Get rid of support for libpcap prior to 1.0.

This lets us remove a bunch of configure-time and compile-time tests.

Update documentation to reflect this.

WinPcap 4.1.3 is based on libpcap 1.0, but doesn't export all of the new
APIs, so it won't work with code that uses any of the other APIs, which
tcpdump does, so don't test with WinPcap.

Author: guyharris

.appveyor.yml

@@ -10,45 +10,23 @@ matrix:
   fast_finish: true
 
 install:
-  - appveyor DownloadFile https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip
-  - 7z x .\WpdPack_4_1_2.zip -oc:\projects\libpcap\Win32
   - appveyor DownloadFile https://npcap.com/dist/npcap-sdk-1.12.zip
   - 7z x .\npcap-sdk-1.12.zip -oc:\projects\libpcap\Win32\npcap-sdk-1.12
 
 environment:
   matrix:
-    - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2015
-      GENERATOR: "Visual Studio 14 2015"
-      SDK: WpdPack
-    - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2015
-      GENERATOR: "Visual Studio 14 2015 Win64"
-      SDK: WpdPack
     - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2015
       GENERATOR: "Visual Studio 14 2015"
       SDK: npcap-sdk-1.12
     - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2015
       GENERATOR: "Visual Studio 14 2015 Win64"
       SDK: npcap-sdk-1.12
-    - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017
-      GENERATOR: "Visual Studio 15 2017"
-      SDK: WpdPack
-    - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017
-      GENERATOR: "Visual Studio 15 2017 Win64"
-      SDK: WpdPack
     - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017
       GENERATOR: "Visual Studio 15 2017"
       SDK: npcap-sdk-1.12
     - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017
       GENERATOR: "Visual Studio 15 2017 Win64"
       SDK: npcap-sdk-1.12
-    - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019
-      GENERATOR: "Visual Studio 16 2019"
-      PLATFORM: Win32
-      SDK: WpdPack
-    - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019
-      GENERATOR: "Visual Studio 16 2019"
-      PLATFORM: x64
-      SDK: WpdPack
     - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019
       GENERATOR: "Visual Studio 16 2019"
       PLATFORM: Win32
@@ -57,14 +35,6 @@ environment:
       GENERATOR: "Visual Studio 16 2019"
       PLATFORM: x64
       SDK: npcap-sdk-1.12
-    - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2022
-      GENERATOR: "Visual Studio 17 2022"
-      PLATFORM: Win32
-      SDK: WpdPack
-    - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2022
-      GENERATOR: "Visual Studio 17 2022"
-      PLATFORM: x64
-      SDK: WpdPack
     - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2022
       GENERATOR: "Visual Studio 17 2022"
       PLATFORM: Win32

CHANGES

@@ -33,6 +33,8 @@ DayOfTheWeek, Month DD, YYYY / The Tcpdump Group
       Add --print-sampling to print every Nth packet instead of all.
       Add --lengths option to print the captured and original packet lengths.
     Source code:
+      Drop support for building with versions of libpcap that don't
+        support all the libpcap 1.0 APIs.
       Use %zu when printing a sizeof to squelch compiler warnings
       Remove unused missing/snprintf.c.
       Remove unused missing/strdup.c.

CMakeLists.txt

@@ -658,113 +658,62 @@ set(CMAKE_REQUIRED_INCLUDES ${PCAP_INCLUDE_DIRS})
 #
 check_include_file(pcap/pcap-inttypes.h HAVE_PCAP_PCAP_INTTYPES_H)
 
-#
-# At compile time HAVE_PCAP_FINDALLDEVS depends on HAVE_PCAP_IF_T.
-#
-cmake_push_check_state()
-set(CMAKE_EXTRA_INCLUDE_FILES pcap.h)
-check_type_size(pcap_if_t PCAP_IF_T)
-cmake_pop_check_state()
-
 #
 # Check for various functions in libpcap/WinPcap/Npcap.
 #
 cmake_push_check_state()
 set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARIES})
 
 #
-# Check for "pcap_list_datalinks()" and use a substitute version if
-# it's not present.  If it is present, check for "pcap_free_datalinks()";
-# if it's not present, we don't replace it for now.  (We could do so
-# on UN*X, but not on Windows, where hilarity ensues if a program
-# built with one version of the MSVC support library tries to free
-# something allocated by a library built with another version of
-# the MSVC support library.)
-#
-check_function_exists(pcap_list_datalinks HAVE_PCAP_LIST_DATALINKS)
-if(HAVE_PCAP_LIST_DATALINKS)
-    check_function_exists(pcap_free_datalinks HAVE_PCAP_FREE_DATALINKS)
-endif(HAVE_PCAP_LIST_DATALINKS)
-
+# Do we have the new open API?  Check for pcap_create() and for
+# pcap_statustostr(), and assume that, if we have both of them,
+# we also have pcap_activate() and the other new routines
+# introduced in libpcap 1.0.
 #
-# Check for "pcap_datalink_name_to_val()", and use a substitute
-# version if it's not present.  If it is present, check for
-# "pcap_datalink_val_to_description()", and if we don't have it,
-# use a substitute version.
+# We require those routines, so fail if we don't find it.
 #
-check_function_exists(pcap_datalink_name_to_val HAVE_PCAP_DATALINK_NAME_TO_VAL)
-if(HAVE_PCAP_DATALINK_NAME_TO_VAL)
-    check_function_exists(pcap_datalink_val_to_description HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION)
-endif(HAVE_PCAP_DATALINK_NAME_TO_VAL)
+check_function_exists(pcap_create HAVE_PCAP_CREATE)
+if(NOT HAVE_PCAP_CREATE)
+    if(WIN32)
+        MESSAGE(FATAL_ERROR "libpcap is too old; 1.0 or later is required")
+    else(WIN32)
+        MESSAGE(FATAL_ERROR "libpcap is too old; 1.0 or later is required - if you're using WinPcap, try Npcap")
+    endif(WIN32)
+endif(NOT HAVE_PCAP_CREATE)
 
-#
-# Check for "pcap_set_datalink()"; you can't substitute for it if
-# it's absent (it has hooks into libpcap), so just define the
-# HAVE_ value if it's there.
-#
-check_function_exists(pcap_set_datalink HAVE_PCAP_SET_DATALINK)
+if(WIN32)
+    #
+    # We check for pcap_statustostr() as well, because WinPcap 4.1.3
+    # screwed up and exported pcap_create() but not other routines
+    # such as pcap_statustostr(), even though it defined them and
+    #  even though you really want pcap_statustostr() to get strings
+    # corresponding to some of the status returns from the new routines.)
+    #
+    check_function_exists(pcap_statustostr HAVE_PCAP_STATUSTOSTR)
+    if(NOT HAVE_PCAP_STATUSTOSTR)
+        MESSAGE(FATAL_ERROR "pcap_create is available, but pcap_statustostr isn't - if you're using WinPcap, try Npcap ")
+    endif(NOT HAVE_PCAP_STATUSTOSTR)
+endif(WIN32)
 
 #
-# Check for "pcap_breakloop()"; you can't substitute for it if
-# it's absent (it has hooks into the live capture routines),
-# so just define the HAVE_ value if it's there.
+# OK, do we have pcap_set_tstamp_type?  If so, assume we have
+# pcap_list_tstamp_types and pcap_free_tstamp_types as well.
 #
-check_function_exists(pcap_breakloop HAVE_PCAP_BREAKLOOP)
+check_function_exists(pcap_set_tstamp_type HAVE_PCAP_SET_TSTAMP_TYPE)
 
 #
-# Check for "pcap_dump_ftell()"; we use a substitute version
-# if it's not present.
+# And do we have pcap_set_tstamp_precision?  If so, we assume
+# we also have pcap_open_offline_with_tstamp_precision.
 #
-check_function_exists(pcap_dump_ftell HAVE_PCAP_DUMP_FTELL)
-
-#
-# Do we have the new open API?  Check for pcap_create() and for
-# pcap_statustostr(), and assume that, if we have both of them,
-# we also have pcap_activate() and the other new routines
-# introduced in libpcap 1.0.0.  (We check for pcap_statustostr()
-# as well, because WinPcap 4.1.3 screwed up and exported pcap_create()
-# but not other routines such as pcap_statustostr(), even though it
-# defined them and even though you really want pcap_statustostr() to
-# get strings corresponding to some of the status returns from the
-# new routines.)
-#
-check_function_exists(pcap_statustostr HAVE_PCAP_STATUSTOSTR)
-#
-# If we don't have pcap_statustostr(), don't check for pcap_create(),
-# so we pretend we don't have it.
-#
-if(HAVE_PCAP_STATUSTOSTR)
-    check_function_exists(pcap_create HAVE_PCAP_CREATE)
-endif(HAVE_PCAP_STATUSTOSTR)
-if(HAVE_PCAP_CREATE)
-    #
-    # OK, do we have pcap_set_tstamp_type?  If so, assume we have
-    # pcap_list_tstamp_types and pcap_free_tstamp_types as well.
-    #
-    check_function_exists(pcap_set_tstamp_type HAVE_PCAP_SET_TSTAMP_TYPE)
-
-    #
-    # And do we have pcap_set_tstamp_precision?  If so, we assume
-    # we also have pcap_open_offline_with_tstamp_precision.
-    #
-    check_function_exists(pcap_set_tstamp_precision HAVE_PCAP_SET_TSTAMP_PRECISION)
-endif(HAVE_PCAP_CREATE)
+check_function_exists(pcap_set_tstamp_precision HAVE_PCAP_SET_TSTAMP_PRECISION)
 
 #
 # Check for a miscellaneous collection of functions which we use
 # if we have them.
 #
-check_function_exists(pcap_findalldevs HAVE_PCAP_FINDALLDEVS)
-check_function_exists(pcap_dump_flush HAVE_PCAP_DUMP_FLUSH)
-check_function_exists(pcap_lib_version HAVE_PCAP_LIB_VERSION)
-if(NOT HAVE_PCAP_LIB_VERSION)
-    # Check for the pcap_version string variable and set HAVE_PCAP_VERSION
-endif(NOT HAVE_PCAP_LIB_VERSION)
-check_function_exists(pcap_setdirection HAVE_PCAP_SETDIRECTION)
 check_function_exists(pcap_set_immediate_mode HAVE_PCAP_SET_IMMEDIATE_MODE)
 check_function_exists(pcap_dump_ftell64 HAVE_PCAP_DUMP_FTELL64)
 check_function_exists(pcap_open HAVE_PCAP_OPEN)
-check_function_exists(pcap_findalldevs_ex HAVE_PCAP_FINDALLDEVS_EX)
 
 #
 # On Windows, check for pcap_wsockinit(); if we don't have it, check for
@@ -790,6 +739,13 @@ if(NOT HAVE_PCAP_SET_PARSER_DEBUG)
 endif(NOT HAVE_PCAP_SET_PARSER_DEBUG)
 
 check_function_exists(pcap_set_optimizer_debug HAVE_PCAP_SET_OPTIMIZER_DEBUG)
+
+#
+# bpf_dump() moved from tcpdump to libpcap in libpcap 0.6, but not all
+# versions of libpcap didn't pick that change up; the OpenBSD libpcap
+# picked up most of the new APIs from versions up to 1.0, but didn't
+# pick up bpf_dump(), so we need to provide it if it's absent.
+#
 check_function_exists(bpf_dump HAVE_BPF_DUMP)
 
 cmake_pop_check_state()
@@ -1271,17 +1227,6 @@ set(TCPDUMP_SOURCE_LIST_C fptype.c tcpdump.c)
 if(NOT HAVE_BPF_DUMP)
     set(TCPDUMP_SOURCE_LIST_C ${TCPDUMP_SOURCE_LIST_C} bpf_dump.c)
 endif(NOT HAVE_BPF_DUMP)
-if(NOT HAVE_PCAP_DUMP_FTELL)
-    set(TCPDUMP_SOURCE_LIST_C ${TCPDUMP_SOURCE_LIST_C} missing/pcap_dump_ftell.c)
-endif(NOT HAVE_PCAP_DUMP_FTELL)
-
-if(NOT HAVE_PCAP_LIST_DATALINKS)
-    set(TCPDUMP_SOURCE_LIST_C ${TCPDUMP_SOURCE_LIST_C} missing/datalinks.c)
-endif(NOT HAVE_PCAP_LIST_DATALINKS)
-
-if((NOT HAVE_PCAP_DATALINK_NAME_TO_VAL) OR (NOT HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION))
-    set(TCPDUMP_SOURCE_LIST_C ${TCPDUMP_SOURCE_LIST_C} missing/dlnames.c)
-endif((NOT HAVE_PCAP_DATALINK_NAME_TO_VAL) OR (NOT HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION))
 
 set(PROJECT_SOURCE_LIST_C ${NETDISSECT_SOURCE_LIST_C} ${TCPDUMP_SOURCE_LIST_C})
 

INSTALL.md

@@ -1,18 +1,37 @@
 # tcpdump installation notes
-If you have not built libpcap, and your system does not have libpcap
-installed, install libpcap first.  Your system might provide a version
-of libpcap that can be installed; if so, to compile tcpdump you might
-need to install a "developer" version of libpcap as well as the
-"run-time" version.  You can also install The Tcpdump Group version of
-libpcap; see [this file](README.md) for the location.
-
-You will need a C99 compiler to build tcpdump.  The build system
-will abort if your compiler is not C99 compliant.  If this happens, use
-the generally available GNU C compiler (GCC) or Clang.
-
-After libpcap has been built (either install it with `make install` or
-make sure both the libpcap and tcpdump source trees are in the same
-directory), do the following steps:
+
+## Installing libpcap
+
+Tcpdump requires libpcap.
+
+### On UN*Xes
+
+Your system might provide a version of libpcap that can be installed, or
+that is installed by default; if so, to compile tcpdump you might need
+to install a "developer" version of libpcap as well as the "run-time"
+version, even if the "run-time" version has already been installed.
+
+If your system does not provide libpcap, or provides a version that does
+not support all of the libpcap 1.0 APIs, you will need to download the
+source for The Tcpdump Group version of libpcap; see [this
+file](README.md) for the location, and build and install that version.
+Either install libpcap with `make install` or make sure both the libpcap
+and tcpdump source trees are in the same directory.
+
+### On Windows
+
+You will need to install both Npcap and the Npcap SDK; see [this
+file](README.windows.md) for information on that.
+
+## Building tcpdump
+
+You will need a C99 compiler to build tcpdump and, if necessary, to
+build libpcap.  The build system will abort if your compiler is not C99
+compliant.  If this happens, use the generally available GNU C compiler
+(GCC) or Clang.
+
+Once you have a version of libpcap with which you can build tcpdump, do
+the following steps:
 
 * If you build from a git clone rather than from a release archive,
 run `./autogen.sh` (a shell script). The autogen.sh script will

Makefile.in

@@ -358,12 +358,9 @@ EXTRA_DIST = \
 	install-sh \
 	instrument-functions.c \
 	makemib \
-	missing/datalinks.c \
-	missing/dlnames.c \
 	missing/getopt_long.c \
 	missing/getopt_long.h \
 	missing/getservent.c \
-	missing/pcap_dump_ftell.c \
 	missing/strlcat.c \
 	missing/strlcpy.c \
 	missing/strsep.c \
@@ -390,10 +387,6 @@ $(LIBNETDISSECT): $(LIBNETDISSECT_OBJ)
 	$(AR) cr $@ $(LIBNETDISSECT_OBJ)
 	$(RANLIB) $@
 
-datalinks.o: $(srcdir)/missing/datalinks.c
-	$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/datalinks.c
-dlnames.o: $(srcdir)/missing/dlnames.c
-	$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/dlnames.c
 getservent.o: $(srcdir)/missing/getservent.c
 	$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/getservent.c
 getopt_long.o: $(srcdir)/missing/getopt_long.c
@@ -404,8 +397,6 @@ strlcpy.o: $(srcdir)/missing/strlcpy.c
 	$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strlcpy.c
 strsep.o: $(srcdir)/missing/strsep.c
 	$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strsep.c
-pcap_dump_ftell.o: $(srcdir)/missing/pcap_dump_ftell.c
-	$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/pcap_dump_ftell.c
 
 install: all
 	[ -d $(DESTDIR)$(bindir) ] || \

README.md

@@ -56,8 +56,10 @@ In the past tcpdump certainly or likely worked on the following platforms:
 
 ### Dependency on libpcap
 tcpdump uses libpcap, a system-independent interface for user-level
-packet capture.  Before building tcpdump, you must first retrieve and
-build libpcap.
+packet capture.  If your operating system does not provide libpcap, or
+if it provides a libpcap that does not support the APIs from libpcap 1.0
+or later, you must first retrieve and build libpcap before building
+tcpdump,
 
 Once libpcap is built (either install it or make sure it's in
 `../libpcap`), you can build tcpdump using the procedure in the

build.sh

@@ -96,12 +96,6 @@ fi
 run_after_echo "$MAKE_BIN" install
 print_so_deps "$TCPDUMP_BIN"
 run_after_echo "$TCPDUMP_BIN" -h
-# The "-D" flag depends on HAVE_PCAP_FINDALLDEVS and it would not be difficult
-# to run the command below only if the macro is defined.  That said, it seems
-# more useful to run it anyway: every system that currently runs this script
-# has pcap_findalldevs(), thus if the macro isn't defined, it means something
-# went wrong in the build process (as was observed with GCC, CMake and the
-# system libpcap on Solaris 11).
 run_after_echo "$TCPDUMP_BIN" -D
 if [ "$CIRRUS_CI" = true ]; then
     # Likewise for the "-J" flag and HAVE_PCAP_SET_TSTAMP_TYPE.