XID&TEST not supported"); 1318 1319 case DL_NOXIDAUTO: 1320 return ("Automatic handling of XID not supported"); 1321 1322 case DL_NOTESTAUTO: 1323 return ("Automatic handling of TEST not supported"); 1324 1325 case DL_XIDAUTO: 1326 return ("Automatic handling of XID response"); 1327 1328 case DL_TESTAUTO: 1329 return ("Automatic handling of TEST response"); 1330 1331 case DL_PENDING: 1332 return ("Pending outstanding connect indications"); 1333 1334 default: 1335 pcap_snprintf(errbuf, errbufsize, "Error %02x", dl_errno); 1336 return (errbuf); 1337 } 1338 } 1339 1340 static char * 1341 dlprim(char *primbuf, size_t primbufsize, bpf_u_int32 prim) 1342 { 1343 switch (prim) { 1344 1345 case DL_INFO_REQ: 1346 return ("DL_INFO_REQ"); 1347 1348 case DL_INFO_ACK: 1349 return ("DL_INFO_ACK"); 1350 1351 case DL_ATTACH_REQ: 1352 return ("DL_ATTACH_REQ"); 1353 1354 case DL_DETACH_REQ: 1355 return ("DL_DETACH_REQ"); 1356 1357 case DL_BIND_REQ: 1358 return ("DL_BIND_REQ"); 1359 1360 case DL_BIND_ACK: 1361 return ("DL_BIND_ACK"); 1362 1363 case DL_UNBIND_REQ: 1364 return ("DL_UNBIND_REQ"); 1365 1366 case DL_OK_ACK: 1367 return ("DL_OK_ACK"); 1368 1369 case DL_ERROR_ACK: 1370 return ("DL_ERROR_ACK"); 1371 1372 case DL_SUBS_BIND_REQ: 1373 return ("DL_SUBS_BIND_REQ"); 1374 1375 case DL_SUBS_BIND_ACK: 1376 return ("DL_SUBS_BIND_ACK"); 1377 1378 case DL_UNITDATA_REQ: 1379 return ("DL_UNITDATA_REQ"); 1380 1381 case DL_UNITDATA_IND: 1382 return ("DL_UNITDATA_IND"); 1383 1384 case DL_UDERROR_IND: 1385 return ("DL_UDERROR_IND"); 1386 1387 case DL_UDQOS_REQ: 1388 return ("DL_UDQOS_REQ"); 1389 1390 case DL_CONNECT_REQ: 1391 return ("DL_CONNECT_REQ"); 1392 1393 case DL_CONNECT_IND: 1394 return ("DL_CONNECT_IND"); 1395 1396 case DL_CONNECT_RES: 1397 return ("DL_CONNECT_RES"); 1398 1399 case DL_CONNECT_CON: 1400 return ("DL_CONNECT_CON"); 1401 1402 case DL_TOKEN_REQ: 1403 return ("DL_TOKEN_REQ"); 1404 1405 case DL_TOKEN_ACK: 1406 return ("DL_TOKEN_ACK"); 1407 1408 case DL_DISCONNECT_REQ: 1409 return ("DL_DISCONNECT_REQ"); 1410 1411 case DL_DISCONNECT_IND: 1412 return ("DL_DISCONNECT_IND"); 1413 1414 case DL_RESET_REQ: 1415 return ("DL_RESET_REQ"); 1416 1417 case DL_RESET_IND: 1418 return ("DL_RESET_IND"); 1419 1420 case DL_RESET_RES: 1421 return ("DL_RESET_RES"); 1422 1423 case DL_RESET_CON: 1424 return ("DL_RESET_CON"); 1425 1426 default: 1427 pcap_snprintf(primbuf, primbufsize, "unknown primitive 0x%x", 1428 prim); 1429 return (primbuf); 1430 } 1431 } 1432 1433 static int 1434 dlbindreq(int fd, bpf_u_int32 sap, char *ebuf) 1435 { 1436 1437 dl_bind_req_t req; 1438 1439 memset((char *)&req, 0, sizeof(req)); 1440 req.dl_primitive = DL_BIND_REQ; 1441 /* XXX - what if neither of these are defined? */ 1442 #if defined(DL_HP_RAWDLS) 1443 req.dl_max_conind = 1; /* XXX magic number */ 1444 req.dl_service_mode = DL_HP_RAWDLS; 1445 #elif defined(DL_CLDLS) 1446 req.dl_service_mode = DL_CLDLS; 1447 #endif 1448 req.dl_sap = sap; 1449 1450 return (send_request(fd, (char *)&req, sizeof(req), "bind", ebuf)); 1451 } 1452 1453 static int 1454 dlbindack(int fd, char *bufp, char *ebuf, int *uerror) 1455 { 1456 1457 return (recv_ack(fd, DL_BIND_ACK_SIZE, "bind", bufp, ebuf, uerror)); 1458 } 1459 1460 static int 1461 dlokack(int fd, const char *what, char *bufp, char *ebuf) 1462 { 1463 1464 return (recv_ack(fd, DL_OK_ACK_SIZE, what, bufp, ebuf, NULL)); 1465 } 1466 1467 1468 static int 1469 dlinforeq(int fd, char *ebuf) 1470 { 1471 dl_info_req_t req; 1472 1473 req.dl_primitive = DL_INFO_REQ; 1474 1475 return (send_request(fd, (char *)&req, sizeof(req), "info", ebuf)); 1476 } 1477 1478 static int 1479 dlinfoack(int fd, char *bufp, char *ebuf) 1480 { 1481 1482 return (recv_ack(fd, DL_INFO_ACK_SIZE, "info", bufp, ebuf, NULL)); 1483 } 1484 1485 #ifdef HAVE_DL_PASSIVE_REQ_T 1486 /* 1487 * Enable DLPI passive mode. We do not care if this request fails, as this 1488 * indicates the underlying DLPI device does not support link aggregation. 1489 */ 1490 static void 1491 dlpassive(int fd, char *ebuf) 1492 { 1493 dl_passive_req_t req; 1494 bpf_u_int32 buf[MAXDLBUF]; 1495 1496 req.dl_primitive = DL_PASSIVE_REQ; 1497 1498 if (send_request(fd, (char *)&req, sizeof(req), "dlpassive", ebuf) == 0) 1499 (void) dlokack(fd, "dlpassive", (char *)buf, ebuf); 1500 } 1501 #endif 1502 1503 #ifdef DL_HP_RAWDLS 1504 /* 1505 * There's an ack *if* there's an error. 1506 */ 1507 static int 1508 dlrawdatareq(int fd, const u_char *datap, int datalen) 1509 { 1510 struct strbuf ctl, data; 1511 long buf[MAXDLBUF]; /* XXX - char? */ 1512 union DL_primitives *dlp; 1513 int dlen; 1514 1515 dlp = MAKE_DL_PRIMITIVES(buf); 1516 1517 dlp->dl_primitive = DL_HP_RAWDATA_REQ; 1518 dlen = DL_HP_RAWDATA_REQ_SIZE; 1519 1520 /* 1521 * HP's documentation doesn't appear to show us supplying any 1522 * address pointed to by the control part of the message. 1523 * I think that's what raw mode means - you just send the raw 1524 * packet, you don't specify where to send it to, as that's 1525 * implied by the destination address. 1526 */ 1527 ctl.maxlen = 0; 1528 ctl.len = dlen; 1529 ctl.buf = (void *)buf; 1530 1531 data.maxlen = 0; 1532 data.len = datalen; 1533 data.buf = (void *)datap; 1534 1535 return (putmsg(fd, &ctl, &data, 0)); 1536 } 1537 #endif /* DL_HP_RAWDLS */ 1538 1539 #if defined(HAVE_SOLARIS) && defined(HAVE_SYS_BUFMOD_H) 1540 static void 1541 get_release(char *buf, size_t bufsize, bpf_u_int32 *majorp, 1542 bpf_u_int32 *minorp, bpf_u_int32 *microp) 1543 { 1544 char *cp; 1545 1546 *majorp = 0; 1547 *minorp = 0; 1548 *microp = 0; 1549 if (sysinfo(SI_RELEASE, buf, bufsize) < 0) { 1550 pcap_strlcpy(buf, "?", bufsize); 1551 return; 1552 } 1553 cp = buf; 1554 if (!isdigit((unsigned char)*cp)) 1555 return; 1556 *majorp = strtol(cp, &cp, 10); 1557 if (*cp++ != '.') 1558 return; 1559 *minorp = strtol(cp, &cp, 10); 1560 if (*cp++ != '.') 1561 return; 1562 *microp = strtol(cp, &cp, 10); 1563 } 1564 #endif 1565 1566 #ifdef DL_HP_PPA_REQ 1567 /* 1568 * Under HP-UX 10 and HP-UX 11, we can ask for the ppa 1569 */ 1570 1571 1572 /* 1573 * Determine ppa number that specifies ifname. 1574 * 1575 * If the "dl_hp_ppa_info_t" doesn't have a "dl_module_id_1" member, 1576 * the code that's used here is the old code for HP-UX 10.x. 1577 * 1578 * However, HP-UX 10.20, at least, appears to have such a member 1579 * in its "dl_hp_ppa_info_t" structure, so the new code is used. 1580 * The new code didn't work on an old 10.20 system on which Rick 1581 * Jones of HP tried it, but with later patches installed, it 1582 * worked - it appears that the older system had those members but 1583 * didn't put anything in them, so, if the search by name fails, we 1584 * do the old search. 1585 * 1586 * Rick suggests that making sure your system is "up on the latest 1587 * lancommon/DLPI/driver patches" is probably a good idea; it'd fix 1588 * that problem, as well as allowing libpcap to see packets sent 1589 * from the system on which the libpcap application is being run. 1590 * (On 10.20, in addition to getting the latest patches, you need 1591 * to turn the kernel "lanc_outbound_promisc_flag" flag on with ADB; 1592 * a posting to "comp.sys.hp.hpux" at 1593 * 1594 * http://www.deja.com/[ST_rn=ps]/getdoc.xp?AN=558092266 1595 * 1596 * says that, to see the machine's outgoing traffic, you'd need to 1597 * apply the right patches to your system, and also set that variable 1598 * with: 1599 1600 echo 'lanc_outbound_promisc_flag/W1' | /usr/bin/adb -w /stand/vmunix /dev/kmem 1601 1602 * which could be put in, for example, "/sbin/init.d/lan". 1603 * 1604 * Setting the variable is not necessary on HP-UX 11.x. 1605 */ 1606 static int 1607 get_dlpi_ppa(register int fd, register const char *device, register u_int unit, 1608 u_int *ppa, register char *ebuf) 1609 { 1610 register dl_hp_ppa_ack_t *ap; 1611 register dl_hp_ppa_info_t *ipstart, *ip; 1612 register u_int i; 1613 char dname[100]; 1614 register u_long majdev; 1615 struct stat statbuf; 1616 dl_hp_ppa_req_t req; 1617 char buf[MAXDLBUF]; 1618 char *ppa_data_buf; 1619 dl_hp_ppa_ack_t *dlp; 1620 struct strbuf ctl; 1621 int flags; 1622 1623 memset((char *)&req, 0, sizeof(req)); 1624 req.dl_primitive = DL_HP_PPA_REQ; 1625 1626 memset((char *)buf, 0, sizeof(buf)); 1627 if (send_request(fd, (char *)&req, sizeof(req), "hpppa", ebuf) < 0) 1628 return (PCAP_ERROR); 1629 1630 ctl.maxlen = DL_HP_PPA_ACK_SIZE; 1631 ctl.len = 0; 1632 ctl.buf = (char *)buf; 1633 1634 flags = 0; 1635 /* 1636 * DLPI may return a big chunk of data for a DL_HP_PPA_REQ. The normal 1637 * recv_ack will fail because it set the maxlen to MAXDLBUF (8192) 1638 * which is NOT big enough for a DL_HP_PPA_REQ. 1639 * 1640 * This causes libpcap applications to fail on a system with HP-APA 1641 * installed. 1642 * 1643 * To figure out how big the returned data is, we first call getmsg 1644 * to get the small head and peek at the head to get the actual data 1645 * length, and then issue another getmsg to get the actual PPA data. 1646 */ 1647 /* get the head first */ 1648 if (getmsg(fd, &ctl, (struct strbuf *)NULL, &flags) < 0) { 1649 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1650 errno, "get_dlpi_ppa: hpppa getmsg"); 1651 return (PCAP_ERROR); 1652 } 1653 if (ctl.len == -1) { 1654 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1655 "get_dlpi_ppa: hpppa getmsg: control buffer has no data"); 1656 return (PCAP_ERROR); 1657 } 1658 1659 dlp = (dl_hp_ppa_ack_t *)ctl.buf; 1660 if (dlp->dl_primitive != DL_HP_PPA_ACK) { 1661 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1662 "get_dlpi_ppa: hpppa unexpected primitive ack 0x%x", 1663 (bpf_u_int32)dlp->dl_primitive); 1664 return (PCAP_ERROR); 1665 } 1666 1667 if ((size_t)ctl.len < DL_HP_PPA_ACK_SIZE) { 1668 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1669 "get_dlpi_ppa: hpppa ack too small (%d < %lu)", 1670 ctl.len, (unsigned long)DL_HP_PPA_ACK_SIZE); 1671 return (PCAP_ERROR); 1672 } 1673 1674 /* allocate buffer */ 1675 if ((ppa_data_buf = (char *)malloc(dlp->dl_length)) == NULL) { 1676 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1677 errno, "get_dlpi_ppa: hpppa malloc"); 1678 return (PCAP_ERROR); 1679 } 1680 ctl.maxlen = dlp->dl_length; 1681 ctl.len = 0; 1682 ctl.buf = (char *)ppa_data_buf; 1683 /* get the data */ 1684 if (getmsg(fd, &ctl, (struct strbuf *)NULL, &flags) < 0) { 1685 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1686 errno, "get_dlpi_ppa: hpppa getmsg"); 1687 free(ppa_data_buf); 1688 return (PCAP_ERROR); 1689 } 1690 if (ctl.len == -1) { 1691 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1692 "get_dlpi_ppa: hpppa getmsg: control buffer has no data"); 1693 return (PCAP_ERROR); 1694 } 1695 if ((u_int)ctl.len < dlp->dl_length) { 1696 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1697 "get_dlpi_ppa: hpppa ack too small (%d < %lu)", 1698 ctl.len, (unsigned long)dlp->dl_length); 1699 free(ppa_data_buf); 1700 return (PCAP_ERROR); 1701 } 1702 1703 ap = (dl_hp_ppa_ack_t *)buf; 1704 ipstart = (dl_hp_ppa_info_t *)ppa_data_buf; 1705 ip = ipstart; 1706 1707 #ifdef HAVE_DL_HP_PPA_INFO_T_DL_MODULE_ID_1 1708 /* 1709 * The "dl_hp_ppa_info_t" structure has a "dl_module_id_1" 1710 * member that should, in theory, contain the part of the 1711 * name for the device that comes before the unit number, 1712 * and should also have a "dl_module_id_2" member that may 1713 * contain an alternate name (e.g., I think Ethernet devices 1714 * have both "lan", for "lanN", and "snap", for "snapN", with 1715 * the former being for Ethernet packets and the latter being 1716 * for 802.3/802.2 packets). 1717 * 1718 * Search for the device that has the specified name and 1719 * instance number. 1720 */ 1721 for (i = 0; i < ap->dl_count; i++) { 1722 if ((strcmp((const char *)ip->dl_module_id_1, device) == 0 || 1723 strcmp((const char *)ip->dl_module_id_2, device) == 0) && 1724 ip->dl_instance_num == unit) 1725 break; 1726 1727 ip = (dl_hp_ppa_info_t *)((u_char *)ipstart + ip->dl_next_offset); 1728 } 1729 #else 1730 /* 1731 * We don't have that member, so the search is impossible; make it 1732 * look as if the search failed. 1733 */ 1734 i = ap->dl_count; 1735 #endif 1736 1737 if (i == ap->dl_count) { 1738 /* 1739 * Well, we didn't, or can't, find the device by name. 1740 * 1741 * HP-UX 10.20, whilst it has "dl_module_id_1" and 1742 * "dl_module_id_2" fields in the "dl_hp_ppa_info_t", 1743 * doesn't seem to fill them in unless the system is 1744 * at a reasonably up-to-date patch level. 1745 * 1746 * Older HP-UX 10.x systems might not have those fields 1747 * at all. 1748 * 1749 * Therefore, we'll search for the entry with the major 1750 * device number of a device with the name "/dev/<dev><unit>", 1751 * if such a device exists, as the old code did. 1752 */ 1753 pcap_snprintf(dname, sizeof(dname), "/dev/%s%u", device, unit); 1754 if (stat(dname, &statbuf) < 0) { 1755 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1756 errno, "stat: %s", dname); 1757 return (PCAP_ERROR); 1758 } 1759 majdev = major(statbuf.st_rdev); 1760 1761 ip = ipstart; 1762 1763 for (i = 0; i < ap->dl_count; i++) { 1764 if (ip->dl_mjr_num == majdev && 1765 ip->dl_instance_num == unit) 1766 break; 1767 1768 ip = (dl_hp_ppa_info_t *)((u_char *)ipstart + ip->dl_next_offset); 1769 } 1770 } 1771 if (i == ap->dl_count) { 1772 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1773 "can't find /dev/dlpi PPA for %s%u", device, unit); 1774 return (PCAP_ERROR_NO_SUCH_DEVICE); 1775 } 1776 if (ip->dl_hdw_state == HDW_DEAD) { 1777 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1778 "%s%d: hardware state: DOWN\n", device, unit); 1779 free(ppa_data_buf); 1780 return (PCAP_ERROR); 1781 } 1782 *ppa = ip->dl_ppa; 1783 free(ppa_data_buf); 1784 return (0); 1785 } 1786 #endif 1787 1788 #ifdef HAVE_HPUX9 1789 /* 1790 * Under HP-UX 9, there is no good way to determine the ppa. 1791 * So punt and read it from /dev/kmem. 1792 */ 1793 static struct nlist nl[] = { 1794 #define NL_IFNET 0 1795 { "ifnet" }, 1796 { "" } 1797 }; 1798 1799 static char path_vmunix[] = "/hp-ux"; 1800 1801 /* Determine ppa number that specifies ifname */ 1802 static int 1803 get_dlpi_ppa(register int fd, register const char *ifname, register u_int unit, 1804 u_int *ppa, register char *ebuf) 1805 { 1806 register const char *cp; 1807 register int kd; 1808 void *addr; 1809 struct ifnet ifnet; 1810 char if_name[sizeof(ifnet.if_name) + 1]; 1811 1812 cp = strrchr(ifname, '/'); 1813 if (cp != NULL) 1814 ifname = cp + 1; 1815 if (nlist(path_vmunix, &nl) < 0) { 1816 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, "nlist %s failed", 1817 path_vmunix); 1818 return (PCAP_ERROR); 1819 } 1820 if (nl[NL_IFNET].n_value == 0) { 1821 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, 1822 "could't find %s kernel symbol", 1823 nl[NL_IFNET].n_name); 1824 return (PCAP_ERROR); 1825 } 1826 kd = open("/dev/kmem", O_RDONLY); 1827 if (kd < 0) { 1828 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1829 errno, "kmem open"); 1830 return (PCAP_ERROR); 1831 } 1832 if (dlpi_kread(kd, nl[NL_IFNET].n_value, 1833 &addr, sizeof(addr), ebuf) < 0) { 1834 close(kd); 1835 return (PCAP_ERROR); 1836 } 1837 for (; addr != NULL; addr = ifnet.if_next) { 1838 if (dlpi_kread(kd, (off_t)addr, 1839 &ifnet, sizeof(ifnet), ebuf) < 0 || 1840 dlpi_kread(kd, (off_t)ifnet.if_name, 1841 if_name, sizeof(ifnet.if_name), ebuf) < 0) { 1842 (void)close(kd); 1843 return (PCAP_ERROR); 1844 } 1845 if_name[sizeof(ifnet.if_name)] = '\0'; 1846 if (strcmp(if_name, ifname) == 0 && ifnet.if_unit == unit) { 1847 *ppa = ifnet.if_index; 1848 return (0); 1849 } 1850 } 1851 1852 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, "Can't find %s", ifname); 1853 return (PCAP_ERROR_NO_SUCH_DEVICE); 1854 } 1855 1856 static int 1857 dlpi_kread(register int fd, register off_t addr, 1858 register void *buf, register u_int len, register char *ebuf) 1859 { 1860 register int cc; 1861 1862 if (lseek(fd, addr, SEEK_SET) < 0) { 1863 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1864 errno, "lseek"); 1865 return (-1); 1866 } 1867 cc = read(fd, buf, len); 1868 if (cc < 0) { 1869 pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, 1870 errno, "read"); 1871 return (-1); 1872 } else if (cc != len) { 1873 pcap_snprintf(ebuf, PCAP_ERRBUF_SIZE, "short read (%d != %d)", cc, 1874 len); 1875 return (-1); 1876 } 1877 return (cc); 1878 } 1879 #endif 1880 1881 pcap_t * 1882 pcap_create_interface(const char *device _U_, char *ebuf) 1883 { 1884 pcap_t *p; 1885 #ifdef DL_HP_RAWDLS 1886 struct pcap_dlpi *pd; 1887 #endif 1888 1889 p = pcap_create_common(ebuf, sizeof (struct pcap_dlpi)); 1890 if (p == NULL) 1891 return (NULL); 1892 1893 #ifdef DL_HP_RAWDLS 1894 pd = p->priv; 1895 pd->send_fd = -1; /* it hasn't been opened yet */ 1896 #endif 1897 1898 p->activate_op = pcap_activate_dlpi; 1899 return (p); 1900 } 1901 1902 /* 1903 * Libpcap version string. 1904 */ 1905 const char * 1906 pcap_lib_version(void) 1907 { 1908 return (PCAP_VERSION_STRING); 1909 } 1910