head 1.15; access; symbols pkgsrc-2015Q4:1.14.0.10 pkgsrc-2015Q4-base:1.14 pkgsrc-2015Q3:1.14.0.8 pkgsrc-2015Q3-base:1.14 pkgsrc-2015Q2:1.14.0.6 pkgsrc-2015Q2-base:1.14 pkgsrc-2015Q1:1.14.0.4 pkgsrc-2015Q1-base:1.14 pkgsrc-2014Q4:1.14.0.2 pkgsrc-2014Q4-base:1.14 pkgsrc-2014Q3:1.13.0.8 pkgsrc-2014Q3-base:1.13 pkgsrc-2014Q2:1.13.0.6 pkgsrc-2014Q2-base:1.13 pkgsrc-2014Q1:1.13.0.4 pkgsrc-2014Q1-base:1.13 pkgsrc-2013Q4:1.13.0.2 pkgsrc-2013Q4-base:1.13 pkgsrc-2013Q3:1.12.0.2 pkgsrc-2013Q3-base:1.12 pkgsrc-2013Q2:1.11.0.8 pkgsrc-2013Q2-base:1.11 pkgsrc-2013Q1:1.11.0.6 pkgsrc-2013Q1-base:1.11 pkgsrc-2012Q4:1.11.0.4 pkgsrc-2012Q4-base:1.11 pkgsrc-2012Q3:1.11.0.2 pkgsrc-2012Q3-base:1.11 pkgsrc-2012Q2:1.10.0.24 pkgsrc-2012Q2-base:1.10 pkgsrc-2012Q1:1.10.0.22 pkgsrc-2012Q1-base:1.10 pkgsrc-2011Q4:1.10.0.20 pkgsrc-2011Q4-base:1.10 pkgsrc-2011Q3:1.10.0.18 pkgsrc-2011Q3-base:1.10 pkgsrc-2011Q2:1.10.0.16 pkgsrc-2011Q2-base:1.10 pkgsrc-2011Q1:1.10.0.14 pkgsrc-2011Q1-base:1.10 pkgsrc-2010Q4:1.10.0.12 pkgsrc-2010Q4-base:1.10 pkgsrc-2010Q3:1.10.0.10 pkgsrc-2010Q3-base:1.10 pkgsrc-2010Q2:1.10.0.8 pkgsrc-2010Q2-base:1.10 pkgsrc-2010Q1:1.10.0.6 pkgsrc-2010Q1-base:1.10 pkgsrc-2009Q4:1.10.0.4 pkgsrc-2009Q4-base:1.10 pkgsrc-2009Q3:1.10.0.2 pkgsrc-2009Q3-base:1.10 pkgsrc-2009Q2:1.9.0.16 pkgsrc-2009Q2-base:1.9 pkgsrc-2009Q1:1.9.0.14 pkgsrc-2009Q1-base:1.9 pkgsrc-2008Q4:1.9.0.12 pkgsrc-2008Q4-base:1.9 pkgsrc-2008Q3:1.9.0.10 pkgsrc-2008Q3-base:1.9 cube-native-xorg:1.9.0.8 cube-native-xorg-base:1.9 pkgsrc-2008Q2:1.9.0.6 pkgsrc-2008Q2-base:1.9 cwrapper:1.9.0.4 pkgsrc-2008Q1:1.9.0.2 pkgsrc-2008Q1-base:1.9 pkgsrc-2007Q4:1.8.0.4 pkgsrc-2007Q4-base:1.8 pkgsrc-2007Q3:1.8.0.2 pkgsrc-2007Q3-base:1.8 pkgsrc-2007Q2:1.7.0.4 pkgsrc-2007Q2-base:1.7 pkgsrc-2007Q1:1.7.0.2 pkgsrc-2007Q1-base:1.7 pkgsrc-2006Q4:1.4.0.2 pkgsrc-2006Q4-base:1.4 pkgsrc-2006Q3:1.3.0.2 pkgsrc-2006Q3-base:1.3 pkgsrc-2006Q2:1.1.0.2; locks; strict; comment @# @; 1.15 date 2016.03.03.13.33.14; author wiz; state dead; branches; next 1.14; commitid UegwScFOYltascXy; 1.14 date 2014.11.14.12.06.10; author tron; state Exp; branches; next 1.13; commitid AfDlaArbhbUtf9Yx; 1.13 date 2013.12.18.11.52.25; author tron; state Exp; branches 1.13.8.1; next 1.12; commitid YK6dcjUExbypOBhx; 1.12 date 2013.07.04.21.33.14; author adam; state Exp; branches 1.12.2.1; next 1.11; commitid 3A2qyItc5AQkocWw; 1.11 date 2012.08.20.08.34.44; author christos; state Exp; branches; next 1.10; 1.10 date 2009.07.21.20.39.41; author tron; state Exp; branches; next 1.9; 1.9 date 2008.02.28.14.55.17; author tron; state Exp; branches 1.9.16.1; next 1.8; 1.8 date 2007.07.06.17.58.09; author drochner; state dead; branches; next 1.7; 1.7 date 2007.02.07.17.15.24; author tron; state Exp; branches; next 1.6; 1.6 date 2007.02.07.15.18.23; author tron; state Exp; branches; next 1.5; 1.5 date 2007.02.03.18.06.37; author tron; state dead; branches; next 1.4; 1.4 date 2006.11.01.12.59.42; author tron; state Exp; branches 1.4.2.1; next 1.3; 1.3 date 2006.08.24.10.48.59; author tron; state Exp; branches 1.3.2.1; next 1.2; 1.2 date 2006.07.23.17.31.08; author drochner; state Exp; branches; next 1.1; 1.1 date 2006.07.21.14.27.53; author tron; state Exp; branches 1.1.2.1; next ; 1.13.8.1 date 2014.11.23.22.20.47; author spz; state Exp; branches; next ; commitid g7W4LvFQFh2ommZx; 1.12.2.1 date 2013.12.20.08.34.50; author spz; state Exp; branches; next ; commitid dsTloKQGaizDEQhx; 1.9.16.1 date 2009.07.22.06.56.56; author spz; state Exp; branches; next ; 1.4.2.1 date 2007.02.07.16.05.21; author salo; state Exp; branches; next ; 1.3.2.1 date 2006.11.01.21.42.58; author ghen; state Exp; branches; next ; 1.1.2.1 date 2006.07.21.14.27.53; author salo; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2006.07.22.16.14.33; author salo; state Exp; branches; next 1.1.2.3; 1.1.2.3 date 2006.07.23.23.22.05; author salo; state Exp; branches; next 1.1.2.4; 1.1.2.4 date 2006.08.24.11.51.06; author salo; state Exp; branches; next ; desc @@ 1.15 log @Make wireshark2 the new default wireshark, since it is the default stable version upstream. @ text @$NetBSD: patch-aa,v 1.14 2014/11/14 12:06:10 tron Exp $ Fix build. --- ui/time_shift.c.orig 2014-11-12 18:49:17.000000000 +0000 +++ ui/time_shift.c 2014-11-14 10:08:51.000000000 +0000 @@@@ -28,6 +28,9 @@@@ #include #include #include +#ifndef HAVE_FLOORL +#define floorl(a) floor((double)(a)) +#endif #include @ 1.14 log @Update "wireshark" package to version 1.10.11. Changes since 1.10.10: - Bug Fixes The following vulnerabilities have been fixed. * wnpa-sec-2014-20 SigComp UDVM buffer overflow. (Bug 10662) CVE-2014-8710 * wnpa-sec-2014-21 AMQP crash. (Bug 10582) CVE-2014-8711 * wnpa-sec-2014-22 NCP crashes. (Bug 10552, Bug 10628) CVE-2014-8712 CVE-2014-8713 * wnpa-sec-2014-23 TN5250 infinite loops. (Bug 10596) CVE-2014-8714 The following bugs have been fixed: * 6LoWPAN Mesh headers not treated as encapsulating address. (Bug 10462) * UCP dissector bug of operation 31 - PID 0639 not recognized. (Bug 10463) * iSCSI dissector rejects PDUs with "expected data transfer length" > 16M. (Bug 10469) * GTPv2: trigging_tree under Trace information has wrong length. (Bug 10470) * Attempt to render an SMS-DELIVER-REPORT instead of an SMS-DELIVER. (Bug 10547) * IPv6 Mobility Option IPv6 Address/Prefix marks too many bytes for the address/prefix field. (Bug 10576) * IPv6 Mobility Option Binding Authorization Data for FMIPv6 Authenticator field is read beyond the option data. (Bug 10577) * IPv6 Mobility Option Mobile Node Link Layer Identifier Link-layer Identifier field is read beyond the option data. (Bug 10578) * Malformed PTPoE announce packet. (Bug 10611) * IPv6 Permanent Home Keygen Token mobility option includes too many bytes for the token field. (Bug 10619) * IPv6 Redirect Mobility Option K and N bits are parsed incorrectly. (Bug 10622) * IPv6 Care Of Test mobility option includes too many bytes for the Keygen Token field. (Bug 10624) * IPv6 MESG-ID mobility option is parsed incorrectly. (Bug 10625) * IPv6 AUTH mobility option parses Mobility SPI and Authentication Data incorrectly. (Bug 10626) * IPv6 DNS-UPDATE-TYPE mobility option includes too many bytes for the MD identity field. (Bug 10629) * IPv6 Local Mobility Anchor Address mobility option's code and reserved fields are parsed as 2 bytes instead of 1. (Bug 10630) * TShark crashes when running with PDML on a specific packet. (Bug 10651) * IPv6 Mobility Option Context Request reads an extra request. (Bug 10676) - Updated Protocol Support 6LoWPAN, AMQP, GSM MAP, GTPv2, H.223, IEEE 802.11, iSCSI, MIH, Mobile IPv6, PTPoE, TN5250, and UCP - New and Updated Capture File Support Catapult DCT2000, HP-UX nettl, pcap-ng, and Sniffer (DOS) @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.13 2013/12/18 11:52:25 tron Exp $ @ 1.13 log @Update "wireshark" package to version 1.10.4. Changes since version 1.10.3: - Bug Fixes The following vulnerabilities have been fixed. * wnpa-sec-2013-66 The SIP dissector could go into an infinite loop. Discovered by Alain Botti. (Bug 9388) Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11 CVE-2013-7112 * wnpa-sec-2013-67 The BSSGP dissector could crash. Discovered by Laurent Butti. (Bug 9488) Versions affected: 1.10.0 to 1.10.3 CVE-2013-7113 * wnpa-sec-2013-68 The NTLMSSP v2 dissector could crash. Discovered by Garming Sam. Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11 CVE-2013-7114 The following bugs have been fixed: * "On-the-wire" packet lengths are limited to 65535 bytes. (Bug 8808, ws-buglink:9390) * Tx MCS set is not interpreted properly in WLAN beacon frame. (Bug 8894) * VoIP Graph Analysis window - some calls are black. (Bug 8966) * Wireshark fails to decode single-line, multiple Contact: URIs in SIP responses. (Bug 9031) * epan/follow.c - Incorrect "bytes missing in capture file" in "check_fragments" due to an unsigned int wraparound?. (Bug 9112) * gsm_map doesn't decode MAPv3 reportSM-DeliveryStatus result. (Bug 9382) * Incorrect NFSv4 FATTR4_SECURITY_LABEL value. (Bug 9383) * Timestamp decoded for Gigamon trailer is not padded correctly. (Bug 9433) * SEL Fast Message Bug-fix for Signed 16-bit Integer Fast Meter Messages. (Bug 9435) * DNP3 Bug Fix for Analog Data Sign Bit Handling. (Bug 9442) * GSM SMS User Data header fill bits are wrong when using a 7 bits ASCII / IA5 encoding. (Bug 9478) * WCDMA RLC dissector cannot assemble PDUs with SNs skipped and wrap-arounded. (Bug 9505) * DTLS: fix buffer overflow in mac check. (Bug 9512) * Correct data length in SCSI_DATA_IN packets (within iSCSI). (Bug 9521) * GSM SMS UDH EMS control expects 4 octets instead of 3 with OPTIONAL 4th. (Bug 9550) * Fix "decode as ..." for packet-time.c. (Bug 9563) - Updated Protocol Support ANSI IS-637-A, BSSGP, DNP3, DVB-BAT, DVB-CI, GSM MAP, GSM SMS, IEEE 802.11, iSCSI, NFSv4, NTLMSSP v2, RLC, SEL FM, SIP, and Time @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.12 2013/07/04 21:33:14 adam Exp $ d5 4 a8 3 --- ui/time_shift.c.orig 2013-07-04 20:20:31.000000000 +0000 +++ ui/time_shift.c @@@@ -29,6 +29,9 @@@@ a9 1 #include @ 1.13.8.1 log @Pullup ticket #4543 - requested by tron net/wireshark: security update Revisions pulled up: - net/wireshark/Makefile 1.127 - net/wireshark/distinfo 1.78 - net/wireshark/patches/patch-aa 1.14 - net/wireshark/patches/patch-ab deleted ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Fri Nov 14 12:06:10 UTC 2014 Modified Files: pkgsrc/net/wireshark: Makefile distinfo pkgsrc/net/wireshark/patches: patch-aa Removed Files: pkgsrc/net/wireshark/patches: patch-ab Log Message: Update "wireshark" package to version 1.10.11. Changes since 1.10.10: - Bug Fixes The following vulnerabilities have been fixed. * wnpa-sec-2014-20 SigComp UDVM buffer overflow. (Bug 10662) CVE-2014-8710 * wnpa-sec-2014-21 AMQP crash. (Bug 10582) CVE-2014-8711 * wnpa-sec-2014-22 NCP crashes. (Bug 10552, Bug 10628) CVE-2014-8712 CVE-2014-8713 * wnpa-sec-2014-23 TN5250 infinite loops. (Bug 10596) CVE-2014-8714 The following bugs have been fixed: * 6LoWPAN Mesh headers not treated as encapsulating address. (Bug 10462) * UCP dissector bug of operation 31 - PID 0639 not recognized. (Bug 10463) * iSCSI dissector rejects PDUs with "expected data transfer length" > 16M. (Bug 10469) * GTPv2: trigging_tree under Trace information has wrong length. (Bug 10470) * Attempt to render an SMS-DELIVER-REPORT instead of an SMS-DELIVER. (Bug 10547) * IPv6 Mobility Option IPv6 Address/Prefix marks too many bytes for the address/prefix field. (Bug 10576) * IPv6 Mobility Option Binding Authorization Data for FMIPv6 Authenticator field is read beyond the option data. (Bug 10577) * IPv6 Mobility Option Mobile Node Link Layer Identifier Link-layer Identifier field is read beyond the option data. (Bug 10578) * Malformed PTPoE announce packet. (Bug 10611) * IPv6 Permanent Home Keygen Token mobility option includes too many bytes for the token field. (Bug 10619) * IPv6 Redirect Mobility Option K and N bits are parsed incorrectly. (Bug 10622) * IPv6 Care Of Test mobility option includes too many bytes for the Keygen Token field. (Bug 10624) * IPv6 MESG-ID mobility option is parsed incorrectly. (Bug 10625) * IPv6 AUTH mobility option parses Mobility SPI and Authentication Data incorrectly. (Bug 10626) * IPv6 DNS-UPDATE-TYPE mobility option includes too many bytes for the MD identity field. (Bug 10629) * IPv6 Local Mobility Anchor Address mobility option's code and reserved fields are parsed as 2 bytes instead of 1. (Bug 10630) * TShark crashes when running with PDML on a specific packet. (Bug 10651) * IPv6 Mobility Option Context Request reads an extra request. (Bug 10676) - Updated Protocol Support 6LoWPAN, AMQP, GSM MAP, GTPv2, H.223, IEEE 802.11, iSCSI, MIH, Mobile IPv6, PTPoE, TN5250, and UCP - New and Updated Capture File Support Catapult DCT2000, HP-UX nettl, pcap-ng, and Sniffer (DOS) To generate a diff of this commit: cvs rdiff -u -r1.126 -r1.127 pkgsrc/net/wireshark/Makefile cvs rdiff -u -r1.77 -r1.78 pkgsrc/net/wireshark/distinfo cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/wireshark/patches/patch-aa cvs rdiff -u -r1.4 -r0 pkgsrc/net/wireshark/patches/patch-ab @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.13 2013/12/18 11:52:25 tron Exp $ d5 3 a7 4 --- ui/time_shift.c.orig 2014-11-12 18:49:17.000000000 +0000 +++ ui/time_shift.c 2014-11-14 10:08:51.000000000 +0000 @@@@ -28,6 +28,9 @@@@ #include d9 1 @ 1.12 log @Changes 1.10.0: Wireshark on 32- and 64-bit Windows supports automatic updates. The packet bytes view is faster. You can now display a list of resolved host names in "hosts" format within Wireshark. The wireless toolbar has been updated. Wireshark on Linux does a better job of detecting interface addition and removal. It is now possible to compare two fields in a display filter (for example: udp.srcport != udp.dstport). The two fields must be of the same type for this to work. The Windows installers ship with WinPcap 4.1.3, which supports Windows 8. USB type and product name support has been improved. All Bluetooth profiles and protocols are now supported. Wireshark now calculates HTTP response times and presents the result in a new field in the HTTP response. Links from the request’s frame to the response’s frame and vice-versa are also added. The main welcome screen and status bar now display file sizes using strict SI prefixes instead of old-style binary prefixes. Capinfos now prints human-readable statistics with SI suffixes by default. It is now possible to open a referenced packet (such as the matched request or response packet) in a new window. Tshark can now display only the hex/ascii packet data without requiring that the packet summary and/or packet details are also displayed. If you want the old behavior, use -Px instead of just -x. Wireshark can be compiled using GTK+ 3. The Wireshark application icon, capture toolbar icons, and other icons have been updated. Tshark’s filtering and multi-pass analysis have been reworked for consistency and in order to support dependent frame calculations during reassembly. See the man page descriptions for -2, -R, and -Y. Tshark’s -G fields2 and -G fields3 options have been eliminated. The -G fields option now includes the 2 extra fields that -G fields3 previously provided, and the blurb information has been relegated to the last column since in many cases it is blank anyway. Wireshark dropped the left-handed settings from the preferences. This is still configurable via the GTK settings (add "gtk-scrolled-window-placement = top-right" in the config file, which might be called /.gtkrc-2.0 or /.config/gtk-3.0/settings.ini). Wireshark now ships with two global configuration files: Bluetooth, which contains coloring rules for Bluetooth and Classic, which contains the old-style coloring rules. The LOAD() metric in the IO-graph now shows the load in IO units instead of thousands of IO units. @ text @d1 3 a3 1 $NetBSD$ @ 1.12.2.1 log @Pullup ticket #4276 - requested by tron net/wireshark: security update Revisions pulled up: - net/wireshark/DESCR 1.4 - net/wireshark/Makefile 1.112 - net/wireshark/distinfo 1.71 - net/wireshark/patches/patch-aa 1.13 - net/wireshark/patches/patch-ab 1.4 - net/wireshark/patches/patch-ac 1.2 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Wed Dec 18 11:52:26 UTC 2013 Modified Files: pkgsrc/net/wireshark: DESCR Makefile distinfo pkgsrc/net/wireshark/patches: patch-aa patch-ab patch-ac Log Message: Update "wireshark" package to version 1.10.4. Changes since version 1.10.3: - Bug Fixes The following vulnerabilities have been fixed. * wnpa-sec-2013-66 The SIP dissector could go into an infinite loop. Discovered by Alain Botti. (Bug 9388) Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11 CVE-2013-7112 * wnpa-sec-2013-67 The BSSGP dissector could crash. Discovered by Laurent Butti. (Bug 9488) Versions affected: 1.10.0 to 1.10.3 CVE-2013-7113 * wnpa-sec-2013-68 The NTLMSSP v2 dissector could crash. Discovered by Garming Sam. Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11 CVE-2013-7114 The following bugs have been fixed: * "On-the-wire" packet lengths are limited to 65535 bytes. (Bug 8808, ws-buglink:9390) * Tx MCS set is not interpreted properly in WLAN beacon frame. (Bug 8894) * VoIP Graph Analysis window - some calls are black. (Bug 8966) * Wireshark fails to decode single-line, multiple Contact: URIs in SIP responses. (Bug 9031) * epan/follow.c - Incorrect "bytes missing in capture file" in "check_fragments" due to an unsigned int wraparound?. (Bug 9112) * gsm_map doesn't decode MAPv3 reportSM-DeliveryStatus result. (Bug 9382) * Incorrect NFSv4 FATTR4_SECURITY_LABEL value. (Bug 9383) * Timestamp decoded for Gigamon trailer is not padded correctly. (Bug 9433) * SEL Fast Message Bug-fix for Signed 16-bit Integer Fast Meter Messages. (Bug 9435) * DNP3 Bug Fix for Analog Data Sign Bit Handling. (Bug 9442) * GSM SMS User Data header fill bits are wrong when using a 7 bits ASCII / IA5 encoding. (Bug 9478) * WCDMA RLC dissector cannot assemble PDUs with SNs skipped and wrap-arounded. (Bug 9505) * DTLS: fix buffer overflow in mac check. (Bug 9512) * Correct data length in SCSI_DATA_IN packets (within iSCSI). (Bug 9521) * GSM SMS UDH EMS control expects 4 octets instead of 3 with OPTIONAL 4th. (Bug 9550) * Fix "decode as ..." for packet-time.c. (Bug 9563) - Updated Protocol Support ANSI IS-637-A, BSSGP, DNP3, DVB-BAT, DVB-CI, GSM MAP, GSM SMS, IEEE 802.11, iSCSI, NFSv4, NTLMSSP v2, RLC, SEL FM, SIP, and Time To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/wireshark/DESCR cvs rdiff -u -r1.111 -r1.112 pkgsrc/net/wireshark/Makefile cvs rdiff -u -r1.70 -r1.71 pkgsrc/net/wireshark/distinfo cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/wireshark/patches/patch-aa cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/wireshark/patches/patch-ab cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/wireshark/patches/patch-ac @ text @a2 2 Fix build. @ 1.11 log @upgrade to 1.8.2 @ text @d3 6 a8 6 --- ui/gtk/time_shift_dlg.c.orig 2012-06-05 19:33:15.000000000 +0300 +++ ui/gtk/time_shift_dlg.c 2012-08-19 19:30:08.000000000 +0300 @@@@ -90,6 +90,10 @@@@ */ static GtkWidget *time_shift_frame_w; d12 3 a14 4 + void time_shift_cb(GtkWidget *w _U_, gpointer d _U_) { @ 1.10 log @Update "wireshark" package to version 1.2.1. Changes since version 1.0.8: New features: - Wireshark has a spiffy new start page. - Display filters now autocomplete. - Support for the c-ares resolver library has been added. It has many - advantages over ADNS. - Many new protocol dissectors and capture file formats have been added. - Macintosh OS X support has been improved. - GeoIP database lookups. - OpenStreetMap + GeoIP integration. - Improved Postscript(R) print output. - The preference handling code is now much smarter about changes. - Support for Pcap-ng, the next-generation capture file format. - Support for process information correlation via IPFIX. - Column widths are now saved. - The last used configuration profile is now saved. - Protocol preferences are changeable from the packet details context menu. - Support for IP packet comparison. - Capinfos now shows the average packet rate. Security fixes: - The AFS dissector could crash. - The Infiniband dissector could crash on some platforms. @ text @d3 5 a7 9 --- text2pcap.c.orig 2009-07-20 00:23:54.000000000 +0200 +++ text2pcap.c @@@@ -90,7 +90,7 @@@@ # define __USE_XOPEN #endif #ifndef _XOPEN_SOURCE -# define _XOPEN_SOURCE +# define _XOPEN_SOURCE 4 #endif d9 7 a15 1 /* @ 1.9 log @Update "wireshark" package to version 0.99.8. Changes since 0.99.7: - Security-related vulnerabilities in the SCTP, SNMP, and TFTP dissectors have been fixed. - This release adds configuration profiles, temporary coloring rules, enhanced I/O graphs, WLAN traffic statistics, and many other useful features. @ text @d3 2 a4 2 --- text2pcap.c.orig 2008-02-27 19:59:35.000000000 +0000 +++ text2pcap.c 2008-02-28 13:25:19.000000000 +0000 d13 1 a13 1 #include @ 1.9.16.1 log @Pullup ticket 2832 - requested by tron security update Revisions pulled up: - pkgsrc/net/wireshark/Makefile 1.35 - pkgsrc/net/wireshark/PLIST 1.14 - pkgsrc/net/wireshark/distinfo 1.23 - pkgsrc/net/wireshark/patches/patch-aa 1.10 - pkgsrc/net/wireshark/patches/patch-ad 1.4 Module Name: pkgsrc Committed By: tron Date: Tue Jul 21 20:39:41 UTC 2009 Modified Files: pkgsrc/net/wireshark: Makefile PLIST distinfo pkgsrc/net/wireshark/patches: patch-aa patch-ad Log Message: Update "wireshark" package to version 1.2.1. Changes since version 1.0.8: New features: - Wireshark has a spiffy new start page. - Display filters now autocomplete. - Support for the c-ares resolver library has been added. It has many - advantages over ADNS. - Many new protocol dissectors and capture file formats have been added. - Macintosh OS X support has been improved. - GeoIP database lookups. - OpenStreetMap + GeoIP integration. - Improved Postscript(R) print output. - The preference handling code is now much smarter about changes. - Support for Pcap-ng, the next-generation capture file format. - Support for process information correlation via IPFIX. - Column widths are now saved. - The last used configuration profile is now saved. - Protocol preferences are changeable from the packet details context menu. - Support for IP packet comparison. - Capinfos now shows the average packet rate. Security fixes: - The AFS dissector could crash. - The Infiniband dissector could crash on some platforms. To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 pkgsrc/net/wireshark/Makefile cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/wireshark/PLIST cvs rdiff -u -r1.22 -r1.23 pkgsrc/net/wireshark/distinfo cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/wireshark/patches/patch-aa cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/wireshark/patches/patch-ad @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.10 2009/07/21 20:39:41 tron Exp $ d3 2 a4 2 --- text2pcap.c.orig 2009-07-20 00:23:54.000000000 +0200 +++ text2pcap.c d13 1 a13 1 /* @ 1.8 log @update to 0.99.6 changes: -security fixes for the HTTP, DCP ETSI, SSL, DHCP, and MMS dissectors (crashes, resource exhaustion, off-by-one) -GUI/display filter improvements @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.7 2007/02/07 17:15:24 tron Exp $ d3 9 a11 13 Fix for GCC 3.3.x build problem taken from the SVN repository: http://anonsvn.wireshark.org/viewvc/viewvc.py/trunk/tools/lemon/lemon.c?r1=20452&r2=20737&pathrev=20737&view=patch Details of the problem are document here: http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1357 --- tools/lemon/lemon.c 2007/01/16 16:41:12 20452 +++ tools/lemon/lemon.c 2007/02/07 16:08:19 20737 @@@@ -3247,7 +3247,10 @@@@ for(i=0; inrhs; i++) used[i] = 0; lhsused = 0; d13 1 a13 8 - if (!rp->code) rp->code = "\n"; + if (!rp->code) { + rp->code = "\n"; + rp->line = rp->ruleline; + } append_str(0,0,0,0); for(cp=rp->code; *cp; cp++){ @ 1.7 log @Use official patch for the GCC 3.3.x build problem provided by the wireshark maintainers. @ text @d1 1 a1 1 $NetBSD$ @ 1.6 log @Stop the bundled LALR(1) parser generator "lemon" for writing bogus line numbers into generated ".c" files. The GCC 3.3.3 distributed with NetBSD-i386 3.3.1 can now build this package without problems. @ text @d3 6 a8 1 Fix build with GCC 3.3.x, see: d11 14 a24 12 --- tools/lemon/lemon.c.orig 2007-02-01 22:53:43.000000000 +0000 +++ tools/lemon/lemon.c 2007-02-07 14:54:00.000000000 +0000 @@@@ -3095,6 +3095,9 @@@@ /* Print a #line directive line to the output file. */ PRIVATE void tplt_linedir(FILE *out, int lineno, char *filename) { + if (lineno > 65536) + return; + fprintf(out,"#line %d \"",lineno); while( *filename ){ if( *filename == '\\' ) putc('\\',out); @ 1.5 log @Update "wireshark" package to version 0.99.5. Changes since version 0.99.4: - Bug Fixes o The TCP dissector could hang or crash while reassembling HTTP packets. Versions affected: 0.99.2 to 0.99.4 CVE-2007-0459 o The HTTP dissector could crash. Versions affected: 0.99.3 to 0.99.4 CVE-2007-0458 o On some systems, the IEEE 802.11 dissector could crash. Versions affected: 0.10.14 to 0.99.4 CVE-2007-0457 o On some systems, the LLT dissector could crash. Versions affected: 0.99.3 to 0.99.4 CVE-2007-0456 The following bugs have been fixed: o The end of HTTP chunked encoding wasn't being displayed. o The Follow TCP Stream window could omit characters. o Opening a flow graph could crash Wireshark. o Follow TCP Stream would sometimes get the direction wrong. o The foreground text in the coloring rules editor was always black. o The CSV export format was incorrect. o On some Windows systems Wireshark could take a long time to start up. o Malformed UDLD packets could cause an exception. o The ISUP statistics report could overflow a buffer and crash when displaying IPv6 addresses. - New and Updated Features o Decryption support for WPA/WPA2 and SNMPv3 has been added. The TDS / MS SQL dissector now de-obfuscates passwords. o 64-bit file handling has been improved. o The Find function now selects the corresponding packet detail item. Find functionality has been added to the TCP and SSL stream dialogs. o Main window keyboard navigation has been improved. o ASN.1 BER-encoded files can now be dissected according to a user-specified syntax. - New Protocol Support DMP, Homeplug (INT51X1), NBD, OMAPI, PKCS#12, RGMP, Roofnet, STUN v2 - Updated Protocol Support 2dparityfec, ACN, AIM, AMR, ANSI 637, ANSI A, ANSI MAP, ARP, ASN.1 BER, ASN.1 PER, BACapp, BPDU, CAMEL, DCERPC (DCERPC, EFS, EVENTLOG, NSPI, PN-IO, WINREG), DCOM CBA, DCP, DHCP, DHCPv6, DMP, DNS, E.164, EAP, EPL, ETSI DCP, FCP, GIOP, GSM A, H.245, H.248, HPSW, HTTP, ICMP, ICMPv6, IEEE 802.11, IMAP, INAP, IPMI, IPsec, IRC, ISAKMP, iSCSI, ISIS LSP, IuUP, K12, Kerberos, LDAP, LLDP, MEGACO, MGCP, MIME Multipart, MMS, MMSE, MSRP, MySQL, NetFlow, NFS, NTLMSSP, NTP, OSPF, PN-PTCP, PPPoE, Q.931, Radiotap, RADIUS, RPC, RSVP, RTCP, S4406, SCCP, SCSI, SDP, SES, sFlow, SIGCOMP, SIP, SIR, Skinny, SMB (SMB, NETLOGON), SMTP, SNMP, SPNEGO, SSL, T.38, TCP, TDS, text/media, TIPC, UDLD, UDP Lite, UDP, UMA, UMTS FP, USB, VNC, WBXML, WLCCP, WSP, X.411, X.420, XML, XOT, YMSG - New and Updated Capture File Support Catapult DCT2000, Netttl, Windows Sniffer / NetXray @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.4 2006/11/01 12:59:42 tron Exp $ d3 15 a17 48 --- epan/dissectors/packet-radiotap.c.orig 2006-10-31 17:59:09.000000000 +0000 +++ epan/dissectors/packet-radiotap.c 2006-11-01 11:44:20.000000000 +0000 @@@@ -531,6 +531,11 @@@@ guint8 db, rflags; guint32 present, next_present; int bit; + gint8 align; +#define RTALIGN(size) \ + align = ((offset + ((size) - 1)) & ~((size) - 1)) - offset; \ + offset += align; \ + length_remaining -= align if(check_col(pinfo->cinfo, COL_PROTOCOL)) col_set_str(pinfo->cinfo, COL_PROTOCOL, "WLAN"); @@@@ -745,6 +750,7 @@@@ length_remaining--; break; case IEEE80211_RADIOTAP_CHANNEL: + RTALIGN(2); if (length_remaining < 4) break; if (tree) { @@@@ -762,6 +768,7 @@@@ case IEEE80211_RADIOTAP_FHSS: case IEEE80211_RADIOTAP_TX_ATTENUATION: case IEEE80211_RADIOTAP_DB_TX_ATTENUATION: + RTALIGN(2); if (length_remaining < 2) break; #if 0 @@@@ -771,6 +778,9 @@@@ length_remaining-=2; break; case IEEE80211_RADIOTAP_TSFT: +#if 0 /* can't happen because always first */ + RTALIGN(8); +#endif if (length_remaining < 8) break; if (tree) { @@@@ -781,6 +791,7 @@@@ length_remaining-=8; break; case IEEE80211_RADIOTAP_LOCK_QUALITY: + RTALIGN(2); if (length_remaining < 2) break; if (tree) { @ 1.4 log @Update "wireshark" package to version 0.99.4. Changes since version 0.99.3: - Bug fixes o The HTTP dissector could crash. (Bugs 1050 and 1079) Versions affected: 0.99.3. CVE-2006-5468 o The LDAP dissector (and possibly others) could crash. (Bug 1054) Versions affected: 0.99.3. o The XOT dissector could attempt to allocate a large amount of memory and crash. (Bug 1133) Versions affected: 0.9.8 to 0.99.3. CVE-2006-4805 o The WBXML dissector could crash. (Bug 1134) Versions affected: 0.10.11 to 0.99.3. CVE-2006-5469 o The MIME Multipart dissector was susceptible to an off-by-one error. (Bug 1135) Versions affected: 0.10.1 to 0.99.3. CVE-2006-4574 o If AirPcap support was enabled, parsing a WEP key could sometimes cause a crash. Versions affected: 0.99.3. o The file set dialog could grow excessively large. (Bug 331) o Trying to save flow data may crash Wireshark. (Bug 396) o The personal hosts configuration file wasn't being parsed correctly. (Bug 795) o "Save as" to an existing file wasn't allowed. (Bug 927) o The SNMP dissector was not handling 64-bit counters properly. (Bug 1047) o The HTTP content-length field was a string instead of an integer. (Bug 1109) o Invalid characters could show up in PDML output. (Bug 1110) - New and Updated Features o AirPcap, support (which provides raw mode capture under Windows) has been enhanced to allow capturing on multiple AirPcap adapters simultaneously using the Multi-Channel Aggregator. o VoIP call playback has been enhanced. If Wireshark is linked with the PortAudio library, you can play back G.711 conversations. o The capture interface dialog display has been enhanced. o The "Save" button has been removed from the "Ok" / "Apply" / "Cancel" button group in the following dialogs: o Edit/Preferences o View/Coloring Rules o Capture/Capture Filters o Analyze/Display Filters o Analyze/Enabled Protocols If you're fond of the "Save" button it can be resurrected in the User Interface preferences. o Expert analysis has been improved. o Wireshark now supports USB as a media type. If you're running a Linux distribution with version 2.6.11 of the kernel or greater and you have the usbmon module enabled and you have a recent CVS version of libpcap (post-0.9.5) installed you can also do live captures. More details can be found at the USB capture setup page on the wiki. o The number of WEP keys that the user can specify in the IEEE 802.11 protocol preferences has been increased from 4 to 64. - New Protocol Support Enea LINX, Ethernet Powerlink (v1 and v2), H.248 Q.1950 Annex A, Linux pktgen, MP2T, NEWMAIL, PNG, SCSI OSD, UDLD, UMTS FP, USB, WLCCP, WZCSVC - Updated Protocol Support 3Com NJACK, 802.11, ACSE, AH, ALCAP, ANSI MAP, ATM, ASN.1, BACapp, BER, BGP, BSSAP, Camel, Catapult DCT2000, CFlow, CLNP, Common Windows networking, DAP, DCERPC (DCERPC, ATSVC, DFS, EFS, EPM, EVENTLOG, INITSHUTDOWN, MAPI, NT, PIPE, SAMR, SPOOLSS, SRVSVC, SVCCTL, WINREG), DCOM (DCOM, CBA-ACCO, SYSACT), DIAMETER, DISP, DNS, DOP, DSP, ESP, Ethernet, FC, FCP, GSM A, GSM MAP, GSM SMS, GSSAPI, GTP, H.225, H.245, H.248, HTTP, ICQ, IKE, ISAKMP, iSCSI, ISUP, IUUP, Kerberos 4, LAP-D, LDAP, LLC, LogotypeCertExtn, MEGACO, MIME Multipart, MIP6, MMS, MSRP, MTP3, NCP, NDMP, NDPS, NFS, NTP, OSI, PER, PN-MRP, PPP, 19154Q.931, RADIUS, Redback, RPC, RTCP, RTP, SCCP, SCSI, SDP, SIP, SMB, SMRSE, SNMP, SSL, STANAG 5066, STP, TCAP, TCP, TFTP, TIPC, UDP, UMA, VLAN, VNC, VRRP, X.509ce X11, YMSG, WTLS - Removed Protocols The CISCOWL dissector has been superseded by WLCCP. - New and Updated Capture File Support Catapult DCT2000, EyeSDN, iSeries @ text @d1 1 a1 1 $NetBSD$ @ 1.4.2.1 log @Pullup ticket 2015 - requested by tron security update for wireshark Revisions pulled up: - pkgsrc/net/wireshark/Makefile 1.6 - pkgsrc/net/wireshark/PLIST 1.5 - pkgsrc/net/wireshark/distinfo 1.5, 1.6 - pkgsrc/net/wireshark/files/capture_airpcap_16.xpm removed - pkgsrc/net/wireshark/files/capture_capture_16.xpm removed - pkgsrc/net/wireshark/files/capture_details_16.xpm removed - pkgsrc/net/wireshark/files/capture_ethernet_16.xpm removed - pkgsrc/net/wireshark/files/capture_prepare_16.xpm removed - pkgsrc/net/wireshark/patches/patch-aa 1.6 Module Name: pkgsrc Committed By: tron Date: Sat Feb 3 18:06:37 UTC 2007 Modified Files: pkgsrc/net/wireshark: Makefile PLIST distinfo Removed Files: pkgsrc/net/wireshark/files: capture_airpcap_16.xpm capture_capture_16.xpm capture_details_16.xpm capture_ethernet_16.xpm capture_prepare_16.xpm pkgsrc/net/wireshark/patches: patch-aa Log Message: Update "wireshark" package to version 0.99.5. Changes since version 0.99.4: - Bug Fixes o The TCP dissector could hang or crash while reassembling HTTP packets. Versions affected: 0.99.2 to 0.99.4 CVE-2007-0459 o The HTTP dissector could crash. Versions affected: 0.99.3 to 0.99.4 CVE-2007-0458 o On some systems, the IEEE 802.11 dissector could crash. Versions affected: 0.10.14 to 0.99.4 CVE-2007-0457 o On some systems, the LLT dissector could crash. Versions affected: 0.99.3 to 0.99.4 CVE-2007-0456 The following bugs have been fixed: o The end of HTTP chunked encoding wasn't being displayed. o The Follow TCP Stream window could omit characters. o Opening a flow graph could crash Wireshark. o Follow TCP Stream would sometimes get the direction wrong. o The foreground text in the coloring rules editor was always black. o The CSV export format was incorrect. o On some Windows systems Wireshark could take a long time to start up. o Malformed UDLD packets could cause an exception. o The ISUP statistics report could overflow a buffer and crash when displaying IPv6 addresses. - New and Updated Features o Decryption support for WPA/WPA2 and SNMPv3 has been added. The TDS / MS SQL dissector now de-obfuscates passwords. o 64-bit file handling has been improved. o The Find function now selects the corresponding packet detail item. Find functionality has been added to the TCP and SSL stream dialogs. o Main window keyboard navigation has been improved. o ASN.1 BER-encoded files can now be dissected according to a user-specified syntax. - New Protocol Support DMP, Homeplug (INT51X1), NBD, OMAPI, PKCS#12, RGMP, Roofnet, STUN v2 - Updated Protocol Support 2dparityfec, ACN, AIM, AMR, ANSI 637, ANSI A, ANSI MAP, ARP, ASN.1 BER, ASN.1 PER, BACapp, BPDU, CAMEL, DCERPC (DCERPC, EFS, EVENTLOG, NSPI, PN-IO, WINREG), DCOM CBA, DCP, DHCP, DHCPv6, DMP, DNS, E.164, EAP, EPL, ETSI DCP, FCP, GIOP, GSM A, H.245, H.248, HPSW, HTTP, ICMP, ICMPv6, IEEE 802.11, IMAP, INAP, IPMI, IPsec, IRC, ISAKMP, iSCSI, ISIS LSP, IuUP, K12, Kerberos, LDAP, LLDP, MEGACO, MGCP, MIME Multipart, MMS, MMSE, MSRP, MySQL, NetFlow, NFS, NTLMSSP, NTP, OSPF, PN-PTCP, PPPoE, Q.931, Radiotap, RADIUS, RPC, RSVP, RTCP, S4406, SCCP, SCSI, SDP, SES, sFlow, SIGCOMP, SIP, SIR, Skinny, SMB (SMB, NETLOGON), SMTP, SNMP, SPNEGO, SSL, T.38, TCP, TDS, text/media, TIPC, UDLD, UDP Lite, UDP, UMA, UMTS FP, USB, VNC, WBXML, WLCCP, WSP, X.411, X.420, XML, XOT, YMSG - New and Updated Capture File Support Catapult DCT2000, Netttl, Windows Sniffer / NetXray --- Module Name: pkgsrc Committed By: tron Date: Wed Feb 7 15:18:23 UTC 2007 Modified Files: pkgsrc/net/wireshark: Makefile distinfo Added Files: pkgsrc/net/wireshark/patches: patch-aa Log Message: Stop the bundled LALR(1) parser generator "lemon" for writing bogus line numbers into generated ".c" files. The GCC 3.3.3 distributed with NetBSD-i386 3.3.1 can now build this package without problems. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.6 2007/02/07 15:18:23 tron Exp $ d3 48 a50 15 Fix build with GCC 3.3.x, see: http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1357 --- tools/lemon/lemon.c.orig 2007-02-01 22:53:43.000000000 +0000 +++ tools/lemon/lemon.c 2007-02-07 14:54:00.000000000 +0000 @@@@ -3095,6 +3095,9 @@@@ /* Print a #line directive line to the output file. */ PRIVATE void tplt_linedir(FILE *out, int lineno, char *filename) { + if (lineno > 65536) + return; + fprintf(out,"#line %d \"",lineno); while( *filename ){ if( *filename == '\\' ) putc('\\',out); @ 1.3 log @Update "wireshark" package to version 0.99.3. Changes since 0.99.3: The following vulnerabilities have been fixed: o The SCSI dissector could crash. Versions affected: 0.99.2. o If Wireshark was compiled with ESP decryption support, the IPsec ESP preference parser was susceptible to off-by-one errors. Versions affected: 0.99.2. o If the SSCOP dissector has a port range configured and the SSCOP payload protocol is Q.2931, a malformed packet could make the Q.2931 dissector use up available memory. No port range is configured by default. Versions affected: 0.7.9 - 0.99.2. The following bugs have been fixed: o The VOIP call analysis feature could cause an assertion. o The RTP analysis feature could freeze for an extended period. o Selecting "Apply as Filter" wouldn't work for some tree items. New and Updated Features The following features are new (or have been significantly updated) since the last release: o The packet list context menu now includes a conversation filter. o Wireshark can now generate ACL rules for several popular firewall products. New Protocol Support Daytime, JPEG (RTP payload), Pegasus Lightweight Stream Control, Pro-MPEG FEC, UMTS RRC, Veritas Low Latency Transport Updated Protocol Support All ASN.1 dissectors, 3G A11, 802.11, AIM SST, AJP13, ANSI 637, AVS WLAN, BACapp, BFD, CDP, Cisco WIDS, DCERPC (DCERPC, CONV, DFS, EPM, FLDB, NETLOGON, NT, PN-IO, RS_PGO), DCOM, DHCP, DIAMETER, DTLS, EAPOL, ESP, H.225, H.245, H.450, HTTP, IPv6, ISAKMP, Juniper, Kerberos, L2TP, LDAP, MSRP, NTLMSSP, PN-CBA, PN-RT, Prism, RSVP, RTCP, RUDP, SCSI, SCTP, SDP, SIP, SIPFRAG, Skinny, SMB, SSL, TCP, text/media, Time, XML New and Updated Capture File Support Catapult DCT2000, nettl @ text @d3 3 a5 3 --- epan/dissectors/packet-radiotap.c.orig 2006-08-23 23:26:24.000000000 +0100 +++ epan/dissectors/packet-radiotap.c 2006-08-24 10:19:28.000000000 +0100 @@@@ -397,7 +397,12 @@@@ a8 2 - gboolean has_fcs = FALSE; + gboolean has_fcs = FALSE; d11 3 a13 3 + align = ((offset + ((size) - 1)) & ~((size) - 1)) - offset; \ + offset += align; \ + length_remaining -= align d17 1 a17 1 @@@@ -569,6 +574,7 @@@@ d25 1 a25 1 @@@@ -586,6 +592,7 @@@@ d33 1 a33 1 @@@@ -595,6 +602,9 @@@@ d43 1 a43 1 @@@@ -605,6 +615,7 @@@@ @ 1.3.2.1 log @Pullup ticket 1893 - requested by tron security update for wireshark - pkgsrc/net/wireshark/Makefile 1.5 - pkgsrc/net/wireshark/PLIST 1.4 - pkgsrc/net/wireshark/distinfo 1.4 - pkgsrc/net/wireshark/patches/patch-aa 1.4 Module Name: pkgsrc Committed By: tron Date: Wed Nov 1 12:59:42 UTC 2006 Modified Files: pkgsrc/net/wireshark: Makefile PLIST distinfo pkgsrc/net/wireshark/patches: patch-aa Log Message: Update "wireshark" package to version 0.99.4. Changes since version 0.99.3: - Bug fixes o The HTTP dissector could crash. (Bugs 1050 and 1079) Versions affected: 0.99.3. CVE-2006-5468 o The LDAP dissector (and possibly others) could crash. (Bug 1054) Versions affected: 0.99.3. o The XOT dissector could attempt to allocate a large amount of memory and crash. (Bug 1133) Versions affected: 0.9.8 to 0.99.3. CVE-2006-4805 o The WBXML dissector could crash. (Bug 1134) Versions affected: 0.10.11 to 0.99.3. CVE-2006-5469 o The MIME Multipart dissector was susceptible to an off-by-one error. (Bug 1135) Versions affected: 0.10.1 to 0.99.3. CVE-2006-4574 o If AirPcap support was enabled, parsing a WEP key could sometimes cause a crash. Versions affected: 0.99.3. o The file set dialog could grow excessively large. (Bug 331) o Trying to save flow data may crash Wireshark. (Bug 396) o The personal hosts configuration file wasn't being parsed correctly. (Bug 795) o "Save as" to an existing file wasn't allowed. (Bug 927) o The SNMP dissector was not handling 64-bit counters properly. (Bug 1047) o The HTTP content-length field was a string instead of an integer. (Bug 1109) o Invalid characters could show up in PDML output. (Bug 1110) - New and Updated Features o AirPcap, support (which provides raw mode capture under Windows) has been enhanced to allow capturing on multiple AirPcap adapters simultaneously using the Multi-Channel Aggregator. o VoIP call playback has been enhanced. If Wireshark is linked with the PortAudio library, you can play back G.711 conversations. o The capture interface dialog display has been enhanced. o The "Save" button has been removed from the "Ok" / "Apply" / "Cancel" button group in the following dialogs: o Edit/Preferences o View/Coloring Rules o Capture/Capture Filters o Analyze/Display Filters o Analyze/Enabled Protocols If you're fond of the "Save" button it can be resurrected in the User Interface preferences. o Expert analysis has been improved. o Wireshark now supports USB as a media type. If you're running a Linux distribution with version 2.6.11 of the kernel or greater and you have the usbmon module enabled and you have a recent CVS version of libpcap (post-0.9.5) installed you can also do live captures. More details can be found at the USB capture setup page on the wiki. o The number of WEP keys that the user can specify in the IEEE 802.11 protocol preferences has been increased from 4 to 64. - New Protocol Support Enea LINX, Ethernet Powerlink (v1 and v2), H.248 Q.1950 Annex A, Linux pktgen, MP2T, NEWMAIL, PNG, SCSI OSD, UDLD, UMTS FP, USB, WLCCP, WZCSVC - Updated Protocol Support 3Com NJACK, 802.11, ACSE, AH, ALCAP, ANSI MAP, ATM, ASN.1, BACapp, BER, BGP, BSSAP, Camel, Catapult DCT2000, CFlow, CLNP, Common Windows networking, DAP, DCERPC (DCERPC, ATSVC, DFS, EFS, EPM, EVENTLOG, INITSHUTDOWN, MAPI, NT, PIPE, SAMR, SPOOLSS, SRVSVC, SVCCTL, WINREG), DCOM (DCOM, CBA-ACCO, SYSACT), DIAMETER, DISP, DNS, DOP, DSP, ESP, Ethernet, FC, FCP, GSM A, GSM MAP, GSM SMS, GSSAPI, GTP, H.225, H.245, H.248, HTTP, ICQ, IKE, ISAKMP, iSCSI, ISUP, IUUP, Kerberos 4, LAP-D, LDAP, LLC, LogotypeCertExtn, MEGACO, MIME Multipart, MIP6, MMS, MSRP, MTP3, NCP, NDMP, NDPS, NFS, NTP, OSI, PER, PN-MRP, PPP, 19154Q.931, RADIUS, Redback, RPC, RTCP, RTP, SCCP, SCSI, SDP, SIP, SMB, SMRSE, SNMP, SSL, STANAG 5066, STP, TCAP, TCP, TFTP, TIPC, UDP, UMA, VLAN, VNC, VRRP, X.509ce X11, YMSG, WTLS - Removed Protocols The CISCOWL dissector has been superseded by WLCCP. - New and Updated Capture File Support Catapult DCT2000, EyeSDN, iSeries @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.4 2006/11/01 12:59:42 tron Exp $ d3 3 a5 3 --- epan/dissectors/packet-radiotap.c.orig 2006-10-31 17:59:09.000000000 +0000 +++ epan/dissectors/packet-radiotap.c 2006-11-01 11:44:20.000000000 +0000 @@@@ -531,6 +531,11 @@@@ d9 2 d13 3 a15 3 + align = ((offset + ((size) - 1)) & ~((size) - 1)) - offset; \ + offset += align; \ + length_remaining -= align d19 1 a19 1 @@@@ -745,6 +750,7 @@@@ d27 1 a27 1 @@@@ -762,6 +768,7 @@@@ d35 1 a35 1 @@@@ -771,6 +778,9 @@@@ d45 1 a45 1 @@@@ -781,6 +791,7 @@@@ @ 1.2 log @-remove old patch for the offset calculation of the inner packet, the original code is fixed now -re-add alignment fixes for variable radiotap elements bump PKGREVISION @ text @d3 3 a5 3 --- epan/dissectors/packet-radiotap.c.orig 2006-07-17 21:59:28.000000000 +0200 +++ epan/dissectors/packet-radiotap.c @@@@ -388,6 +388,11 @@@@ dissect_radiotap(tvbuff_t *tvb, packet_i d9 2 d13 3 a15 3 + align = ((offset + ((size) - 1)) & ~((size) - 1)) - offset; \ + offset += align; \ + length_remaining -= align d19 1 a19 1 @@@@ -559,6 +564,7 @@@@ dissect_radiotap(tvbuff_t *tvb, packet_i d27 2 a28 2 @@@@ -577,6 +583,7 @@@@ dissect_radiotap(tvbuff_t *tvb, packet_i case IEEE80211_RADIOTAP_LOCK_QUALITY: d35 1 a35 1 @@@@ -586,6 +593,9 @@@@ dissect_radiotap(tvbuff_t *tvb, packet_i d45 8 @ 1.1 log @Add new "wireshark" package. Wireshark is a network protocol analyzer and the successor of "ethereal". Changes since "ethereal" version 0.99.0: - The GSM BSSMAP dissector could crash. Versions affected: 0.10.11. - The ANSI MAP dissector was vulnerable to a format string overflow. Versions affected: 0.10.0. - The Checkpoint FW-1 dissector was vulnerable to a format string overflow. Versions affected: 0.10.10. - The MQ dissector was vulnerable to a format string overflow. Versions affected: 0.10.4. - The XML dissector was vulnerable to a format string overflow. Versions affected: 0.10.13. - The MOUNT dissector could attempt to allocate large amounts of memory. Versions affected: 0.9.4. - The NCP NMAS and NDPS dissectors were susceptible to off-by-one errors. Versions affected: 0.9.7. - The NTP dissector was vulnerable to a format string overflow. Versions affected: 0.10.13. - The SSH dissector was vulnerable to an infinite loop. Versions affected: 0.9.10. - The NFS dissector may have been susceptible to a buffer overflow. Versions affected: 0.8.16. - The "Follow TCP Stream" dialog now wraps long lines. - Problems with ring buffers under 0.99.0 have been fixed. - It was possible for Wireshark to crash when closing the capture information dialog. This has been fixed. - It was possible for Wireshark to crash when using the "Find" feature. This has been fixed. - Wireshark could crash if an interface was removed while viewing the interface list. This has been fixed. - Multicast stream analysis (Statistics->Multicast Streams) has been added. It lets you determine burst size, output buffer size, and losses for multicast data. - TCP reassembly has been updated and improved. - Expert analysis has been updated and improved. - SCSI service response time statistics have been added. - You can now find next/previous marked frames. - The LDAP and SNMP dissectors have been completely rewriten. - The SMB dissector now tracks filenames and share names. @ text @d3 11 a13 9 --- epan/dissectors/packet-radiotap.c.orig 2006-07-17 20:59:28.000000000 +0100 +++ epan/dissectors/packet-radiotap.c 2006-07-21 13:36:03.000000000 +0100 @@@@ -610,7 +610,7 @@@@ /* dissect the 802.11 header next */ call_dissector((rflags & IEEE80211_RADIOTAP_F_DATAPAD) ? ieee80211_datapad_handle : ieee80211_handle, - tvb_new_subset(tvb, length, -1, -1), pinfo, tree); + tvb_new_subset(tvb, offset + length, -1, -1), pinfo, tree); } d15 28 a42 1 void @ 1.1.2.1 log @file patch-aa was added on branch pkgsrc-2006Q2 on 2006-07-21 14:27:53 +0000 @ text @d1 13 @ 1.1.2.2 log @Pullup ticket 1744 - requested by tron replace ethereal with wireshark Revisions pulled up: - pkgsrc/net/Makefile 1.628, 1.629 - pkgsrc/net/wireshark/DESCR 1.1, 1.2 - pkgsrc/net/wireshark/Makefile 1.1 - pkgsrc/net/wireshark/PLIST 1.1, 1.2 - pkgsrc/net/wireshark/distinfo 1.1 - pkgsrc/net/wireshark/patches/patch-aa 1.1 - pkgsrc/net/wireshark/patches/patch-ab 1.1 - pkgsrc/net/ethereal/DESCR removed - pkgsrc/net/ethereal/Makefile removed - pkgsrc/net/ethereal/PLIST removed - pkgsrc/net/ethereal/distinfo removed - pkgsrc/net/ethereal/patches/patch-aa removed - pkgsrc/net/ethereal/patches/patch-ab removed Module Name: pkgsrc Committed By: tron Date: Fri Jul 21 14:27:53 UTC 2006 Modified Files: pkgsrc/net: Makefile pkgsrc/net/ethereal: Makefile Added Files: pkgsrc/net/wireshark: DESCR Makefile PLIST distinfo pkgsrc/net/wireshark/patches: patch-aa patch-ab Log Message: Add new "wireshark" package. Wireshark is a network protocol analyzer and the successor of "ethereal". Changes since "ethereal" version 0.99.0: - The GSM BSSMAP dissector could crash. Versions affected: 0.10.11. - The ANSI MAP dissector was vulnerable to a format string overflow. Versions affected: 0.10.0. - The Checkpoint FW-1 dissector was vulnerable to a format string overflow. Versions affected: 0.10.10. - The MQ dissector was vulnerable to a format string overflow. Versions affected: 0.10.4. - The XML dissector was vulnerable to a format string overflow. Versions affected: 0.10.13. - The MOUNT dissector could attempt to allocate large amounts of memory. Versions affected: 0.9.4. - The NCP NMAS and NDPS dissectors were susceptible to off-by-one errors. Versions affected: 0.9.7. - The NTP dissector was vulnerable to a format string overflow. Versions affected: 0.10.13. - The SSH dissector was vulnerable to an infinite loop. Versions affected: 0.9.10. - The NFS dissector may have been susceptible to a buffer overflow. Versions affected: 0.8.16. - The "Follow TCP Stream" dialog now wraps long lines. - Problems with ring buffers under 0.99.0 have been fixed. - It was possible for Wireshark to crash when closing the capture information dialog. This has been fixed. - It was possible for Wireshark to crash when using the "Find" feature. This has been fixed. - Wireshark could crash if an interface was removed while viewing the interface list. This has been fixed. - Multicast stream analysis (Statistics->Multicast Streams) has been added. It lets you determine burst size, output buffer size, and losses for multicast data. - TCP reassembly has been updated and improved. - Expert analysis has been updated and improved. - SCSI service response time statistics have been added. - You can now find next/previous marked frames. - The LDAP and SNMP dissectors have been completely rewriten. - The SMB dissector now tracks filenames and share names. --- Module Name: pkgsrc Committed By: tron Date: Fri Jul 21 14:39:33 UTC 2006 Modified Files: pkgsrc/net/wireshark: DESCR Log Message: It's called "wireshark" now, not "ethereal". --- Module Name: pkgsrc Committed By: salo Date: Fri Jul 21 14:53:00 UTC 2006 Modified Files: pkgsrc/net/wireshark: PLIST Log Message: sort. --- Module Name: pkgsrc Committed By: tron Date: Sat Jul 22 08:12:56 UTC 2006 Modified Files: pkgsrc/net: Makefile Removed Files: pkgsrc/net/ethereal: DESCR Makefile PLIST distinfo pkgsrc/net/ethereal/patches: patch-aa patch-ab Log Message: Remove "ethereal" package which has been superseded by "wireshark". Approved by frueauf@@. @ text @a0 13 $NetBSD: patch-aa,v 1.1.2.1 2006/07/22 16:14:33 salo Exp $ --- epan/dissectors/packet-radiotap.c.orig 2006-07-17 20:59:28.000000000 +0100 +++ epan/dissectors/packet-radiotap.c 2006-07-21 13:36:03.000000000 +0100 @@@@ -610,7 +610,7 @@@@ /* dissect the 802.11 header next */ call_dissector((rflags & IEEE80211_RADIOTAP_F_DATAPAD) ? ieee80211_datapad_handle : ieee80211_handle, - tvb_new_subset(tvb, length, -1, -1), pinfo, tree); + tvb_new_subset(tvb, offset + length, -1, -1), pinfo, tree); } void @ 1.1.2.3 log @Pullup ticket 1752 - requested by tron bugfixes for wireshark Revisions pulled up: - pkgsrc/net/wireshark/Makefile 1.2 - pkgsrc/net/wireshark/distinfo 1.2 - pkgsrc/net/wireshark/patches/patch-aa 1.2 Module Name: pkgsrc Committed By: drochner Date: Sun Jul 23 17:31:08 UTC 2006 Modified Files: pkgsrc/net/wireshark: Makefile distinfo pkgsrc/net/wireshark/patches: patch-aa Log Message: -remove old patch for the offset calculation of the inner packet, the original code is fixed now -re-add alignment fixes for variable radiotap elements bump PKGREVISION @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.1.2.2 2006/07/23 23:22:05 salo Exp $ d3 9 a11 11 --- epan/dissectors/packet-radiotap.c.orig 2006-07-17 21:59:28.000000000 +0200 +++ epan/dissectors/packet-radiotap.c @@@@ -388,6 +388,11 @@@@ dissect_radiotap(tvbuff_t *tvb, packet_i guint8 db, rflags; guint32 present, next_present; int bit; + gint8 align; +#define RTALIGN(size) \ + align = ((offset + ((size) - 1)) & ~((size) - 1)) - offset; \ + offset += align; \ + length_remaining -= align d13 1 a13 28 if(check_col(pinfo->cinfo, COL_PROTOCOL)) col_set_str(pinfo->cinfo, COL_PROTOCOL, "WLAN"); @@@@ -559,6 +564,7 @@@@ dissect_radiotap(tvbuff_t *tvb, packet_i length_remaining--; break; case IEEE80211_RADIOTAP_CHANNEL: + RTALIGN(2); if (length_remaining < 4) break; if (tree) { @@@@ -577,6 +583,7 @@@@ dissect_radiotap(tvbuff_t *tvb, packet_i case IEEE80211_RADIOTAP_LOCK_QUALITY: case IEEE80211_RADIOTAP_TX_ATTENUATION: case IEEE80211_RADIOTAP_DB_TX_ATTENUATION: + RTALIGN(2); if (length_remaining < 2) break; #if 0 @@@@ -586,6 +593,9 @@@@ dissect_radiotap(tvbuff_t *tvb, packet_i length_remaining-=2; break; case IEEE80211_RADIOTAP_TSFT: +#if 0 /* can't happen because always first */ + RTALIGN(8); +#endif if (length_remaining < 8) break; if (tree) { @ 1.1.2.4 log @Pullup ticket 1805 - requested by tron security update for wireshark Revisions pulled up: - pkgsrc/net/wireshark/DESCR 1.3 - pkgsrc/net/wireshark/Makefile 1.3 - pkgsrc/net/wireshark/PLIST 1.3 - pkgsrc/net/wireshark/distinfo 1.3 - pkgsrc/net/wireshark/files/capture_airpcap_16.xpm 1.1 - pkgsrc/net/wireshark/files/capture_capture_16.xpm 1.1 - pkgsrc/net/wireshark/files/capture_details_16.xpm 1.1 - pkgsrc/net/wireshark/files/capture_ethernet_16.xpm 1.1 - pkgsrc/net/wireshark/files/capture_prepare_16.xpm 1.1 - pkgsrc/net/wireshark/patches/patch-aa 1.3 - pkgsrc/net/wireshark/patches/patch-ab removed Module Name: pkgsrc Committed By: ghen Date: Mon Jul 31 10:43:32 UTC 2006 Modified Files: pkgsrc/net/wireshark: DESCR Log Message: Note that Wireshark used to be called Ethereal. --- Module Name: pkgsrc Committed By: tron Date: Thu Aug 24 10:48:59 UTC 2006 Modified Files: pkgsrc/net/wireshark: Makefile PLIST distinfo pkgsrc/net/wireshark/patches: patch-aa Added Files: pkgsrc/net/wireshark/files: capture_airpcap_16.xpm capture_capture_16.xpm capture_details_16.xpm capture_ethernet_16.xpm capture_prepare_16.xpm Removed Files: pkgsrc/net/wireshark/patches: patch-ab Log Message: Update "wireshark" package to version 0.99.3. Changes since 0.99.3: The following vulnerabilities have been fixed: o The SCSI dissector could crash. Versions affected: 0.99.2. o If Wireshark was compiled with ESP decryption support, the IPsec ESP preference parser was susceptible to off-by-one errors. Versions affected: 0.99.2. o If the SSCOP dissector has a port range configured and the SSCOP payload protocol is Q.2931, a malformed packet could make the Q.2931 dissector use up available memory. No port range is configured by default. Versions affected: 0.7.9 - 0.99.2. The following bugs have been fixed: o The VOIP call analysis feature could cause an assertion. o The RTP analysis feature could freeze for an extended period. o Selecting "Apply as Filter" wouldn't work for some tree items. New and Updated Features The following features are new (or have been significantly updated) since the last release: o The packet list context menu now includes a conversation filter. o Wireshark can now generate ACL rules for several popular firewall products. New Protocol Support Daytime, JPEG (RTP payload), Pegasus Lightweight Stream Control, Pro-MPEG FEC, UMTS RRC, Veritas Low Latency Transport Updated Protocol Support All ASN.1 dissectors, 3G A11, 802.11, AIM SST, AJP13, ANSI 637, AVS WLAN, BACapp, BFD, CDP, Cisco WIDS, DCERPC (DCERPC, CONV, DFS, EPM, FLDB, NETLOGON, NT, PN-IO, RS_PGO), DCOM, DHCP, DIAMETER, DTLS, EAPOL, ESP, H.225, H.245, H.450, HTTP, IPv6, ISAKMP, Juniper, Kerberos, L2TP, LDAP, MSRP, NTLMSSP, PN-CBA, PN-RT, Prism, RSVP, RTCP, RUDP, SCSI, SCTP, SDP, SIP, SIPFRAG, Skinny, SMB, SSL, TCP, text/media, Time, XML New and Updated Capture File Support Catapult DCT2000, nettl @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.1.2.3 2006/08/24 11:51:06 salo Exp $ d3 3 a5 3 --- epan/dissectors/packet-radiotap.c.orig 2006-08-23 23:26:24.000000000 +0100 +++ epan/dissectors/packet-radiotap.c 2006-08-24 10:19:28.000000000 +0100 @@@@ -397,7 +397,12 @@@@ a8 2 - gboolean has_fcs = FALSE; + gboolean has_fcs = FALSE; d11 3 a13 3 + align = ((offset + ((size) - 1)) & ~((size) - 1)) - offset; \ + offset += align; \ + length_remaining -= align d17 1 a17 1 @@@@ -569,6 +574,7 @@@@ d25 2 a26 2 @@@@ -586,6 +592,7 @@@@ case IEEE80211_RADIOTAP_FHSS: d33 1 a33 1 @@@@ -595,6 +602,9 @@@@ a42 8 @@@@ -605,6 +615,7 @@@@ length_remaining-=8; break; case IEEE80211_RADIOTAP_LOCK_QUALITY: + RTALIGN(2); if (length_remaining < 2) break; if (tree) { @