head 1.7; access; symbols pkgsrc-2013Q2:1.7.0.6 pkgsrc-2013Q2-base:1.7 pkgsrc-2012Q4:1.7.0.4 pkgsrc-2012Q4-base:1.7 pkgsrc-2011Q4:1.7.0.2 pkgsrc-2011Q4-base:1.7 pkgsrc-2011Q2:1.6.0.8 pkgsrc-2011Q2-base:1.6 pkgsrc-2011Q1:1.6.0.6 pkgsrc-2011Q1-base:1.6 pkgsrc-2010Q4:1.6.0.4 pkgsrc-2010Q4-base:1.6 pkgsrc-2010Q3:1.6.0.2 pkgsrc-2010Q3-base:1.6 pkgsrc-2010Q2:1.5.0.4 pkgsrc-2010Q2-base:1.5 pkgsrc-2010Q1:1.5.0.2 pkgsrc-2010Q1-base:1.5 pkgsrc-2009Q4:1.4.0.4 pkgsrc-2009Q4-base:1.4 pkgsrc-2009Q3:1.4.0.2 pkgsrc-2009Q3-base:1.4 pkgsrc-2009Q2:1.3.0.2 pkgsrc-2009Q2-base:1.3 pkgsrc-2008Q4:1.1.0.4 pkgsrc-2008Q4-base:1.1 pkgsrc-2008Q3:1.1.0.2; locks; strict; comment @# @; 1.7 date 2011.07.20.18.42.44; author tron; state dead; branches; next 1.6; 1.6 date 2010.09.25.11.19.10; author tron; state Exp; branches; next 1.5; 1.5 date 2010.01.29.12.09.52; author tron; state Exp; branches 1.5.4.1; next 1.4; 1.4 date 2009.07.21.20.39.41; author tron; state Exp; branches 1.4.4.1; next 1.3; 1.3 date 2009.06.05.16.05.55; author drochner; state Exp; branches 1.3.2.1; next 1.2; 1.2 date 2009.02.13.09.41.11; author tron; state dead; branches; next 1.1; 1.1 date 2008.11.25.22.53.55; author tron; state Exp; branches 1.1.2.1 1.1.4.1; next ; 1.5.4.1 date 2010.09.28.05.36.59; author spz; state Exp; branches; next ; 1.4.4.1 date 2010.01.30.08.46.15; author spz; state Exp; branches; next ; 1.3.2.1 date 2009.07.22.06.56.56; author spz; state Exp; branches; next ; 1.1.2.1 date 2008.11.25.22.53.55; author rtr; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2008.11.26.07.47.06; author rtr; state Exp; branches; next ; 1.1.4.1 date 2009.02.16.05.21.51; author rtr; state dead; branches; next ; desc @@ 1.7 log @Update "wireshark" package to version 1.6.1. The major changes since version 1.4.* are: - Wireshark is now distributed as an installation package rather than a drag-installer on OS X. The installer adds a startup item that should make it easier to capture packets. - Large file (greater than 2 GB) support has been improved. - Wireshark and TShark can import text dumps, similar to text2pcap. - You can now view Wireshark's dissector tables (for example the TCP port to dissector mappings) from the main window. - Wireshark can export SSL session keys via File→Export→SSL Session Keys... - TShark can show a specific occurrence of a field when using '-T fields'. - Custom columns can show a specific occurrence of a field. - You can hide columns in the packet list. - Wireshark can now export SMB objects. - dftest and randpkt now have manual pages. - TShark can now display iSCSI, ICMP and ICMPv6 service response times. - Dumpcap can now save files with a user-specified group id. - Syntax checking is done for capture filters. - You can display the compiled BPF code for capture filters in the Capture Options dialog. - You can now navigate backwards and forwards through TCP and UDP sessions using Ctrl+, and Ctrl+. . - Packet length is (finally) a default column. - TCP window size is now avaiable both scaled and unscaled. A TCP window scaling graph is available in the GUI. - 802.1q VLAN tags are now shown in the Ethernet II protocol tree instead of a separate tree. - Various dissectors now display some UTF-16 strings as proper Unicode including the DCE/RPC and SMB dissectors. - The RTP player now has an option to show the time of day in the graph in addition to the seconds since beginning of capture. - The RTP player now shows why media interruptions occur. - Graphs now save as PNG images by default. - TShark can read and write host name information from and to pcapng-formatted files. Wireshark can read it. TShark can dump host name information via [-z hosts] . - TShark's -z option now uses the [-z ,srt] syntax instead of [-z ,rtt] for all protocols that support service response time statistics. This matches Wireshark's syntax for this option. - Wireshark and TShark can now read compressed Windows Sniffer files. - New Protocol Support ADwin, ADwin-Config, Apache Etch, Aruba PAPI, Babel Routing Protocol, Broadcast/Multicast Control, Constrained Application Protocol (COAP), Digium TDMoE, Erlang Distribution Protocol, Ether-S-I/O, FastCGI, Fibre Channel over InfiniBand (FCoIB), Gopher, Gigamon GMHDR, IDMP, Infiniband Socket Direct Protocol (SDP), JSON, LISP Control, LISP Data, LISP, MikroTik MAC-Telnet, MRP Multiple Mac Registration Protocol (MMRP) Mongo Wire Protocol, MUX27010, Network Monitor 802.11 radio header, OPC UA ExtensionObjects, openSAFETY, PPI-GEOLOCATION-GPS, ReLOAD, ReLOAD Framing, RObust Header Compression (ROHC), RSIP, SAMETIME, SCoP, SGSAP, Tektronix Teklink, USB/AT Commands, uTorrent Transport Protocol, WAI authentication, Wi-Fi P2P (Wi-Fi Direct) - New and Updated Capture File Support Apple PacketLogger, Catapult DCT2000, Daintree SNA, Endace ERF, HP OpenVMS TCPTrace, IPFIX (the file format, not the protocol), Lucent/Ascend debug, Microsoft Network Monitor, Network Instruments, TamoSoft CommView @ text @$NetBSD: patch-ad,v 1.6 2010/09/25 11:19:10 tron Exp $ --- configure.orig 2010-08-29 23:20:30.000000000 +0100 +++ configure 2010-09-25 11:47:16.000000000 +0100 @@@@ -19604,7 +19604,7 @@@@ fi - if test x$have_ige_mac == x + if test x$have_ige_mac = x then # # Not found - check for the old integration functions in @@@@ -19660,7 +19660,7 @@@@ fi - if test x$have_ige_mac == x + if test x$have_ige_mac = x then # # Not found - check for the old integration functions in @ 1.6 log @Update "wireshark" package to version 1.4.0. Change since version 1.2.10: - The following bugs have been fixed: - Update time display in background. (Bug 1275) - Tshark returns 0 even with an invalid interface or capture filter. (Bug 4735) - The following features are new (or have been significantly updated) since version 1.2: - The packet list internals have been rewritten and are now more efficient. - Columns are easier to use. You can add a protocol field as a column by right-clicking on its packet detail item, and you can adjust some column preferences by right-clicking the column header. - Preliminary Python scripting support has been added. - Many memory leaks have been fixed. - Packets can now be ignored (excluded from dissection), similar to the way they can be marked. - Manual IP address resolution is now supported. - Columns with seconds can now be displayed as hours, minutes and seconds. - You can now set the capture buffer size on UNIX and Linux if you have libpcap 1.0.0 or greater. - TShark no longer needs elevated privileges on UNIX or Linux to list interfaces. Only dumpcap requires privileges now. - Wireshark and TShark can enable 802.11 monitor mode directly if you have libpcap 1.0.0 or greater. - You can play RTP streams directly from the RTP Analysis window. - Capinfos and editcap now respectively support time order checking and forcing. - Wireshark now has a "jump to timestamp" command-line option. - You can open JPEG files directly in Wireshark. - New Protocol Support 3GPP Nb Interface RTP Multiplex, Access Node Control Protocol, Apple Network-MIDI Session Protocol, ARUBA encapsulated remote mirroring, Assa Abloy R3, Asynchronous Transfer Mode, B.A.T.M.A.N. Advanced Protocol, Bluetooth AMP Packet, Bluetooth OBEX, Bundle Protocol, CIP Class Generic, CIP Connection Configuration Object, CIP Connection Manager, CIP Message Router, collectd network data, Control And Provisioning of Wireless Access Points, Controller Area Network, Device Level Ring, DOCSIS Bonded Initial Ranging Message, Dropbox LAN sync Discovery Protocol, Dropbox LAN sync Protocol, DTN TCP Convergence Layer Protocol, EtherCAT Switch Link, Fibre Channel Delimiters, File Replication Service DFS-R, Gateway Load Balancing Protocol, Gigamon Header, GigE Vision Control Protocol, Git Smart Protocol, GSM over IP ip.access CCM sub-protocol, GSM over IP protocol as used by ip.access, GSM Radiotap, HI2Operations, Host Identity Protocol, HP encapsulated remote mirroring, HP NIC Teaming Heartbeat, IEC61850 Sampled Values, IEEE 1722 Protocol, InfiniBand Link, Interlink Protocol, IPv6 over IEEE 802.15.4, ISO 10035-1 OSI Connectionless Association Control Service, ISO 9548-1 OSI Connectionless Session Protocol, ISO 9576-1 OSI Connectionless Presentation Protocol, ITU-T Q.708 ISPC Analysis, Juniper Packet Mirror, Licklider Transmission Protocol, MPLS PW ATM AAL5 CPCS-SDU mode encapsulation, MPLS PW ATM Cell Header, MPLS PW ATM Control Word, MPLS PW ATM N-to-One encapsulation, no CW, MPLS PW ATM N-to-One encapsulation, with CW, MPLS PW ATM One-to-One or AAL5 PDU encapsulation, Multiple Stream Reservation Protocol, NetPerfMeter Protocol, NetScaler Trace, NexusWare C7 MTP, NSN FLIP, OMRON FINS Protocol, packetbb Protocol, Peer Network Resolution Protocol, PKIX Attribute Certificate, Pseudowire Padding, Server/Application State Protocol, Solaris IPNET, TN3270 Protocol, TN5250 Protocol, TRILL, Twisted Banana, UMTS FP Hint, UMTS MAC, UMTS Metadata, UMTS RLC, USB HID, USB HUB, UTRAN Iuh interface HNBAP signalling, UTRAN Iuh interface RUA signalling, V5.2, Vendor Specific Control Protocol, Vendor Specific Network Protocol, VMware Lab Manager, VXI-11 Asynchronous Abort, VXI-11 Core Protocol, VXI-11 Interrupt, X.411 Message Access Service, ZigBee Cluster Library - Updated Protocol Support There are too many to list here. - New and Updated Capture File Support Accellent 5Views, ASN.1 Basic Encoding Rules, Catapult DCT2000, Daintree SNA, Endace ERF, EyeSDN, Gammu DCT3 trace, IBM iSeries, JPEG/JFIF, libpcap, Lucent/Ascend access server trace, NetScaler, PacketLogger, pcapng, Shomiti/Finisar Surveyor, Sun snoop, Symbian OS btsnoop, Visual Networks Pkgsrc changes: A fix for the security vulnerability reported in SA41535 has been integrated from the Wireshark SVN repository. @ text @d1 1 a1 1 $NetBSD$ @ 1.5 log @Update "wireshark" package to version 1.2.6. Changes since version 1.2.5: - Bug Fixes The following vulnerabilities have been fixed. See the security advisory for details and a workaround. - Babi discovered several buffer overflows in the LWRES dissector. The following bugs have been fixed: - Wireshark could crash while decrypting Kerberos data. - Address display filters hang Wireshark. (Bug 658) - PSML - structure context node missing. (Bug 1564) - Wireshark doesn't dynamically update the packet list. (Bug 1605) - LUA: There's no tvb_get_stringz() equivalent. (Bug 2244) - tvb_new_real_data is prone to memory leak. (Bug 3917) - Malformed OPC UA traffic makes Wireshark "freeze". (Bug 3986) - Analyze->Expert... doesn't show IP "Bad Checksum" errors. (Bug 4177) - Wireshark can't decrypt WPA(2)-PSK when passphrase is 63 bytes. (Bug 4183) - RTP stream analysis: Wrong jitter values after clicking the refresh button. (Bug 4340) - Wireshark decodes bootp option 2 incorrectly. (Bug 4342) - Deleting SMI modules causes Wireshark to crash. (Bug 4354) - Wireshark decodes kerberos AS-REQ PADATA incorrect. (Bug 4363) - PDML output from TShark includes invalid characters. (Bug 4402) - Empty GPRS LLC S frames cause truncated data exception. (Bug 4417) - Updated Protocol Support BJNP, BOOTP/DHCP, DHCPv6, FIP, GPRS LLC, IEEE 802.11, IP, Kerberos, OPCUA, SCTP, SSL, ZRTP @ text @d3 3 a5 3 --- configure.orig 2010-01-27 16:14:11.000000000 +0000 +++ configure 2010-01-29 11:42:14.000000000 +0000 @@@@ -14889,7 +14889,7 @@@@ d12 11 a22 2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ige_mac_menu_set_menu_bar in -ligemacintegration" >&5 $as_echo_n "checking for ige_mac_menu_set_menu_bar in -ligemacintegration... " >&6; } @ 1.5.4.1 log @Pullup ticket 3232 - requested by tron security update Revisions pulled up: - pkgsrc/net/wireshark/Makefile 1.52 - pkgsrc/net/wireshark/PLIST 1.19 - pkgsrc/net/wireshark/distinfo 1.34 - pkgsrc/net/wireshark/patches/patch-ad 1.6 Files added: - pkgsrc/net/wireshark/patches/patch-ae ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Sep 25 11:19:10 UTC 2010 Modified Files: pkgsrc/net/wireshark: Makefile PLIST distinfo pkgsrc/net/wireshark/patches: patch-ad Added Files: pkgsrc/net/wireshark/patches: patch-ae Log Message: Update "wireshark" package to version 1.4.0. Change since version 1.2.10: - The following bugs have been fixed: - Update time display in background. (Bug 1275) - Tshark returns 0 even with an invalid interface or capture filter. (Bug 4735) - The following features are new (or have been significantly updated) since version 1.2: - The packet list internals have been rewritten and are now more efficient. - Columns are easier to use. You can add a protocol field as a column by right-clicking on its packet detail item, and you can adjust some column preferences by right-clicking the column header. - Preliminary Python scripting support has been added. - Many memory leaks have been fixed. - Packets can now be ignored (excluded from dissection), similar to the way they can be marked. - Manual IP address resolution is now supported. - Columns with seconds can now be displayed as hours, minutes and seconds. - You can now set the capture buffer size on UNIX and Linux if you have libpcap 1.0.0 or greater. - TShark no longer needs elevated privileges on UNIX or Linux to list interfaces. Only dumpcap requires privileges now. - Wireshark and TShark can enable 802.11 monitor mode directly if you have libpcap 1.0.0 or greater. - You can play RTP streams directly from the RTP Analysis window. - Capinfos and editcap now respectively support time order checking and forcing. - Wireshark now has a "jump to timestamp" command-line option. - You can open JPEG files directly in Wireshark. - New Protocol Support 3GPP Nb Interface RTP Multiplex, Access Node Control Protocol, Apple Network-MIDI Session Protocol, ARUBA encapsulated remote mirroring, Assa Abloy R3, Asynchronous Transfer Mode, B.A.T.M.A.N. Advanced Protocol, Bluetooth AMP Packet, Bluetooth OBEX, Bundle Protocol, CIP Class Generic, CIP Connection Configuration Object, CIP Connection Manager, CIP Message Router, collectd network data, Control And Provisioning of Wireless Access Points, Controller Area Network, Device Level Ring, DOCSIS Bonded Initial Ranging Message, Dropbox LAN sync Discovery Protocol, Dropbox LAN sync Protocol, DTN TCP Convergence Layer Protocol, EtherCAT Switch Link, Fibre Channel Delimiters, File Replication Service DFS-R, Gateway Load Balancing Protocol, Gigamon Header, GigE Vision Control Protocol, Git Smart Protocol, GSM over IP ip.access CCM sub-protocol, GSM over IP protocol as used by ip.access, GSM Radiotap, HI2Operations, Host Identity Protocol, HP encapsulated remote mirroring, HP NIC Teaming Heartbeat, IEC61850 Sampled Values, IEEE 1722 Protocol, InfiniBand Link, Interlink Protocol, IPv6 over IEEE 802.15.4, ISO 10035-1 OSI Connectionless Association Control Service, ISO 9548-1 OSI Connectionless Session Protocol, ISO 9576-1 OSI Connectionless Presentation Protocol, ITU-T Q.708 ISPC Analysis, Juniper Packet Mirror, Licklider Transmission Protocol, MPLS PW ATM AAL5 CPCS-SDU mode encapsulation, MPLS PW ATM Cell Header, MPLS PW ATM Control Word, MPLS PW ATM N-to-One encapsulation, no CW, MPLS PW ATM N-to-One encapsulation, with CW, MPLS PW ATM One-to-One or AAL5 PDU encapsulation, Multiple Stream Reservation Protocol, NetPerfMeter Protocol, NetScaler Trace, NexusWare C7 MTP, NSN FLIP, OMRON FINS Protocol, packetbb Protocol, Peer Network Resolution Protocol, PKIX Attribute Certificate, Pseudowire Padding, Server/Application State Protocol, Solaris IPNET, TN3270 Protocol, TN5250 Protocol, TRILL, Twisted Banana, UMTS FP Hint, UMTS MAC, UMTS Metadata, UMTS RLC, USB HID, USB HUB, UTRAN Iuh interface HNBAP signalling, UTRAN Iuh interface RUA signalling, V5.2, Vendor Specific Control Protocol, Vendor Specific Network Protocol, VMware Lab Manager, VXI-11 Asynchronous Abort, VXI-11 Core Protocol, VXI-11 Interrupt, X.411 Message Access Service, ZigBee Cluster Library - Updated Protocol Support There are too many to list here. - New and Updated Capture File Support Accellent 5Views, ASN.1 Basic Encoding Rules, Catapult DCT2000, Daintree SNA, Endace ERF, EyeSDN, Gammu DCT3 trace, IBM iSeries, JPEG/JFIF, libpcap, Lucent/Ascend access server trace, NetScaler, PacketLogger, pcapng, Shomiti/Finisar Surveyor, Sun snoop, Symbian OS btsnoop, Visual Networks Pkgsrc changes: A fix for the security vulnerability reported in SA41535 has been integrated from the Wireshark SVN repository. To generate a diff of this commit: cvs rdiff -u -r1.51 -r1.52 pkgsrc/net/wireshark/Makefile cvs rdiff -u -r1.18 -r1.19 pkgsrc/net/wireshark/PLIST cvs rdiff -u -r1.33 -r1.34 pkgsrc/net/wireshark/distinfo cvs rdiff -u -r1.5 -r1.6 pkgsrc/net/wireshark/patches/patch-ad cvs rdiff -u -r0 -r1.1 pkgsrc/net/wireshark/patches/patch-ae @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.6 2010/09/25 11:19:10 tron Exp $ d3 3 a5 3 --- configure.orig 2010-08-29 23:20:30.000000000 +0100 +++ configure 2010-09-25 11:47:16.000000000 +0100 @@@@ -19604,7 +19604,7 @@@@ d12 2 a13 11 # # Not found - check for the old integration functions in @@@@ -19660,7 +19660,7 @@@@ fi - if test x$have_ige_mac == x + if test x$have_ige_mac = x then # # Not found - check for the old integration functions in @ 1.4 log @Update "wireshark" package to version 1.2.1. Changes since version 1.0.8: New features: - Wireshark has a spiffy new start page. - Display filters now autocomplete. - Support for the c-ares resolver library has been added. It has many - advantages over ADNS. - Many new protocol dissectors and capture file formats have been added. - Macintosh OS X support has been improved. - GeoIP database lookups. - OpenStreetMap + GeoIP integration. - Improved Postscript(R) print output. - The preference handling code is now much smarter about changes. - Support for Pcap-ng, the next-generation capture file format. - Support for process information correlation via IPFIX. - Column widths are now saved. - The last used configuration profile is now saved. - Protocol preferences are changeable from the packet details context menu. - Support for IP packet comparison. - Capinfos now shows the average packet rate. Security fixes: - The AFS dissector could crash. - The Infiniband dissector could crash on some platforms. @ text @d3 3 a5 3 --- configure.orig 2009-07-20 00:24:18.000000000 +0200 +++ configure @@@@ -25051,7 +25051,7 @@@@ _ACEOF d12 2 a13 2 { echo "$as_me:$LINENO: checking for ige_mac_menu_set_menu_bar in -ligemacintegration" >&5 echo $ECHO_N "checking for ige_mac_menu_set_menu_bar in -ligemacintegration... $ECHO_C" >&6; } @ 1.4.4.1 log @Pullup ticket 2980 - requested by tron security update Revisions pulled up: - pkgsrc/net/wireshark/Makefile 1.42 - pkgsrc/net/wireshark/distinfo 1.28 - pkgsrc/net/wireshark/patches/patch-ad 1.5 ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Fri Jan 29 12:09:53 UTC 2010 Modified Files: pkgsrc/net/wireshark: Makefile distinfo pkgsrc/net/wireshark/patches: patch-ad Log Message: Update "wireshark" package to version 1.2.6. Changes since version 1.2.5: - Bug Fixes The following vulnerabilities have been fixed. See the security advisory for details and a workaround. - Babi discovered several buffer overflows in the LWRES dissector. The following bugs have been fixed: - Wireshark could crash while decrypting Kerberos data. - Address display filters hang Wireshark. (Bug 658) - PSML - structure context node missing. (Bug 1564) - Wireshark doesn't dynamically update the packet list. (Bug 1605) - LUA: There's no tvb_get_stringz() equivalent. (Bug 2244) - tvb_new_real_data is prone to memory leak. (Bug 3917) - Malformed OPC UA traffic makes Wireshark "freeze". (Bug 3986) - Analyze->Expert... doesn't show IP "Bad Checksum" errors. (Bug 4177) - Wireshark can't decrypt WPA(2)-PSK when passphrase is 63 bytes. (Bug 4183) - RTP stream analysis: Wrong jitter values after clicking the refresh button. (Bug 4340) - Wireshark decodes bootp option 2 incorrectly. (Bug 4342) - Deleting SMI modules causes Wireshark to crash. (Bug 4354) - Wireshark decodes kerberos AS-REQ PADATA incorrect. (Bug 4363) - PDML output from TShark includes invalid characters. (Bug 4402) - Empty GPRS LLC S frames cause truncated data exception. (Bug 4417) - Updated Protocol Support BJNP, BOOTP/DHCP, DHCPv6, FIP, GPRS LLC, IEEE 802.11, IP, Kerberos, OPCUA, SCTP, SSL, ZRTP To generate a diff of this commit: cvs rdiff -u -r1.41 -r1.42 pkgsrc/net/wireshark/Makefile cvs rdiff -u -r1.27 -r1.28 pkgsrc/net/wireshark/distinfo cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/wireshark/patches/patch-ad @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.5 2010/01/29 12:09:52 tron Exp $ d3 3 a5 3 --- configure.orig 2010-01-27 16:14:11.000000000 +0000 +++ configure 2010-01-29 11:42:14.000000000 +0000 @@@@ -14889,7 +14889,7 @@@@ d12 2 a13 2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ige_mac_menu_set_menu_bar in -ligemacintegration" >&5 $as_echo_n "checking for ige_mac_menu_set_menu_bar in -ligemacintegration... " >&6; } @ 1.3 log @remove some appearently unnecessary "#include " so that this pkg can be built against a gnutls which was built without "openssl emulation". We build against the real openssl anyway, and having both the real openssl and one emulated by gnutls has some potential for namespace collisions, thus I'm considering to build the pkgsrc gnutls w/o openssl emulation. (This is just a build issue as far as wireshark is concerned, so no PKGREV bump is needed.) @ text @d3 4 a6 7 --- epan/dissectors/packet-ssl-utils.h.orig 2009-06-05 16:47:40.000000000 +0200 +++ epan/dissectors/packet-ssl-utils.h @@@@ -38,7 +38,6 @@@@ #include #include #include -#include a7 1 #include d9 5 @ 1.3.2.1 log @Pullup ticket 2832 - requested by tron security update Revisions pulled up: - pkgsrc/net/wireshark/Makefile 1.35 - pkgsrc/net/wireshark/PLIST 1.14 - pkgsrc/net/wireshark/distinfo 1.23 - pkgsrc/net/wireshark/patches/patch-aa 1.10 - pkgsrc/net/wireshark/patches/patch-ad 1.4 Module Name: pkgsrc Committed By: tron Date: Tue Jul 21 20:39:41 UTC 2009 Modified Files: pkgsrc/net/wireshark: Makefile PLIST distinfo pkgsrc/net/wireshark/patches: patch-aa patch-ad Log Message: Update "wireshark" package to version 1.2.1. Changes since version 1.0.8: New features: - Wireshark has a spiffy new start page. - Display filters now autocomplete. - Support for the c-ares resolver library has been added. It has many - advantages over ADNS. - Many new protocol dissectors and capture file formats have been added. - Macintosh OS X support has been improved. - GeoIP database lookups. - OpenStreetMap + GeoIP integration. - Improved Postscript(R) print output. - The preference handling code is now much smarter about changes. - Support for Pcap-ng, the next-generation capture file format. - Support for process information correlation via IPFIX. - Column widths are now saved. - The last used configuration profile is now saved. - Protocol preferences are changeable from the packet details context menu. - Support for IP packet comparison. - Capinfos now shows the average packet rate. Security fixes: - The AFS dissector could crash. - The Infiniband dissector could crash on some platforms. To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 pkgsrc/net/wireshark/Makefile cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/wireshark/PLIST cvs rdiff -u -r1.22 -r1.23 pkgsrc/net/wireshark/distinfo cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/wireshark/patches/patch-aa cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/wireshark/patches/patch-ad @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.4 2009/07/21 20:39:41 tron Exp $ d3 7 a9 4 --- configure.orig 2009-07-20 00:24:18.000000000 +0200 +++ configure @@@@ -25051,7 +25051,7 @@@@ _ACEOF fi d11 1 a12 5 - if test x$have_ige_mac == x + if test x$have_ige_mac = x then { echo "$as_me:$LINENO: checking for ige_mac_menu_set_menu_bar in -ligemacintegration" >&5 echo $ECHO_N "checking for ige_mac_menu_set_menu_bar in -ligemacintegration... $ECHO_C" >&6; } @ 1.2 log @Update "wireshark" package to version 1.0.6. Changes between 1.0.5 and 1.0.6.: - The following vulnerabilities have been fixed: * On non-Windows systems, Wireshark could crash if the HOME environment variable contained sprintf-style string formatting characters. * Wireshark could crash while reading a malformed NetScreen snoop file. * Wireshark could crash while reading a Tektronix K12 text capture file. - The following bugs have been fixed: * Crash when loading capture file and Preferences: NO Info column * Some Lua scripts may lead to corruption via out of bounds stack * Build with GLib 1.2 fails with error: 'G_MININT32' undeclared * Wrong decoding IMSI with GSM MAP protocol * Segmentation fault for "Follow TCP stream" (Bug 3119) * SMPP optional parameter 'network_error_code' incorrectly decoded * DHCPv6 dissector doesn't handle malformed FQDN * WCCP overrides CFLOW as decoded protocol (Bug 3175) * Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object * ANSI MAP fix for TRN digits/SMS and OTA subdissection (Bug 3214) - Updated Protocol Support * AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS - New and Updated Capture File Support * NetScreen snoop Changes between version 1.0.4 and 1.0.5: - The following vulnerabilities have been fixed. See the security advisory for details and a workaround. * The SMTP dissector could consume excessive amounts of CPU and memory. * The WLCCP dissector could go into an infinte loop. - The following bugs have been fixed: * Missing CRLF during HTTP POST in the "packet details" window * Memory assertion in time_secs_to_str_buf() when compiled with GCC 4.2.3 * Diameter dissector fails RFC 4005 compliance * LDP vendor private TLV type is not correctly shown * Wireshark on MacOS does not run when there are spaces in its path * Compilation broke when compiling without zlib * Memory leak: saved_repoid * Memory leak: follow_info * Memory leak: follow_info * Memory leak: tacplus_data * Memory leak: col_arrows * Memory leak: col_arrows * Incorrect address structure assigned for find_conversation() in WSP * Memory leak with unistim in voip_calls * Error parsing the BSSGP protocol * Assertion thrown in fvalue_get_uinteger when decoding TIPC * LUA script : Wireshark crashes after closing and opening again a window used by a listener.draw() function. - Updated Protocol Support * ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP, MPEG PES * PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG 5066, TACACS, TIPC * WLCCP, WSP The package update was provided by Matthias Drochner in private e-mail. @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.1 2008/11/25 22:53:55 tron Exp $ d3 7 a9 5 --- epan/dissectors/packet-smtp.c.orig 2008-10-20 20:19:31.000000000 +0100 +++ epan/dissectors/packet-smtp.c 2008-11-25 22:30:30.000000000 +0000 @@@@ -101,10 +101,6 @@@@ "DATA fragments" }; d11 1 a11 332 -/* Define media_type/Content type table */ -static dissector_table_t media_type_dissector_table; - - static dissector_handle_t imf_handle = NULL; /* @@@@ -179,6 +175,7 @@@@ gint length_remaining; gboolean eom_seen = FALSE; gint next_offset; + gint loffset; gboolean is_continuation_line; int cmdlen; fragment_data *frag_msg = NULL; @@@@ -221,21 +218,6 @@@@ * longer than what's in the buffer, so the "tvb_get_ptr()" call * won't throw an exception. */ - linelen = tvb_find_line_end(tvb, offset, -1, &next_offset, - smtp_desegment && pinfo->can_desegment); - if (linelen == -1) { - /* - * We didn't find a line ending, and we're doing desegmentation; - * tell the TCP dissector where the data for this message starts - * in the data it handed us, and tell it we need one more byte - * (we may need more, but we'll try again if what we get next - * isn't enough), and return. - */ - pinfo->desegment_offset = offset; - pinfo->desegment_len = 1; - return; - } - line = tvb_get_ptr(tvb, offset, linelen); frame_data = p_get_proto_data(pinfo->fd, proto_smtp); @@@@ -271,6 +253,42 @@@@ } + if(request) { + frame_data = se_alloc(sizeof(struct smtp_proto_data)); + + frame_data->conversation_id = conversation->index; + frame_data->more_frags = TRUE; + + p_add_proto_data(pinfo->fd, proto_smtp, frame_data); + + } + + loffset = offset; + while (tvb_offset_exists(tvb, loffset)) { + + linelen = tvb_find_line_end(tvb, loffset, -1, &next_offset, + smtp_desegment && pinfo->can_desegment); + if (linelen == -1) { + + if(offset == loffset) { + /* + * We didn't find a line ending, and we're doing desegmentation; + * tell the TCP dissector where the data for this message starts + * in the data it handed us, and tell it we need one more byte + * (we may need more, but we'll try again if what we get next + * isn't enough), and return. + */ + pinfo->desegment_offset = loffset; + pinfo->desegment_len = 1; + return; + } + else { + linelen = tvb_length_remaining(tvb, loffset); + next_offset = loffset + linelen; + } + } + line = tvb_get_ptr(tvb, loffset, linelen); + /* * Check whether or not this packet is an end of message packet * We should look for CRLF.CRLF and they may be split. @@@@ -286,16 +304,16 @@@@ * .CRLF at the begining of the same packet. */ - if ((request_val->crlf_seen && tvb_strneql(tvb, offset, ".\r\n", 3) == 0) || - tvb_strneql(tvb, offset, "\r\n.\r\n", 5) == 0) { + if ((request_val->crlf_seen && tvb_strneql(tvb, loffset, ".\r\n", 3) == 0) || + tvb_strneql(tvb, loffset, "\r\n.\r\n", 5) == 0) { eom_seen = TRUE; - } + } - length_remaining = tvb_length_remaining(tvb, offset); - if (length_remaining == tvb_reported_length_remaining(tvb, offset) && - tvb_strneql(tvb, offset + length_remaining - 2, "\r\n", 2) == 0) { + length_remaining = tvb_length_remaining(tvb, loffset); + if (length_remaining == tvb_reported_length_remaining(tvb, loffset) && + tvb_strneql(tvb, loffset + length_remaining - 2, "\r\n", 2) == 0) { request_val->crlf_seen = TRUE; @@@@ -314,11 +332,6 @@@@ if (request) { - frame_data = se_alloc(sizeof(struct smtp_proto_data)); - - frame_data->conversation_id = conversation->index; - frame_data->more_frags = TRUE; - if (request_val->reading_data) { /* * This is message data. @@@@ -333,6 +346,9 @@@@ */ frame_data->pdu_type = SMTP_PDU_EOM; request_val->reading_data = FALSE; + + break; + } else { /* * Message data with no EOM. @@@@ -344,7 +360,7 @@@@ * We are handling a BDAT message. * Check if we have reached end of the data chunk. */ - request_val->msg_read_len += tvb_length_remaining(tvb, offset); + request_val->msg_read_len += tvb_length_remaining(tvb, loffset); if (request_val->msg_read_len == request_val->msg_tot_len) { /* @@@@ -360,6 +376,8 @@@@ */ frame_data->more_frags = FALSE; } + + break; /* no need to go through the remaining lines */ } } } @@@@ -450,12 +468,15 @@@@ frame_data->pdu_type = request_val->data_seen ? SMTP_PDU_MESSAGE : SMTP_PDU_CMD; } - } + } - p_add_proto_data(pinfo->fd, proto_smtp, frame_data); + /* + * Step past this line. + */ + loffset = next_offset; - } + } } /* @@@@ -467,6 +488,7 @@@@ col_set_str(pinfo->cinfo, COL_PROTOCOL, "SMTP"); if (check_col(pinfo->cinfo, COL_INFO)) { /* Add the appropriate type here */ + col_clear(pinfo->cinfo, COL_INFO); /* * If it is a request, we have to look things up, otherwise, just @@@@ -481,21 +503,38 @@@@ case SMTP_PDU_MESSAGE: length_remaining = tvb_length_remaining(tvb, offset); - col_set_str(pinfo->cinfo, COL_INFO, smtp_data_desegment ? "DATA fragment" : "Message Body"); + col_set_str(pinfo->cinfo, COL_INFO, smtp_data_desegment ? "C: DATA fragment" : "C: Message Body"); col_append_fstr(pinfo->cinfo, COL_INFO, ", %d byte%s", length_remaining, plurality (length_remaining, "", "s")); break; case SMTP_PDU_EOM: - col_add_fstr(pinfo->cinfo, COL_INFO, "EOM: %s", - format_text(line, linelen)); + col_set_str(pinfo->cinfo, COL_INFO, "C: ."); + break; case SMTP_PDU_CMD: - col_add_fstr(pinfo->cinfo, COL_INFO, "Command: %s", - format_text(line, linelen)); + loffset = offset; + while (tvb_offset_exists(tvb, loffset)) { + /* + * Find the end of the line. + */ + linelen = tvb_find_line_end(tvb, loffset, -1, &next_offset, FALSE); + line = tvb_get_ptr(tvb, loffset, linelen); + + if(loffset == offset) + col_append_fstr(pinfo->cinfo, COL_INFO, "C: %s", + format_text(line, linelen)); + else { + col_append_fstr(pinfo->cinfo, COL_INFO, " | %s", + format_text(line, linelen)); + } + + loffset = next_offset; + + } break; } @@@@ -503,9 +542,24 @@@@ } else { - col_add_fstr(pinfo->cinfo, COL_INFO, "Response: %s", - format_text(line, linelen)); + loffset = offset; + while (tvb_offset_exists(tvb, loffset)) { + /* + * Find the end of the line. + */ + linelen = tvb_find_line_end(tvb, loffset, -1, &next_offset, FALSE); + line = tvb_get_ptr(tvb, loffset, linelen); + + if(loffset == offset) + col_append_fstr(pinfo->cinfo, COL_INFO, "S: %s", + format_text(line, linelen)); + else { + col_append_fstr(pinfo->cinfo, COL_INFO, " | %s", + format_text(line, linelen)); + } + loffset = next_offset; + } } } @@@@ -560,8 +614,7 @@@@ * DATA command this terminates before sending another * request, but we should probably handle it. */ - proto_tree_add_text(smtp_tree, tvb, offset, linelen, - "EOM: %s", format_text(line, linelen)); + proto_tree_add_text(smtp_tree, tvb, offset, linelen, "C: ."); if(smtp_data_desegment) { @@@@ -582,6 +635,15 @@@@ * previous command before sending another request, but we * should probably handle it. */ + + loffset = offset; + while (tvb_offset_exists(tvb, loffset)) { + + /* + * Find the end of the line. + */ + linelen = tvb_find_line_end(tvb, loffset, -1, &next_offset, FALSE); + if (linelen >= 4) cmdlen = 4; else @@@@ -591,16 +653,16 @@@@ /* * Put the command line into the protocol tree. */ - ti = proto_tree_add_text(smtp_tree, tvb, offset, next_offset - offset, + ti = proto_tree_add_text(smtp_tree, tvb, loffset, next_offset - loffset, "Command: %s", - tvb_format_text(tvb, offset, next_offset - offset)); + tvb_format_text(tvb, loffset, next_offset - loffset)); cmdresp_tree = proto_item_add_subtree(ti, ett_smtp_cmdresp); proto_tree_add_item(cmdresp_tree, hf_smtp_req_command, tvb, - offset, cmdlen, FALSE); + loffset, cmdlen, FALSE); if (linelen > 5) { proto_tree_add_item(cmdresp_tree, hf_smtp_req_parameter, tvb, - offset + 5, linelen - 5, FALSE); + loffset + 5, linelen - 5, FALSE); } if (smtp_data_desegment && !frame_data->more_frags) { @@@@ -609,6 +671,13 @@@@ frag_msg = fragment_end_seq_next (pinfo, frame_data->conversation_id, smtp_data_segment_table, smtp_data_reassembled_table); } + + /* + * Step past this line. + */ + loffset = next_offset; + + } } if (smtp_data_desegment) { @@@@ -693,8 +762,8 @@@@ /* * If it's not a continuation line, quit. */ - if (!is_continuation_line) - break; + /* if (!is_continuation_line) + break; */ } @@@@ -775,7 +844,6 @@@@ }; module_t *smtp_module; - proto_smtp = proto_register_protocol("Simple Mail Transfer Protocol", "SMTP", "smtp"); @@@@ -812,11 +880,6 @@@@ dissector_add("tcp.port", TCP_PORT_SMTP, smtp_handle); dissector_add("tcp.port", TCP_PORT_SUBMISSION, smtp_handle); - /* - * Get the content type and Internet media type table - */ - media_type_dissector_table = find_dissector_table("media_type"); - /* find the IMF dissector */ imf_handle = find_dissector("imf"); @ 1.1 log @Add fix for infinite loop in SMTP dissector from Wireshark SVN repository. This addresses the security vulnerability reported in SA32840. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.4.1 log @pullup ticket #2697 - requested by tron wireshark: update package for security fix revisions pulled up: pkgsrc/net/wireshark/Makefile 1.29 pkgsrc/net/wireshark/PLIST 1.12 pkgsrc/net/wireshark/distinfo 1.19 pkgsrc/net/wireshark/patches/patch-ad r0 Module Name: pkgsrc Committed By: tron Date: Fri Feb 13 09:41:11 UTC 2009 Modified Files: pkgsrc/net/wireshark: Makefile PLIST distinfo Removed Files: pkgsrc/net/wireshark/patches: patch-ad Log Message: Update "wireshark" package to version 1.0.6. Changes between 1.0.5 and 1.0.6.: - The following vulnerabilities have been fixed: * On non-Windows systems, Wireshark could crash if the HOME environment variable contained sprintf-style string formatting characters. * Wireshark could crash while reading a malformed NetScreen snoop file. * Wireshark could crash while reading a Tektronix K12 text capture file. - The following bugs have been fixed: * Crash when loading capture file and Preferences: NO Info column * Some Lua scripts may lead to corruption via out of bounds stack * Build with GLib 1.2 fails with error: 'G_MININT32' undeclared * Wrong decoding IMSI with GSM MAP protocol * Segmentation fault for "Follow TCP stream" (Bug 3119) * SMPP optional parameter 'network_error_code' incorrectly decoded * DHCPv6 dissector doesn't handle malformed FQDN * WCCP overrides CFLOW as decoded protocol (Bug 3175) * Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object * ANSI MAP fix for TRN digits/SMS and OTA subdissection (Bug 3214) - Updated Protocol Support * AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS - New and Updated Capture File Support * NetScreen snoop Changes between version 1.0.4 and 1.0.5: - The following vulnerabilities have been fixed. See the security advisory for details and a workaround. * The SMTP dissector could consume excessive amounts of CPU and memory. * The WLCCP dissector could go into an infinte loop. - The following bugs have been fixed: * Missing CRLF during HTTP POST in the "packet details" window * Memory assertion in time_secs_to_str_buf() when compiled with GCC 4.2.3 * Diameter dissector fails RFC 4005 compliance * LDP vendor private TLV type is not correctly shown * Wireshark on MacOS does not run when there are spaces in its path * Compilation broke when compiling without zlib * Memory leak: saved_repoid * Memory leak: follow_info * Memory leak: follow_info * Memory leak: tacplus_data * Memory leak: col_arrows * Memory leak: col_arrows * Incorrect address structure assigned for find_conversation() in WSP * Memory leak with unistim in voip_calls * Error parsing the BSSGP protocol * Assertion thrown in fvalue_get_uinteger when decoding TIPC * LUA script : Wireshark crashes after closing and opening again a window used by a listener.draw() function. - Updated Protocol Support * ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP, MPEG PES * PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG 5066, TACACS, TIPC * WLCCP, WSP The package update was provided by Matthias Drochner in private e-mail. @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.1 2008/11/25 22:53:55 tron Exp $ @ 1.1.2.1 log @file patch-ad was added on branch pkgsrc-2008Q3 on 2008-11-26 07:47:06 +0000 @ text @d1 341 @ 1.1.2.2 log @pullup ticket #2598 - requested by tron wireshark: patch for security fixes revisions pulled up: pkgsrc/net/wireshark/Makefile 1.28 pkgsrc/net/wireshark/distinfo 1.18 pkgsrc/net/wireshark/patches/patch-ad 1.1 Module Name: pkgsrc Committed By: tron Date: Tue Nov 25 22:53:55 UTC 2008 Modified Files: pkgsrc/net/wireshark: Makefile distinfo Added Files: pkgsrc/net/wireshark/patches: patch-ad Log Message: Add fix for infinite loop in SMTP dissector from Wireshark SVN repository. This addresses the security vulnerability reported in SA32840. @ text @a0 341 $NetBSD: patch-ad,v 1.1 2008/11/25 22:53:55 tron Exp $ --- epan/dissectors/packet-smtp.c.orig 2008-10-20 20:19:31.000000000 +0100 +++ epan/dissectors/packet-smtp.c 2008-11-25 22:30:30.000000000 +0000 @@@@ -101,10 +101,6 @@@@ "DATA fragments" }; -/* Define media_type/Content type table */ -static dissector_table_t media_type_dissector_table; - - static dissector_handle_t imf_handle = NULL; /* @@@@ -179,6 +175,7 @@@@ gint length_remaining; gboolean eom_seen = FALSE; gint next_offset; + gint loffset; gboolean is_continuation_line; int cmdlen; fragment_data *frag_msg = NULL; @@@@ -221,21 +218,6 @@@@ * longer than what's in the buffer, so the "tvb_get_ptr()" call * won't throw an exception. */ - linelen = tvb_find_line_end(tvb, offset, -1, &next_offset, - smtp_desegment && pinfo->can_desegment); - if (linelen == -1) { - /* - * We didn't find a line ending, and we're doing desegmentation; - * tell the TCP dissector where the data for this message starts - * in the data it handed us, and tell it we need one more byte - * (we may need more, but we'll try again if what we get next - * isn't enough), and return. - */ - pinfo->desegment_offset = offset; - pinfo->desegment_len = 1; - return; - } - line = tvb_get_ptr(tvb, offset, linelen); frame_data = p_get_proto_data(pinfo->fd, proto_smtp); @@@@ -271,6 +253,42 @@@@ } + if(request) { + frame_data = se_alloc(sizeof(struct smtp_proto_data)); + + frame_data->conversation_id = conversation->index; + frame_data->more_frags = TRUE; + + p_add_proto_data(pinfo->fd, proto_smtp, frame_data); + + } + + loffset = offset; + while (tvb_offset_exists(tvb, loffset)) { + + linelen = tvb_find_line_end(tvb, loffset, -1, &next_offset, + smtp_desegment && pinfo->can_desegment); + if (linelen == -1) { + + if(offset == loffset) { + /* + * We didn't find a line ending, and we're doing desegmentation; + * tell the TCP dissector where the data for this message starts + * in the data it handed us, and tell it we need one more byte + * (we may need more, but we'll try again if what we get next + * isn't enough), and return. + */ + pinfo->desegment_offset = loffset; + pinfo->desegment_len = 1; + return; + } + else { + linelen = tvb_length_remaining(tvb, loffset); + next_offset = loffset + linelen; + } + } + line = tvb_get_ptr(tvb, loffset, linelen); + /* * Check whether or not this packet is an end of message packet * We should look for CRLF.CRLF and they may be split. @@@@ -286,16 +304,16 @@@@ * .CRLF at the begining of the same packet. */ - if ((request_val->crlf_seen && tvb_strneql(tvb, offset, ".\r\n", 3) == 0) || - tvb_strneql(tvb, offset, "\r\n.\r\n", 5) == 0) { + if ((request_val->crlf_seen && tvb_strneql(tvb, loffset, ".\r\n", 3) == 0) || + tvb_strneql(tvb, loffset, "\r\n.\r\n", 5) == 0) { eom_seen = TRUE; - } + } - length_remaining = tvb_length_remaining(tvb, offset); - if (length_remaining == tvb_reported_length_remaining(tvb, offset) && - tvb_strneql(tvb, offset + length_remaining - 2, "\r\n", 2) == 0) { + length_remaining = tvb_length_remaining(tvb, loffset); + if (length_remaining == tvb_reported_length_remaining(tvb, loffset) && + tvb_strneql(tvb, loffset + length_remaining - 2, "\r\n", 2) == 0) { request_val->crlf_seen = TRUE; @@@@ -314,11 +332,6 @@@@ if (request) { - frame_data = se_alloc(sizeof(struct smtp_proto_data)); - - frame_data->conversation_id = conversation->index; - frame_data->more_frags = TRUE; - if (request_val->reading_data) { /* * This is message data. @@@@ -333,6 +346,9 @@@@ */ frame_data->pdu_type = SMTP_PDU_EOM; request_val->reading_data = FALSE; + + break; + } else { /* * Message data with no EOM. @@@@ -344,7 +360,7 @@@@ * We are handling a BDAT message. * Check if we have reached end of the data chunk. */ - request_val->msg_read_len += tvb_length_remaining(tvb, offset); + request_val->msg_read_len += tvb_length_remaining(tvb, loffset); if (request_val->msg_read_len == request_val->msg_tot_len) { /* @@@@ -360,6 +376,8 @@@@ */ frame_data->more_frags = FALSE; } + + break; /* no need to go through the remaining lines */ } } } @@@@ -450,12 +468,15 @@@@ frame_data->pdu_type = request_val->data_seen ? SMTP_PDU_MESSAGE : SMTP_PDU_CMD; } - } + } - p_add_proto_data(pinfo->fd, proto_smtp, frame_data); + /* + * Step past this line. + */ + loffset = next_offset; - } + } } /* @@@@ -467,6 +488,7 @@@@ col_set_str(pinfo->cinfo, COL_PROTOCOL, "SMTP"); if (check_col(pinfo->cinfo, COL_INFO)) { /* Add the appropriate type here */ + col_clear(pinfo->cinfo, COL_INFO); /* * If it is a request, we have to look things up, otherwise, just @@@@ -481,21 +503,38 @@@@ case SMTP_PDU_MESSAGE: length_remaining = tvb_length_remaining(tvb, offset); - col_set_str(pinfo->cinfo, COL_INFO, smtp_data_desegment ? "DATA fragment" : "Message Body"); + col_set_str(pinfo->cinfo, COL_INFO, smtp_data_desegment ? "C: DATA fragment" : "C: Message Body"); col_append_fstr(pinfo->cinfo, COL_INFO, ", %d byte%s", length_remaining, plurality (length_remaining, "", "s")); break; case SMTP_PDU_EOM: - col_add_fstr(pinfo->cinfo, COL_INFO, "EOM: %s", - format_text(line, linelen)); + col_set_str(pinfo->cinfo, COL_INFO, "C: ."); + break; case SMTP_PDU_CMD: - col_add_fstr(pinfo->cinfo, COL_INFO, "Command: %s", - format_text(line, linelen)); + loffset = offset; + while (tvb_offset_exists(tvb, loffset)) { + /* + * Find the end of the line. + */ + linelen = tvb_find_line_end(tvb, loffset, -1, &next_offset, FALSE); + line = tvb_get_ptr(tvb, loffset, linelen); + + if(loffset == offset) + col_append_fstr(pinfo->cinfo, COL_INFO, "C: %s", + format_text(line, linelen)); + else { + col_append_fstr(pinfo->cinfo, COL_INFO, " | %s", + format_text(line, linelen)); + } + + loffset = next_offset; + + } break; } @@@@ -503,9 +542,24 @@@@ } else { - col_add_fstr(pinfo->cinfo, COL_INFO, "Response: %s", - format_text(line, linelen)); + loffset = offset; + while (tvb_offset_exists(tvb, loffset)) { + /* + * Find the end of the line. + */ + linelen = tvb_find_line_end(tvb, loffset, -1, &next_offset, FALSE); + line = tvb_get_ptr(tvb, loffset, linelen); + + if(loffset == offset) + col_append_fstr(pinfo->cinfo, COL_INFO, "S: %s", + format_text(line, linelen)); + else { + col_append_fstr(pinfo->cinfo, COL_INFO, " | %s", + format_text(line, linelen)); + } + loffset = next_offset; + } } } @@@@ -560,8 +614,7 @@@@ * DATA command this terminates before sending another * request, but we should probably handle it. */ - proto_tree_add_text(smtp_tree, tvb, offset, linelen, - "EOM: %s", format_text(line, linelen)); + proto_tree_add_text(smtp_tree, tvb, offset, linelen, "C: ."); if(smtp_data_desegment) { @@@@ -582,6 +635,15 @@@@ * previous command before sending another request, but we * should probably handle it. */ + + loffset = offset; + while (tvb_offset_exists(tvb, loffset)) { + + /* + * Find the end of the line. + */ + linelen = tvb_find_line_end(tvb, loffset, -1, &next_offset, FALSE); + if (linelen >= 4) cmdlen = 4; else @@@@ -591,16 +653,16 @@@@ /* * Put the command line into the protocol tree. */ - ti = proto_tree_add_text(smtp_tree, tvb, offset, next_offset - offset, + ti = proto_tree_add_text(smtp_tree, tvb, loffset, next_offset - loffset, "Command: %s", - tvb_format_text(tvb, offset, next_offset - offset)); + tvb_format_text(tvb, loffset, next_offset - loffset)); cmdresp_tree = proto_item_add_subtree(ti, ett_smtp_cmdresp); proto_tree_add_item(cmdresp_tree, hf_smtp_req_command, tvb, - offset, cmdlen, FALSE); + loffset, cmdlen, FALSE); if (linelen > 5) { proto_tree_add_item(cmdresp_tree, hf_smtp_req_parameter, tvb, - offset + 5, linelen - 5, FALSE); + loffset + 5, linelen - 5, FALSE); } if (smtp_data_desegment && !frame_data->more_frags) { @@@@ -609,6 +671,13 @@@@ frag_msg = fragment_end_seq_next (pinfo, frame_data->conversation_id, smtp_data_segment_table, smtp_data_reassembled_table); } + + /* + * Step past this line. + */ + loffset = next_offset; + + } } if (smtp_data_desegment) { @@@@ -693,8 +762,8 @@@@ /* * If it's not a continuation line, quit. */ - if (!is_continuation_line) - break; + /* if (!is_continuation_line) + break; */ } @@@@ -775,7 +844,6 @@@@ }; module_t *smtp_module; - proto_smtp = proto_register_protocol("Simple Mail Transfer Protocol", "SMTP", "smtp"); @@@@ -812,11 +880,6 @@@@ dissector_add("tcp.port", TCP_PORT_SMTP, smtp_handle); dissector_add("tcp.port", TCP_PORT_SUBMISSION, smtp_handle); - /* - * Get the content type and Internet media type table - */ - media_type_dissector_table = find_dissector_table("media_type"); - /* find the IMF dissector */ imf_handle = find_dissector("imf"); @