diff options
| author |   Richard Farina <zerochaos@gentoo.org> | 2013-01-30 01:29:57 +0000 |
|---|---|---|
| committer | Richard Farina <zerochaos@gentoo.org> | 2013-01-30 01:29:57 +0000 |
| commit | 7a41de1561a05b8c0446eb3d556c7fea6c434629 (patch) | |
| tree | 8f7c8790c6ebf41eb0f5c934e61842d7a97dcacb /net-analyzer/wireshark | |
| parent | Move enewuser to pkg_postinst(). (diff) | |
| download | historical-7a41de1561a05b8c0446eb3d556c7fea6c434629.tar.gz historical-7a41de1561a05b8c0446eb3d556c7fea6c434629.tar.bz2 historical-7a41de1561a05b8c0446eb3d556c7fea6c434629.zip | |
added new wireshark 1.8.5 addressing multiple vulnerabilities. 1.6.13 should be along shortly
Package-Manager: portage-2.1.11.31/cvs/Linux x86_64
Manifest-Sign-Key: 0xDD11F94A
Diffstat (limited to 'net-analyzer/wireshark')
| -rw-r--r-- | net-analyzer/wireshark/ChangeLog | 10 | ||||
| -rw-r--r-- | net-analyzer/wireshark/Manifest | 22 | ||||
| -rw-r--r-- | net-analyzer/wireshark/wireshark-1.8.5.ebuild | 241 |
3 files changed, 266 insertions, 7 deletions
diff --git a/net-analyzer/wireshark/ChangeLog b/net-analyzer/wireshark/ChangeLog index 6d0ecace4146..a91d5b494017 100644 --- a/net-analyzer/wireshark/ChangeLog +++ b/net-analyzer/wireshark/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-analyzer/wireshark -# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/ChangeLog,v 1.425 2012/12/15 17:56:55 jer Exp $ +# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/ChangeLog,v 1.426 2013/01/30 01:29:44 zerochaos Exp $ + +*wireshark-1.8.5 (30 Jan 2013) + + 30 Jan 2013; Rick Farina <zerochaos@gentoo.org> +wireshark-1.8.5.ebuild: + added new wireshark 1.8.5 addressing multiple vulnerabilities. 1.6.13 should + be along shortly 15 Dec 2012; Jeroen Roovers <jer@gentoo.org> -wireshark-1.6.10-r2.ebuild, -files/wireshark-1.6.10-CVE-2012-3548.patch, -wireshark-1.6.11.ebuild, diff --git a/net-analyzer/wireshark/Manifest b/net-analyzer/wireshark/Manifest index 3b68b005d427..9abc05038829 100644 --- a/net-analyzer/wireshark/Manifest +++ b/net-analyzer/wireshark/Manifest @@ -1,19 +1,31 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 +Hash: SHA512 AUX wireshark-1.6.6-gtk-pcap.patch 841 SHA256 862c301f450fcb775e3bd907e5a6ca667b5a11b819768b66a7c848c2c3c90d8a SHA512 0ed1bce8b57942de72ee0a8d78ef7cc345ffea512248fa65acd4e8386a5aa61dde14663090578c78f3eee88c7966e8d40aa6d3dce13146c2adf5ed8ded019253 WHIRLPOOL a45a3d04c9823eb149174fbbaaeb5437e525d77da962aa627509941da3119e87d4eef26cb06b1d3534356c4fd1d4bf31bc102dbf8b3f69994a19dba8d730d05f AUX wireshark-1.8.1-ldflags.patch 312 SHA256 b4cf259892774b4a72ab90b7ea28fbf3c923993f8f68831627d79a45637f5948 SHA512 a6cae46b7bf1f82977f8c905f109efeb72b1bf7bf9413639dd0c783147070be04efac7ec5ac92c9eda682500c5596cfcb2ade424d7bd85278c7842f5aff2ad98 WHIRLPOOL 0aa07f0d26318d203ea2bfb0369eb4fe57f80958e24f20f8579e218d8c3967effb64461112cf30cd15322cc6ed76c75dac0091781ed4526c091f4cddb40daf29 AUX wireshark-1.8.3-gnutls3.patch 460 SHA256 75db77b9dd286272583c6def9ce9ebe2feea59c8c709eb7065e0c4d9bf741967 SHA512 8c37c020e1addcff70f631b710a15de040eb7af5fa43c0faad6729a090be180fb9d52ebd10a3aac6ad6e49344f795d27e093b9e7e3f591c835a0883ad9066ee6 WHIRLPOOL 59646ef16e7042cbcfa827525cae0f0de7e8cd7f9ccc01324e73b91c1dfd454ca7f7156bc477bdd601bd908969d217c251a33d91d9f6b334b0737035b5d55b66 DIST wireshark-1.6.12.tar.bz2 22052437 SHA256 03b84a1a6d46e53f2ae900237e0391281557297fa5c2b2093049c0fb418352fb SHA512 fa9ccc44840f372117da23770cc8438bceafa2e653ed884ed4c5f8a0624506d8778e3be54abb3c88e85564ff443be54b56db3621a6f8058fe8458b6efc5710f9 WHIRLPOOL cd7a3e7d03ee3c94fbc7784e4619ad3bf48700f86e4531cdf24fabf40d406613f6637957b0d66c182b07d3b340263c47cc73a093fd63f3d8f61a0c3250b09555 DIST wireshark-1.8.4.tar.bz2 24164286 SHA256 cae9ec0cb9fa0b732a76c0f72f8c15d763f8cdc2e389cda2da6c48c24559faac SHA512 4f0b7fd181eb74c5eb03e4b5e74546f9f02aa3d481faed2b08a84d98f4a61d808a86e5348046d66f8333ba8f8921db344c2187a1590117ae4bdc2ff85a96d305 WHIRLPOOL e2d1b7de34cc57342e645fbfa0175edcfc690d52f4ca579a931c4614ce97735ea190fa5e72ad6c9fb766f92ee701d6cf7cbd3c1f63ff8bba1f8b5d9265f2c31e +DIST wireshark-1.8.5.tar.bz2 24196532 SHA256 d4e4798216974a3c45e74b03644ee33b64481d2fe5c788c002266e5f141ee372 SHA512 3378310870e2e11cd4caf91e0571e2a52bd81bc76f1715997338d867a4d98ad7bb34e0f4443220386b498aeebce15c02d9825e50cf587587f573a5a0c578b039 WHIRLPOOL a9ca0f7cf14efcc4c56f7a2ab16ed0962998bc1467602d3f201e569513b0dde1363a7507e7a3f53535b8878ed2fd4a469699c88dcc1a3c4ce90461ac2c7a3c00 EBUILD wireshark-1.6.12.ebuild 6411 SHA256 688fdb4763b4465acf96bf49742308424da9bab545389d0e403d456e4fc690cd SHA512 34443cc359b94670a00223fb849af6c4d723c8951ce13927bcb7df766893a061e41733166cb4f85b2bc566d5d6c9151b4c3d9e1930a1e3241d6cba603a46bc54 WHIRLPOOL ef9f22e8ce299ada23abdf1b8615e485f7b4d083f0290a6adfbd3a63913ef6b9158eaf5fbd137eb20c52341115c9ffb2e0b2a6cec1a4ef11d2d7c1ee2a988971 EBUILD wireshark-1.8.4.ebuild 6802 SHA256 be4c9ae0d9e7303329cce9ea786c20d99fcfd38b865ff1083ad59afab3dfd0b1 SHA512 1440c8b553e3728832ba98062727e0e1a71af3234fce421980d8282812b6c1dfe504e9d7ab711c982a2db131f04fb70e4871d24e9743a72957c747902a003ab0 WHIRLPOOL 8f8901096fe2c16b85686e6f223e3914f7d7d705d6c308f3a7b1d81e1a6c6e5da7f6dd18e35c01687f4aab08d5433bdc1d4b71f8c50fc05183af9c88b1092911 -MISC ChangeLog 61726 SHA256 1aae253d0f2ac0942c02287047d118aa69dda4933f27a8e463c22a8562662084 SHA512 b086975571362c9c51c1be276bcf81aa007a1bdc418c29289bb89e50e0af0eafac1f4e507186587fbd1e4431009e9d73b98e0835bc80c274d376a59fe137de14 WHIRLPOOL bcc41d5e0f3b01ee34c3f0ec5f20bd55a919466c4561d07ef114ea2b287576fe2624d5f7f41fc5f2276fe7685036163f6b5462082b868f9a6d186a69cc26dfbd +EBUILD wireshark-1.8.5.ebuild 6812 SHA256 14222b9a8d80fabd2e9e500faa206ce2a9b244b6377d29216cecdceb8e42e1f0 SHA512 1a0443bd7cb98f6e7877a3562ac7c30ebf9957d6bd7973b9576561cae91d41890486088693d90a024ede993e242d3b5e5875c19477f125cd97ebb89f514dddca WHIRLPOOL 20a0706ce101718d549b80940ee81bab3b674525b35fdd85a5d34bf106c48ebcf3a44750963735475eb78eb72e96ee7ce24b7fe1ea80da76735ccaa7fa5494dd +MISC ChangeLog 61938 SHA256 1a067aeb36f47e8d2f7cd4f7bed46f91d6ae50d659f8c0e5dab084ba6018743d SHA512 f92fd00a11ee9979ee47d45452dd420494e9aa3601f5cf290a4246d4b9f93a26337a47b69748e697e3a4750bbd755b0e4e5405fbe5c55a89c0d443ae40fd98f3 WHIRLPOOL 03a63b8fe65dc7ca776bc49b1c8374e4969e6a581ee666c26f0826ec25bb24eac51c545a5f605365fdf446ea24618a7fd11432d43aa016fa9119ae16a3a4cb00 MISC metadata.xml 2589 SHA256 5a4eeb9572df6946a2b3ffbb5f5f4955cfd709ccb79cd23ec6aed41f49b60dab SHA512 bc027bd22193d1a613f26fe30265f5fac0f22cac0c1ed8cfa148fa6bf7c4a4777c76cbaeea5f5f19591d8c78695d13eb29cc00f225c2b44ad1d8a63a8881bafe WHIRLPOOL 5596bd3eb91bdbb1fd9ac2386d72e6a038c3966ad53a81889fc6d4bf32b2ffe75b8f55fdf84a7a84ff2b7b2dcddcaf0dc889ea6595537796ca30e7e5e11494bd -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) -iEYEAREIAAYFAlDMuegACgkQVWmRsqeSphPwvQCfeL492Ssfiw1T1pmYnYGODA15 -zaUAn3WaK93XDTYRe2l9apBf5oxQUMTm -=5aKo +iQIcBAEBCgAGBQJRCHf4AAoJEKXdFCfdEflKrcgP/R4h7WuWTXtnUwrvs71vlglg +s0+7tAfgA9MIgafEFU100ZjQ9WhtfNTBkQ17m7WEJsvi6ssvYRm7xewY/awysljh +/99OyN6StUiGaqUKXbzowF3+Bh+QkKrOLCB4PC28+CX/WnWHuT4xKckxgKdB5Pn+ +EX34XZxhV2syfPUrtVFD/zlWKz5FNBz2opKSp3jVh+S57SwGijboXt5GApviQYDJ +szUUkbAaqHAUVLqPxmF2a/bUTpZL45AVSecEwuXvFv7sLJLn6fHaUvAsJ3gHHTU9 +eAzYa9oRaOSyFaylDp+7ilzfu748DCeuwb3VQAMD5cUuxjW0QIFLP3EiLgvm7s6e +LoYcMvSPkrzXukS+K6i4geJFonOOMT0et2i3JBhCI0txSwdSiaAX4J8mx0sak1iG +HJqoSPEi17XPdTZkfhjv32u1sDtCcxllVIbeesaPU4CFBvXJGHche4S+oHnz255C +D6OIZKzk2fb9ft1u6snJHCJ3pytrbSzd1xnsxbn584vlm+kD0fXKnS9ysn8HtuC6 +VKuR7q0TkOdxv6bSlYBKE/bOgTkJ6syGKd9y0JEa/psABU2JcH4HMu3FNPvs0L0u +vm2p7V7+oqUMFgjpuW/25dpfqClsnqQ53WYGB2CjMWki75VvVPnKQrUVR+4eg99g +6FtiFjC84/QclFWyaeHT +=kIeb -----END PGP SIGNATURE----- diff --git a/net-analyzer/wireshark/wireshark-1.8.5.ebuild b/net-analyzer/wireshark/wireshark-1.8.5.ebuild new file mode 100644 index 000000000000..7f1802174ff1 --- /dev/null +++ b/net-analyzer/wireshark/wireshark-1.8.5.ebuild @@ -0,0 +1,241 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/wireshark-1.8.5.ebuild,v 1.1 2013/01/30 01:29:44 zerochaos Exp $ + +EAPI="4" +PYTHON_DEPEND="python? 2" +inherit autotools eutils flag-o-matic python toolchain-funcs user + +[[ -n ${PV#*_rc} && ${PV#*_rc} != ${PV} ]] && MY_P=${PN}-${PV/_} || MY_P=${P} +DESCRIPTION="A network protocol analyzer formerly known as ethereal" +HOMEPAGE="http://www.wireshark.org/" +SRC_URI="http://www.wireshark.org/download/src/all-versions/${MY_P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE=" + adns +caps doc doc-pdf geoip gtk crypt ipv6 kerberos libadns lua +pcap + portaudio profile python selinux smi ssl zlib +" +RDEPEND=" + >=dev-libs/glib-2.14:2 + zlib? ( sys-libs/zlib + !=sys-libs/zlib-1.2.4 ) + smi? ( net-libs/libsmi ) + gtk? ( >=x11-libs/gtk+-2.4.0:2 + x11-libs/pango + dev-libs/atk + x11-misc/xdg-utils ) + ssl? ( net-libs/gnutls dev-libs/libgcrypt ) + crypt? ( dev-libs/libgcrypt ) + pcap? ( net-libs/libpcap ) + caps? ( sys-libs/libcap ) + kerberos? ( virtual/krb5 ) + portaudio? ( media-libs/portaudio ) + adns? ( + !libadns? ( >=net-dns/c-ares-1.5 ) + ) + libadns? ( net-libs/adns ) + geoip? ( dev-libs/geoip ) + lua? ( >=dev-lang/lua-5.1 ) + selinux? ( sec-policy/selinux-wireshark ) +" + +DEPEND=" + ${RDEPEND} + doc? ( dev-libs/libxslt + dev-libs/libxml2 + app-doc/doxygen + doc-pdf? ( dev-java/fop ) ) + virtual/pkgconfig + dev-lang/perl + sys-devel/bison + sys-apps/sed + sys-devel/flex +" + +S=${WORKDIR}/${MY_P} + +# borrowed from GSoC2010_Gentoo_Capabilities by constanze and flameyeys +# @FUNCTION: fcaps +# @USAGE: fcaps {uid:gid} {file-mode} {cap1[,cap2,...]} {file} +# @RETURN: 0 if all okay; non-zero if failure and fallback +# @DESCRIPTION: +# fcaps sets the specified capabilities in the effective and permitted set of +# the given file. In case of failure fcaps sets the given file-mode. +fcaps() { + local uid_gid=$1 + local perms=$2 + local capset=$3 + local path=$4 + local res + + chmod $perms $path && \ + chown $uid_gid $path + res=$? + + use caps || return $res + + #set the capability + setcap "$capset=ep" "$path" &> /dev/null + #check if the capabilitiy got set correctly + setcap -v "$capset=ep" "$path" &> /dev/null + res=$? + + if [ $res -ne 0 ]; then + ewarn "Failed to set capabilities. Probable reason is missed kernel support." + ewarn "Kernel must have <FS>_FS_SECURITY enabled where <FS> is the filesystem" + ewarn "to store ${path} (e.g. EXT3_FS_SECURITY). For kernels version before" + ewarn "2.6.33_rc1 SECURITY_FILE_CAPABILITIES must be enabled as well." + ewarn + ewarn "Falling back to suid now..." + chmod u+s ${path} + fi + return $res +} + +pkg_setup() { + if ! use gtk; then + ewarn "USE=-gtk disables gtk-based gui called wireshark." + ewarn "Only command line utils will be built available" + fi + if use python; then + python_set_active_version 2 + python_pkg_setup + fi + # Add group for users allowed to sniff. + enewgroup wireshark +} + +src_prepare() { + epatch \ + "${FILESDIR}"/${PN}-1.8.1-ldflags.patch \ + "${FILESDIR}"/${PN}-1.8.3-gnutls3.patch + sed -i -e 's|.png||g' ${PN}.desktop || die + eautoreconf +} + +src_configure() { + local myconf + + if [[ $(gcc-major-version) -lt 3 || + ( $(gcc-major-version) -eq 3 && + $(gcc-minor-version) -le 4 ) ]] ; then + die "Unsupported compiler version, please upgrade." + fi + + # profile and pie are incompatible #215806, #292991 + if use profile; then + ewarn "You've enabled the 'profile' USE flag, building PIE binaries is disabled." + ewarn "Also ignore \"unrecognized option '-nopie'\" gcc warning #358101." + append-flags $(test-flags-CC -nopie) + fi + + if use adns; then + if use libadns; then + myconf+=( "--with-adns --without-c-ares" ) + else + myconf+=( "--without-adns --with-c-ares" ) + fi + else + if use libadns; then + myconf+=( "--with-adns --without-c-ares" ) + else + myconf+=( "--without-adns --without-c-ares" ) + fi + fi + # Workaround bug #213705. If krb5-config --libs has -lcrypto then pass + # --with-ssl to ./configure. (Mimics code from acinclude.m4). + if use kerberos; then + case `krb5-config --libs` in + *-lcrypto*) + ewarn "Kerberos was built with ssl support: linkage with openssl is enabled." + ewarn "Note there are annoying license incompatibilities between the OpenSSL" + ewarn "license and the GPL, so do your check before distributing such package." + myconf+=( "--with-ssl" ) + ;; + esac + fi + + # Hack around inability to disable doxygen/fop doc generation + use doc || export ac_cv_prog_HAVE_DOXYGEN=false + use doc-pdf || export ac_cv_prog_HAVE_FOP=false + + # dumpcap requires libcap, setuid-install requires dumpcap + econf \ + $(use pcap && use_enable !caps setuid-install) \ + $(use pcap && use_enable caps setcap-install) \ + $(use_enable gtk wireshark) \ + $(use_enable ipv6) \ + $(use_enable profile profile-build) \ + $(use_with caps libcap) \ + $(use_with crypt gcrypt) \ + $(use_with geoip) \ + $(use_with kerberos krb5) \ + $(use_with lua) \ + $(use_with pcap dumpcap-group wireshark) \ + $(use_with pcap) \ + $(use_with portaudio) \ + $(use_with python) \ + $(use_with smi libsmi) \ + $(use_with ssl gnutls) \ + $(use_with zlib) \ + --disable-extra-gcc-checks \ + --disable-usr-local \ + --sysconfdir="${EPREFIX}"/etc/wireshark \ + ${myconf[@]} +} + +src_compile() { + default + use doc && emake -C docbook +} + +src_install() { + default + if use doc; then + dohtml -r docbook/{release-notes.html,ws{d,u}g_html{,_chunked}} + if use doc-pdf; then + insinto /usr/share/doc/${PF}/pdf/ + doins docbook/{{developer,user}-guide,release-notes}-{a4,us}.pdf + fi + fi + + # FAQ is not required as is installed from help/faq.txt + dodoc AUTHORS ChangeLog NEWS README{,.bsd,.linux,.macos,.vmware} \ + doc/{randpkt.txt,README*} + + # install headers + local wsheader + for wsheader in $( echo $(< debian/wireshark-dev.header-files ) ); do + insinto /usr/include/wireshark/$( dirname ${wsheader} ) + doins ${wsheader} + done + + #with the above this really shouldn't be needed, but things may be looking in wiretap/ instead of wireshark/wiretap/ + insinto /usr/include/wiretap + doins wiretap/wtap.h + + if use gtk; then + for c in hi lo; do + for d in 16 32 48; do + insinto /usr/share/icons/${c}color/${d}x${d}/apps + newins image/${c}${d}-app-wireshark.png wireshark.png + done + done + domenu wireshark.desktop + fi + use pcap && chmod o-x "${ED}"/usr/bin/dumpcap #357237 +} + +pkg_postinst() { + if use caps && use pcap; then + fcaps 0:wireshark 550 cap_dac_read_search,cap_net_raw,cap_net_admin "${EROOT}"/usr/bin/dumpcap + fi + echo + ewarn "NOTE: To run wireshark as normal user you have to add yourself to" + ewarn "the wireshark group. This security measure ensures that only trusted" + ewarn "users are allowed to sniff your traffic." + echo +} |