diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
commit | e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc (patch) | |
tree | 68cb5ef9081156392f1dd62a00c6ccc1451b93df /extcap/sshdump.c | |
parent | Initial commit. (diff) | |
download | wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.tar.xz wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.zip |
Adding upstream version 4.2.2.upstream/4.2.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'extcap/sshdump.c')
-rw-r--r-- | extcap/sshdump.c | 694 |
1 files changed, 694 insertions, 0 deletions
diff --git a/extcap/sshdump.c b/extcap/sshdump.c new file mode 100644 index 00000000..12864731 --- /dev/null +++ b/extcap/sshdump.c @@ -0,0 +1,694 @@ +/* sshdump.c + * sshdump is extcap tool used to capture data using a remote ssh host + * + * Copyright 2015, Dario Lombardo + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "config.h" +#define WS_LOG_DOMAIN "sshdump" + +#include <extcap/extcap-base.h> +#include <extcap/ssh-base.h> +#include <wsutil/interface.h> +#include <wsutil/file_util.h> +#include <wsutil/strtoi.h> +#include <wsutil/filesystem.h> +#include <wsutil/privileges.h> +#include <wsutil/please_report_bug.h> +#include <wsutil/wslog.h> + +#include <errno.h> +#include <string.h> +#include <fcntl.h> + +#include <cli_main.h> + +static char* sshdump_extcap_interface; +#ifdef _WIN32 +#define DEFAULT_SSHDUMP_EXTCAP_INTERFACE "sshdump.exe" +#else +#define DEFAULT_SSHDUMP_EXTCAP_INTERFACE "sshdump" +#endif + +#define SSHDUMP_VERSION_MAJOR "1" +#define SSHDUMP_VERSION_MINOR "2" +#define SSHDUMP_VERSION_RELEASE "0" + +#define SSH_READ_BLOCK_SIZE 256 + +enum { + EXTCAP_BASE_OPTIONS_ENUM, + OPT_HELP, + OPT_VERSION, + OPT_REMOTE_HOST, + OPT_REMOTE_PORT, + OPT_REMOTE_USERNAME, + OPT_REMOTE_PASSWORD, + OPT_REMOTE_INTERFACE, + OPT_REMOTE_CAPTURE_COMMAND_SELECT, + OPT_REMOTE_CAPTURE_COMMAND, + OPT_REMOTE_FILTER, + OPT_SSHKEY, + OPT_SSHKEY_PASSPHRASE, + OPT_PROXYCOMMAND, + OPT_REMOTE_COUNT, + OPT_REMOTE_SUDO, // Deprecated + OPT_REMOTE_PRIV, + OPT_REMOTE_PRIV_USER, + OPT_REMOTE_NOPROM +}; + +static struct ws_option longopts[] = { + EXTCAP_BASE_OPTIONS, + { "help", ws_no_argument, NULL, OPT_HELP}, + { "version", ws_no_argument, NULL, OPT_VERSION}, + SSH_BASE_OPTIONS, + { "remote-capture-command-select", ws_required_argument, NULL, OPT_REMOTE_CAPTURE_COMMAND_SELECT}, + { "remote-capture-command", ws_required_argument, NULL, OPT_REMOTE_CAPTURE_COMMAND}, + { "remote-sudo", ws_no_argument, NULL, OPT_REMOTE_SUDO }, // Deprecated + { "remote-priv", ws_required_argument, NULL, OPT_REMOTE_PRIV }, + { "remote-priv-user", ws_required_argument, NULL, OPT_REMOTE_PRIV_USER }, + { "remote-noprom", ws_no_argument, NULL, OPT_REMOTE_NOPROM }, + { 0, 0, 0, 0} +}; + +static char* interfaces_list_to_filter(GSList* if_list, unsigned int remote_port); + +static int ssh_loop_read(ssh_channel channel, FILE* fp) +{ + int nbytes; + int ret = EXIT_SUCCESS; + char buffer[SSH_READ_BLOCK_SIZE]; + + /* read from stdin until data are available */ + while (ssh_channel_is_open(channel) && !ssh_channel_is_eof(channel)) { + nbytes = ssh_channel_read(channel, buffer, SSH_READ_BLOCK_SIZE, 0); + if (nbytes < 0) { + ws_warning("Error reading from channel"); + goto end; + } + if (nbytes == 0) { + break; + } + if (fwrite(buffer, 1, nbytes, fp) != (unsigned)nbytes) { + ws_warning("Error writing to fifo"); + ret = EXIT_FAILURE; + goto end; + } + fflush(fp); + } + + /* read loop finished... maybe something wrong happened. Read from stderr */ + while (ssh_channel_is_open(channel) && !ssh_channel_is_eof(channel)) { + nbytes = ssh_channel_read(channel, buffer, SSH_READ_BLOCK_SIZE, 1); + if (nbytes < 0) { + ws_warning("Error reading from channel"); + goto end; + } + if (fwrite(buffer, 1, nbytes, stderr) != (unsigned)nbytes) { + ws_warning("Error writing to stderr"); + break; + } + } + +end: + if (ssh_channel_send_eof(channel) != SSH_OK) { + ws_warning("Error sending EOF in ssh channel"); + ret = EXIT_FAILURE; + } + return ret; +} + +static char* local_interfaces_to_filter(const uint16_t remote_port) +{ + GSList* interfaces = local_interfaces_to_list(); + char* filter = interfaces_list_to_filter(interfaces, remote_port); + g_slist_free_full(interfaces, g_free); + return filter; +} + +static ssh_channel run_ssh_command(ssh_session sshs, const char* capture_command_select, + const char* capture_command, const char* privilege, bool noprom, + const char* iface, const char* cfilter, const uint32_t count) +{ + char* cmdline = NULL; + ssh_channel channel; + char** ifaces_array = NULL; + int ifaces_array_num = 0; + GString *ifaces_string; + char *ifaces = NULL; + char* quoted_iface = NULL; + char* quoted_filter = NULL; + char* count_str = NULL; + unsigned int remote_port = 22; + + channel = ssh_channel_new(sshs); + if (!channel) { + ws_warning("Can't create channel"); + return NULL; + } + + if (ssh_channel_open_session(channel) != SSH_OK) { + ws_warning("Can't open session"); + ssh_channel_free(channel); + return NULL; + } + + ssh_options_get_port(sshs, &remote_port); + + if (capture_command_select == NULL || !g_strcmp0(capture_command_select, "other")) { + if (capture_command && *capture_command) { + cmdline = g_strdup(capture_command); + ws_debug("Remote capture command has disabled other options"); + } else { + capture_command_select = "tcpdump"; + } + } + + /* escape parameters to go save with the shell */ + if (!g_strcmp0(capture_command_select, "tcpdump")) { + quoted_iface = iface ? g_shell_quote(iface) : NULL; + quoted_filter = g_shell_quote(cfilter ? cfilter : ""); + if (count > 0) + count_str = ws_strdup_printf("-c %u", count); + + cmdline = ws_strdup_printf("%s tcpdump -U %s%s %s -w - %s %s", + privilege, + quoted_iface ? "-i " : "", + quoted_iface ? quoted_iface : "", + noprom ? "-p" : "", + count_str ? count_str : "", + quoted_filter); + } else if (!g_strcmp0(capture_command_select, "dumpcap")) { + if (iface) { + ifaces_array = g_strsplit(iface, " ", -1); + ifaces_string = g_string_new(NULL); + while (ifaces_array[ifaces_array_num]) + { + quoted_iface = g_shell_quote(ifaces_array[ifaces_array_num]); + g_string_append_printf(ifaces_string, "-i %s ", quoted_iface); + ifaces_array_num++; + } + ifaces = g_string_free(ifaces_string, false); + } + quoted_filter = g_shell_quote(cfilter ? cfilter : ""); + if (count > 0) + count_str = ws_strdup_printf("-c %u", count); + + cmdline = ws_strdup_printf("%s dumpcap %s %s -w - %s -f %s", + privilege, + noprom ? "-p" : "", + ifaces ? ifaces : "", + count_str ? count_str : "", + quoted_filter); + + g_free(ifaces); + g_strfreev(ifaces_array); + } + + ws_debug("Running: %s", cmdline); + if (ssh_channel_request_exec(channel, cmdline) != SSH_OK) { + ws_warning("Can't request exec"); + ssh_channel_close(channel); + ssh_channel_free(channel); + channel = NULL; + } + + g_free(quoted_iface); + g_free(quoted_filter); + g_free(cmdline); + g_free(count_str); + + return channel; +} + +static int ssh_open_remote_connection(const ssh_params_t* params, const char* iface, const char* cfilter, + const char* capture_command_select, const char* capture_command, const char* privilege, + bool noprom, const uint32_t count, const char* fifo) +{ + ssh_session sshs = NULL; + ssh_channel channel = NULL; + FILE* fp = stdout; + int ret = EXIT_FAILURE; + char* err_info = NULL; + + if (g_strcmp0(fifo, "-")) { + /* Open or create the output file */ + fp = fopen(fifo, "wb"); + if (fp == NULL) { + ws_warning("Error creating output file: %s (%s)", fifo, g_strerror(errno)); + return EXIT_FAILURE; + } + } + + sshs = create_ssh_connection(params, &err_info); + + if (!sshs) { + ws_warning("Error creating connection."); + goto cleanup; + } + + channel = run_ssh_command(sshs, capture_command_select, capture_command, privilege, noprom, iface, cfilter, count); + + if (!channel) { + ws_warning("Can't run ssh command."); + goto cleanup; + } + + /* read from channel and write into fp */ + if (ssh_loop_read(channel, fp) != EXIT_SUCCESS) { + ws_warning("Error in read loop."); + ret = EXIT_FAILURE; + goto cleanup; + } + + ret = EXIT_SUCCESS; +cleanup: + if (err_info) + ws_warning("%s", err_info); + g_free(err_info); + + /* clean up and exit */ + ssh_cleanup(&sshs, &channel); + + if (g_strcmp0(fifo, "-")) + fclose(fp); + return ret; +} + +static char* interfaces_list_to_filter(GSList* interfaces, unsigned int remote_port) +{ + GString* filter = g_string_new(NULL); + GSList* cur; + + // If no port is given, assume the default one. This might not be + // correct if the port is looked up from the ssh config file, but it is + // better than nothing. + if (remote_port == 0) { + remote_port = 22; + } + + if (!interfaces) { + g_string_append_printf(filter, "not port %u", remote_port); + } else { + g_string_append_printf(filter, "not ((host %s", (char*)interfaces->data); + cur = g_slist_next(interfaces); + while (cur) { + g_string_append_printf(filter, " or host %s", (char*)cur->data); + cur = g_slist_next(cur); + } + g_string_append_printf(filter, ") and port %u)", remote_port); + } + return g_string_free(filter, false); +} + +static int list_config(char *interface, unsigned int remote_port) +{ + unsigned inc = 0; + char* ipfilter; + + if (!interface) { + ws_warning("ERROR: No interface specified."); + return EXIT_FAILURE; + } + + if (g_strcmp0(interface, sshdump_extcap_interface)) { + ws_warning("ERROR: interface must be %s", sshdump_extcap_interface); + return EXIT_FAILURE; + } + + ipfilter = local_interfaces_to_filter(remote_port); + + printf("arg {number=%u}{call=--remote-host}{display=Remote SSH server address}" + "{type=string}{tooltip=The remote SSH host. It can be both " + "an IP address or a hostname}{required=true}{group=Server}\n", inc++); + printf("arg {number=%u}{call=--remote-port}{display=Remote SSH server port}" + "{type=unsigned}{default=22}{tooltip=The remote SSH host port (1-65535)}" + "{range=1,65535}{group=Server}\n", inc++); + printf("arg {number=%u}{call=--remote-username}{display=Remote SSH server username}" + "{type=string}{tooltip=The remote SSH username. If not provided, " + "the current user will be used}{group=Authentication}\n", inc++); + printf("arg {number=%u}{call=--remote-password}{display=Remote SSH server password}" + "{type=password}{tooltip=The SSH password, used when other methods (SSH agent " + "or key files) are unavailable.}{group=Authentication}\n", inc++); + printf("arg {number=%u}{call=--sshkey}{display=Path to SSH private key}" + "{type=fileselect}{tooltip=The path on the local filesystem of the private SSH key (OpenSSH format)}" + "{mustexist=true}{group=Authentication}\n", inc++); + printf("arg {number=%u}{call=--sshkey-passphrase}{display=SSH key passphrase}" + "{type=password}{tooltip=Passphrase to unlock the SSH private key}{group=Authentication}\n", + inc++); + printf("arg {number=%u}{call=--proxycommand}{display=ProxyCommand}" + "{type=string}{tooltip=The command to use as proxy for the SSH connection}" + "{group=Authentication}\n", inc++); + printf("arg {number=%u}{call=--remote-interface}{display=Remote interface}" + "{type=string}{tooltip=The remote network interface used for capture" + "}{group=Capture}\n", inc++); + printf("arg {number=%u}{call=--remote-capture-command-select}{display=Remote capture command selection}" + "{type=radio}{tooltip=The remote capture command to build a command line for}{group=Capture}\n", inc); + printf("value {arg=%u}{value=dumpcap}{display=dumpcap}\n", inc); + printf("value {arg=%u}{value=tcpdump}{display=tcpdump}{default=true}\n", inc); + printf("value {arg=%u}{value=other}{display=Other:}\n", inc++); + printf("arg {number=%u}{call=--remote-capture-command}{display=Remote capture command}" + "{type=string}{tooltip=The remote command used to capture}{group=Capture}\n", inc++); + // Deprecated + //printf("arg {number=%u}{call=--remote-sudo}{display=Use sudo on the remote machine}" + // "{type=boolflag}{tooltip=Prepend the capture command with sudo on the remote machine}" + // "{group=Capture}\n", inc++); + printf("arg {number=%u}{call=--remote-priv}{display=Gain capture privilege on the remote machine}" + "{type=radio}{tooltip=Optionally prepend the capture command with sudo or doas on the remote machine}" + "{group=Capture}\n", inc); + printf("value {arg=%u}{value=none}{display=none}{default=true}\n", inc); + printf("value {arg=%u}{value=sudo}{display=sudo}\n", inc); + printf("value {arg=%u}{value=doas -n}{display=doas}\n", inc++); + printf("arg {number=%u}{call=--remote-priv-user}{display=Privileged user name for sudo or doas}" + "{type=string}{tooltip=User name of privileged user to execute the capture command on the remote machine}" + "{group=Capture}\n", inc++); + printf("arg {number=%u}{call=--remote-noprom}{display=No promiscuous mode}" + "{type=boolflag}{tooltip=Don't use promiscuous mode on the remote machine}{group=Capture}" + "\n", inc++); + printf("arg {number=%u}{call=--remote-filter}{display=Remote capture filter}{type=string}" + "{tooltip=The remote capture filter}", inc++); + if (ipfilter) + printf("{default=%s}", ipfilter); + printf("{group=Capture}\n"); + printf("arg {number=%u}{call=--remote-count}{display=Packets to capture}" + "{type=unsigned}{default=0}{tooltip=The number of remote packets to capture. (Default: inf)}" + "{group=Capture}\n", inc++); + + extcap_config_debug(&inc); + + g_free(ipfilter); + + return EXIT_SUCCESS; +} + +static char* concat_filters(const char* extcap_filter, const char* remote_filter) +{ + if (!extcap_filter && remote_filter) + return g_strdup(remote_filter); + + if (!remote_filter && extcap_filter) + return g_strdup(extcap_filter); + + if (!remote_filter && !extcap_filter) + return NULL; + + return ws_strdup_printf("(%s) and (%s)", extcap_filter, remote_filter); +} + +int main(int argc, char *argv[]) +{ + char* err_msg; + int result; + int option_idx = 0; + ssh_params_t* ssh_params = ssh_params_new(); + char* remote_interface = NULL; + char* remote_capture_command_select = NULL; + char* remote_capture_command = NULL; + char* remote_filter = NULL; + uint32_t count = 0; + int ret = EXIT_FAILURE; + extcap_parameters* extcap_conf = g_new0(extcap_parameters, 1); + char* help_url; + char* help_header = NULL; + char* priv = NULL; + char* priv_user = NULL; + bool noprom = false; + char* interface_description = g_strdup("SSH remote capture"); + + /* Initialize log handler early so we can have proper logging during startup. */ + extcap_log_init("sshdump"); + + sshdump_extcap_interface = g_path_get_basename(argv[0]); + + /* + * Get credential information for later use. + */ + init_process_policies(); + + /* + * Attempt to get the pathname of the directory containing the + * executable file. + */ + err_msg = configuration_init(argv[0], NULL); + if (err_msg != NULL) { + ws_warning("Can't get pathname of directory containing the extcap program: %s.", + err_msg); + g_free(err_msg); + } + + help_url = data_file_url("sshdump.html"); + extcap_base_set_util_info(extcap_conf, argv[0], SSHDUMP_VERSION_MAJOR, SSHDUMP_VERSION_MINOR, + SSHDUMP_VERSION_RELEASE, help_url); + g_free(help_url); + add_libssh_info(extcap_conf); + if (g_strcmp0(sshdump_extcap_interface, DEFAULT_SSHDUMP_EXTCAP_INTERFACE)) { + char* temp = interface_description; + interface_description = ws_strdup_printf("%s, custom version", interface_description); + g_free(temp); + } + extcap_base_register_interface(extcap_conf, sshdump_extcap_interface, interface_description, 147, "Remote capture dependent DLT"); + g_free(interface_description); + + help_header = ws_strdup_printf( + " %s --extcap-interfaces\n" + " %s --extcap-interface=%s --extcap-dlts\n" + " %s --extcap-interface=%s --extcap-config\n" + " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 " + "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' " + "--fifo=FILENAME --capture\n", argv[0], argv[0], sshdump_extcap_interface, argv[0], + sshdump_extcap_interface, argv[0], sshdump_extcap_interface); + extcap_help_add_header(extcap_conf, help_header); + g_free(help_header); + extcap_help_add_option(extcap_conf, "--help", "print this help"); + extcap_help_add_option(extcap_conf, "--version", "print the version"); + extcap_help_add_option(extcap_conf, "--remote-host <host>", "the remote SSH host"); + extcap_help_add_option(extcap_conf, "--remote-port <port>", "the remote SSH port"); + extcap_help_add_option(extcap_conf, "--remote-username <username>", "the remote SSH username"); + extcap_help_add_option(extcap_conf, "--remote-password <password>", "the remote SSH password. If not specified, ssh-agent and ssh-key are used"); + extcap_help_add_option(extcap_conf, "--sshkey <private key path>", "the path of the SSH key (OpenSSH format)"); + extcap_help_add_option(extcap_conf, "--sshkey-passphrase <private key passphrase>", "the passphrase to unlock private SSH key"); + extcap_help_add_option(extcap_conf, "--proxycommand <proxy command>", "the command to use as proxy for the SSH connection"); + extcap_help_add_option(extcap_conf, "--remote-interface <iface>", "the remote capture interface"); + extcap_help_add_option(extcap_conf, "--remote-capture-command-select <selection>", "dumpcap, tcpdump or other remote capture command"); + extcap_help_add_option(extcap_conf, "--remote-capture-command <capture command>", "the remote capture command"); + //extcap_help_add_option(extcap_conf, "--remote-sudo", "use sudo on the remote machine to capture"); // Deprecated + extcap_help_add_option(extcap_conf, "--remote-priv <selection>", "none, sudo or doas"); + extcap_help_add_option(extcap_conf, "--remote-priv-user <username>", "privileged user name"); + extcap_help_add_option(extcap_conf, "--remote-noprom", "don't use promiscuous mode on the remote machine"); + extcap_help_add_option(extcap_conf, "--remote-filter <filter>", "a filter for remote capture (default: don't listen on local interfaces IPs)"); + extcap_help_add_option(extcap_conf, "--remote-count <count>", "the number of packets to capture"); + + ws_opterr = 0; + ws_optind = 0; + + if (argc == 1) { + extcap_help_print(extcap_conf); + goto end; + } + + while ((result = ws_getopt_long(argc, argv, ":", longopts, &option_idx)) != -1) { + + switch (result) { + + case OPT_HELP: + extcap_help_print(extcap_conf); + ret = EXIT_SUCCESS; + goto end; + + case OPT_VERSION: + extcap_version_print(extcap_conf); + ret = EXIT_SUCCESS; + goto end; + + case OPT_REMOTE_HOST: + g_free(ssh_params->host); + ssh_params->host = g_strdup(ws_optarg); + break; + + case OPT_REMOTE_PORT: + if (!ws_strtou16(ws_optarg, NULL, &ssh_params->port) || ssh_params->port == 0) { + ws_warning("Invalid port: %s", ws_optarg); + goto end; + } + break; + + case OPT_REMOTE_USERNAME: + g_free(ssh_params->username); + ssh_params->username = g_strdup(ws_optarg); + break; + + case OPT_REMOTE_PASSWORD: + g_free(ssh_params->password); + ssh_params->password = g_strdup(ws_optarg); + memset(ws_optarg, 'X', strlen(ws_optarg)); + break; + + case OPT_SSHKEY: + g_free(ssh_params->sshkey_path); + ssh_params->sshkey_path = g_strdup(ws_optarg); + break; + + case OPT_SSHKEY_PASSPHRASE: + g_free(ssh_params->sshkey_passphrase); + ssh_params->sshkey_passphrase = g_strdup(ws_optarg); + memset(ws_optarg, 'X', strlen(ws_optarg)); + break; + + case OPT_PROXYCOMMAND: + g_free(ssh_params->proxycommand); + ssh_params->proxycommand = g_strdup(ws_optarg); + break; + + case OPT_REMOTE_INTERFACE: + g_free(remote_interface); + remote_interface = g_strdup(ws_optarg); + break; + + case OPT_REMOTE_CAPTURE_COMMAND_SELECT: + g_free(remote_capture_command_select); + remote_capture_command_select = g_strdup(ws_optarg); + break; + + case OPT_REMOTE_CAPTURE_COMMAND: + g_free(remote_capture_command); + remote_capture_command = g_strdup(ws_optarg); + break; + + case OPT_REMOTE_SUDO: + // Deprecated + g_free(priv); + priv = g_strdup("sudo"); + break; + + case OPT_REMOTE_PRIV: + g_free(priv); + priv = g_strdup(ws_optarg); + break; + + case OPT_REMOTE_PRIV_USER: + g_free(priv_user); + priv_user = g_strdup(ws_optarg); + break; + + case OPT_REMOTE_FILTER: + g_free(remote_filter); + remote_filter = g_strdup(ws_optarg); + break; + + case OPT_REMOTE_COUNT: + if (!ws_strtou32(ws_optarg, NULL, &count)) { + ws_warning("Invalid value for count: %s", ws_optarg); + goto end; + } + break; + + case OPT_REMOTE_NOPROM: + noprom = true; + break; + + case ':': + /* missing option argument */ + ws_warning("Option '%s' requires an argument", argv[ws_optind - 1]); + break; + + default: + if (!extcap_base_parse_options(extcap_conf, result - EXTCAP_OPT_LIST_INTERFACES, ws_optarg)) { + ws_warning("Invalid option: %s", argv[ws_optind - 1]); + goto end; + } + } + } + + extcap_cmdline_debug(argv, argc); + + if (extcap_base_handle_interface(extcap_conf)) { + ret = EXIT_SUCCESS; + goto end; + } + + if (extcap_conf->show_config) { + ret = list_config(extcap_conf->interface, ssh_params->port); + goto end; + } + + err_msg = ws_init_sockets(); + if (err_msg != NULL) { + ws_warning("ERROR: %s", err_msg); + g_free(err_msg); + ws_warning("%s", please_report_bug()); + goto end; + } + + if (extcap_conf->capture) { + char* filter; + char* privilege; + + if (!ssh_params->host) { + ws_warning("Missing parameter: --remote-host"); + goto end; + } + + if ((priv) && g_strcmp0(priv, "none") && strlen(g_strstrip(priv))) { + if ((priv_user) && strlen(g_strstrip(priv_user))) + /* Both sudo and doas use the same command line option */ + privilege = g_strconcat(priv, " -u ", priv_user, NULL); + else + privilege = g_strdup(priv); + } else { + privilege = g_strdup(""); + } + + // This may result in the use of a different port number than was given in + // the default filter string, as presented in the config dialog. The default + // given is always using the default SSH port since there's no remote SSH port + // given on the command line to get the extcap arguments. + // However the remote SSH port used here is the one given on the command line + // when the capture us started, which is the indended one. + // And this is only happening when no remote filter is specified on the command + // line to start the capture. + if (remote_filter == NULL) + remote_filter = local_interfaces_to_filter(ssh_params->port); + filter = concat_filters(extcap_conf->capture_filter, remote_filter); + ssh_params->debug = extcap_conf->debug; + ret = ssh_open_remote_connection(ssh_params, remote_interface, + filter, remote_capture_command_select, remote_capture_command, + privilege, noprom, count, extcap_conf->fifo); + g_free(filter); + g_free(privilege); + } else { + ws_debug("You should not come here... maybe some parameter missing?"); + ret = EXIT_FAILURE; + } + +end: + /* clean up stuff */ + ssh_params_free(ssh_params); + g_free(remote_capture_command_select); + g_free(remote_capture_command); + g_free(remote_interface); + g_free(remote_filter); + g_free(priv); + g_free(priv_user); + extcap_base_cleanup(&extcap_conf); + return ret; +} + +/* + * Editor modelines - https://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 8 + * tab-width: 8 + * indent-tabs-mode: t + * End: + * + * vi: set shiftwidth=8 tabstop=8 noexpandtab: + * :indentSize=8:tabSize=8:noTabs=false: + */ |