1 /* $NetBSD: pcap-dbus.c,v 1.5 2018/09/03 15:26:43 christos Exp $ */
2
3 /*
4 * Copyright (c) 2012 Jakub Zawadzki
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote
17 * products derived from this software without specific prior written
18 * permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
23 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
24 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
25 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
26 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
30 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 */
32
33 #include <sys/cdefs.h>
34 __RCSID("$NetBSD: pcap-dbus.c,v 1.5 2018/09/03 15:26:43 christos Exp $");
35
36 #ifdef HAVE_CONFIG_H
37 #include <config.h>
38 #endif
39
40 #include <string.h>
41
42 #include <time.h>
43 #include <sys/time.h>
44
45 #include <dbus/dbus.h>
46
47 #include "pcap-int.h"
48 #include "pcap-dbus.h"
49
50 /*
51 * Private data for capturing on D-Bus.
52 */
53 struct pcap_dbus {
54 DBusConnection *conn;
55 u_int packets_read; /* count of packets read */
56 };
57
58 static int
dbus_read(pcap_t * handle,int max_packets _U_,pcap_handler callback,u_char * user)59 dbus_read(pcap_t *handle, int max_packets _U_, pcap_handler callback, u_char *user)
60 {
61 struct pcap_dbus *handlep = handle->priv;
62
63 struct pcap_pkthdr pkth;
64 DBusMessage *message;
65
66 char *raw_msg;
67 int raw_msg_len;
68
69 int count = 0;
70
71 message = dbus_connection_pop_message(handlep->conn);
72
73 while (!message) {
74 /* XXX handle->opt.timeout = timeout_ms; */
75 if (!dbus_connection_read_write(handlep->conn, 100)) {
76 pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Connection closed");
77 return -1;
78 }
79
80 if (handle->break_loop) {
81 handle->break_loop = 0;
82 return -2;
83 }
84
85 message = dbus_connection_pop_message(handlep->conn);
86 }
87
88 if (dbus_message_is_signal(message, DBUS_INTERFACE_LOCAL, "Disconnected")) {
89 pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Disconnected");
90 return -1;
91 }
92
93 if (dbus_message_marshal(message, &raw_msg, &raw_msg_len)) {
94 pkth.caplen = pkth.len = raw_msg_len;
95 /* pkth.caplen = min (payload_len, handle->snapshot); */
96
97 gettimeofday(&pkth.ts, NULL);
98 if (handle->fcode.bf_insns == NULL ||
99 bpf_filter(handle->fcode.bf_insns, (u_char *)raw_msg, pkth.len, pkth.caplen)) {
100 handlep->packets_read++;
101 callback(user, &pkth, (u_char *)raw_msg);
102 count++;
103 }
104
105 dbus_free(raw_msg);
106 }
107 return count;
108 }
109
110 static int
dbus_write(pcap_t * handle,const void * buf,size_t size)111 dbus_write(pcap_t *handle, const void *buf, size_t size)
112 {
113 /* XXX, not tested */
114 struct pcap_dbus *handlep = handle->priv;
115
116 DBusError error = DBUS_ERROR_INIT;
117 DBusMessage *msg;
118
119 if (!(msg = dbus_message_demarshal(buf, size, &error))) {
120 pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "dbus_message_demarshal() failed: %s", error.message);
121 dbus_error_free(&error);
122 return -1;
123 }
124
125 dbus_connection_send(handlep->conn, msg, NULL);
126 dbus_connection_flush(handlep->conn);
127
128 dbus_message_unref(msg);
129 return 0;
130 }
131
132 static int
dbus_stats(pcap_t * handle,struct pcap_stat * stats)133 dbus_stats(pcap_t *handle, struct pcap_stat *stats)
134 {
135 struct pcap_dbus *handlep = handle->priv;
136
137 stats->ps_recv = handlep->packets_read;
138 stats->ps_drop = 0;
139 stats->ps_ifdrop = 0;
140 return 0;
141 }
142
143 static void
dbus_cleanup(pcap_t * handle)144 dbus_cleanup(pcap_t *handle)
145 {
146 struct pcap_dbus *handlep = handle->priv;
147
148 dbus_connection_unref(handlep->conn);
149
150 pcap_cleanup_live_common(handle);
151 }
152
153 /*
154 * We don't support non-blocking mode. I'm not sure what we'd
155 * do to support it and, given that we don't support select()/
156 * poll()/epoll_wait()/kevent() etc., it probably doesn't
157 * matter.
158 */
159 static int
dbus_getnonblock(pcap_t * p)160 dbus_getnonblock(pcap_t *p)
161 {
162 pcap_snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
163 "Non-blocking mode isn't supported for capturing on D-Bus");
164 return (-1);
165 }
166
167 static int
dbus_setnonblock(pcap_t * p,int nonblock _U_)168 dbus_setnonblock(pcap_t *p, int nonblock _U_)
169 {
170 pcap_snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
171 "Non-blocking mode isn't supported for capturing on D-Bus");
172 return (-1);
173 }
174
175 static int
dbus_activate(pcap_t * handle)176 dbus_activate(pcap_t *handle)
177 {
178 #define EAVESDROPPING_RULE "eavesdrop=true,"
179
180 static const char *rules[] = {
181 EAVESDROPPING_RULE "type='signal'",
182 EAVESDROPPING_RULE "type='method_call'",
183 EAVESDROPPING_RULE "type='method_return'",
184 EAVESDROPPING_RULE "type='error'",
185 };
186
187 #define N_RULES sizeof(rules)/sizeof(rules[0])
188
189 struct pcap_dbus *handlep = handle->priv;
190 const char *dev = handle->opt.device;
191
192 DBusError error = DBUS_ERROR_INIT;
193 u_int i;
194
195 if (strcmp(dev, "dbus-system") == 0) {
196 if (!(handlep->conn = dbus_bus_get(DBUS_BUS_SYSTEM, &error))) {
197 pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to get system bus: %s", error.message);
198 dbus_error_free(&error);
199 return PCAP_ERROR;
200 }
201
202 } else if (strcmp(dev, "dbus-session") == 0) {
203 if (!(handlep->conn = dbus_bus_get(DBUS_BUS_SESSION, &error))) {
204 pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to get session bus: %s", error.message);
205 dbus_error_free(&error);
206 return PCAP_ERROR;
207 }
208
209 } else if (strncmp(dev, "dbus://", 7) == 0) {
210 const char *addr = dev + 7;
211
212 if (!(handlep->conn = dbus_connection_open(addr, &error))) {
213 pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to open connection to: %s: %s", addr, error.message);
214 dbus_error_free(&error);
215 return PCAP_ERROR;
216 }
217
218 if (!dbus_bus_register(handlep->conn, &error)) {
219 pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to register bus %s: %s\n", addr, error.message);
220 dbus_error_free(&error);
221 return PCAP_ERROR;
222 }
223
224 } else {
225 pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't get bus address from %s", handle->opt.device);
226 return PCAP_ERROR;
227 }
228
229 /* Initialize some components of the pcap structure. */
230 handle->bufsize = 0;
231 handle->offset = 0;
232 handle->linktype = DLT_DBUS;
233 handle->read_op = dbus_read;
234 handle->inject_op = dbus_write;
235 handle->setfilter_op = install_bpf_program; /* XXX, later add support for dbus_bus_add_match() */
236 handle->setdirection_op = NULL;
237 handle->set_datalink_op = NULL; /* can't change data link type */
238 handle->getnonblock_op = dbus_getnonblock;
239 handle->setnonblock_op = dbus_setnonblock;
240 handle->stats_op = dbus_stats;
241 handle->cleanup_op = dbus_cleanup;
242
243 #ifndef _WIN32
244 /*
245 * Unfortunately, trying to do a select()/poll()/epoll_wait()/
246 * kevent()/etc. on a D-Bus connection isn't a simple
247 * case of "give me an FD on which to wait".
248 *
249 * Apparently, you have to register "add watch", "remove watch",
250 * and "toggle watch" functions with
251 * dbus_connection_set_watch_functions(),
252 * keep a *set* of FDs, add to that set in the "add watch"
253 * function, subtract from it in the "remove watch" function,
254 * and either add to or subtract from that set in the "toggle
255 * watch" function, and do the wait on *all* of the FDs in the
256 * set. (Yes, you need the "toggle watch" function, so that
257 * the main loop doesn't itself need to check for whether
258 * a given watch is enabled or disabled - most libpcap programs
259 * know nothing about D-Bus and shouldn't *have* to know anything
260 * about D-Bus other than how to decode D-Bus messages.)
261 *
262 * Implementing that would require considerable changes in
263 * the way libpcap exports "selectable FDs" to its client.
264 * Until that's done, we just say "you can't do that".
265 */
266 handle->selectable_fd = handle->fd = -1;
267 #endif
268
269 if (handle->opt.rfmon) {
270 /*
271 * Monitor mode doesn't apply to dbus connections.
272 */
273 dbus_cleanup(handle);
274 return PCAP_ERROR_RFMON_NOTSUP;
275 }
276
277 /*
278 * Turn a negative snapshot value (invalid), a snapshot value of
279 * 0 (unspecified), or a value bigger than the normal maximum
280 * value, into the maximum message length for D-Bus (128MB).
281 */
282 if (handle->snapshot <= 0 || handle->snapshot > 134217728)
283 handle->snapshot = 134217728;
284
285 /* dbus_connection_set_max_message_size(handlep->conn, handle->snapshot); */
286 if (handle->opt.buffer_size != 0)
287 dbus_connection_set_max_received_size(handlep->conn, handle->opt.buffer_size);
288
289 for (i = 0; i < N_RULES; i++) {
290 dbus_bus_add_match(handlep->conn, rules[i], &error);
291 if (dbus_error_is_set(&error)) {
292 dbus_error_free(&error);
293
294 /* try without eavesdrop */
295 dbus_bus_add_match(handlep->conn, rules[i] + strlen(EAVESDROPPING_RULE), &error);
296 if (dbus_error_is_set(&error)) {
297 pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Failed to add bus match: %s\n", error.message);
298 dbus_error_free(&error);
299 dbus_cleanup(handle);
300 return PCAP_ERROR;
301 }
302 }
303 }
304
305 return 0;
306 }
307
308 pcap_t *
dbus_create(const char * device,char * ebuf,int * is_ours)309 dbus_create(const char *device, char *ebuf, int *is_ours)
310 {
311 pcap_t *p;
312
313 if (strcmp(device, "dbus-system") &&
314 strcmp(device, "dbus-session") &&
315 strncmp(device, "dbus://", 7))
316 {
317 *is_ours = 0;
318 return NULL;
319 }
320
321 *is_ours = 1;
322 p = pcap_create_common(ebuf, sizeof (struct pcap_dbus));
323 if (p == NULL)
324 return (NULL);
325
326 p->activate_op = dbus_activate;
327 /*
328 * Set these up front, so that, even if our client tries
329 * to set non-blocking mode before we're activated, or
330 * query the state of non-blocking mode, they get an error,
331 * rather than having the non-blocking mode option set
332 * for use later.
333 */
334 p->getnonblock_op = dbus_getnonblock;
335 p->setnonblock_op = dbus_setnonblock;
336 return (p);
337 }
338
339 int
dbus_findalldevs(pcap_if_list_t * devlistp,char * err_str)340 dbus_findalldevs(pcap_if_list_t *devlistp, char *err_str)
341 {
342 /*
343 * The notion of "connected" vs. "disconnected" doesn't apply.
344 * XXX - what about the notions of "up" and "running"?
345 */
346 if (add_dev(devlistp, "dbus-system",
347 PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE, "D-Bus system bus",
348 err_str) == NULL)
349 return -1;
350 if (add_dev(devlistp, "dbus-session",
351 PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE, "D-Bus session bus",
352 err_str) == NULL)
353 return -1;
354 return 0;
355 }
356
357