public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

wireshark: 2.2.7 -> 2.4.0

Browse Source 
Fixes the following CVEs:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11408
This commit is contained in:
Lancelot SIX 2017-08-01 11:40:53 +02:00
parent fd647dc0cf
commit 90d8608323
No known key found for this signature in database
GPG Key ID: 02E1542BA66FB047
2 changed files with 151 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
pkgs/applications/networking/sniffers/wireshark/add_missing_udpdump_pod.patch Normal file
View File

@ -0,0 +1,132 @@
diff -Nur wireshark-2.4.0/doc/udpdump.pod wireshark-2.4.0-p/doc/udpdump.pod
--- wireshark-2.4.0/doc/udpdump.pod 1970-01-01 01:00:00.000000000 +0100
+++ wireshark-2.4.0-p/doc/udpdump.pod 2017-08-01 10:48:40.551431319 +0200
@@ -0,0 +1,128 @@
+
+=head1 NAME
+
+udpdump - Provide an UDP receiver that gets packets from network devices (like Aruba routers) and exports them in PCAP format.
+
+=head1 SYNOPSIS
+
+B<udpdump>
+S<[ B<--help> ]>
+S<[ B<--version> ]>
+S<[ B<--extcap-interfaces> ]>
+S<[ B<--extcap-dlts> ]>
+S<[ B<--extcap-interface>=E<lt>interfaceE<gt> ]>
+S<[ B<--extcap-config> ]>
+S<[ B<--capture> ]>
+S<[ B<--fifo>=E<lt>path to file or pipeE<gt> ]>
+S<[ B<--port>=E<lt>portE<gt> ]>
+S<[ B<--payload>=E<lt>typeE<gt> ]>
+
+=head1 DESCRIPTION
+
+B<udpdump> is a extcap tool that provides an UDP receiver that listens for exported datagrams coming from
+any source (like Aruba routers) and exports them in PCAP format. This provides the user two basic
+functionalities: the first one is to have a listener that prevents the localhost to send back an ICMP
+port-unreachable packet. The second one is to strip out the lower layers (layer 2, IP, UDP) that are useless
+(are used just as export vector). The format of the exported datagrams are EXPORTED_PDU, as specified in
+https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/exported_pdu.h;hb=refs/heads/master
+
+=head1 OPTIONS
+
+=over 4
+
+=item --help
+
+Print program arguments.
+
+=item --version
+
+Print program version.
+
+=item --extcap-interfaces
+
+List available interfaces.
+
+=item --extcap-interface=E<lt>interfaceE<gt>
+
+Use specified interfaces.
+
+=item --extcap-dlts
+
+List DLTs of specified interface.
+
+=item --extcap-config
+
+List configuration options of specified interface.
+
+=item --capture
+
+Start capturing from specified interface save saved it in place specified by --fifo.
+
+=item --fifo=E<lt>path to file or pipeE<gt>
+
+Save captured packet to file or send it through pipe.
+
+=item --port=E<lt>portE<gt>
+
+Set the listerner port. Port 5555 is the default.
+
+=item --payload=E<lt>typeE<gt>
+
+Set the payload of the exported PDU. Default: data.
+
+=back
+
+=head1 EXAMPLES
+
+To see program arguments:
+
+ udpdump --help
+
+To see program version:
+
+ udpdump --version
+
+To see interfaces:
+
+ udpdump --extcap-interfaces
+
+ Example output:
+ interface {value=udpdump}{display=UDP Listener remote capture}
+
+To see interface DLTs:
+
+ udpdump --extcap-interface=udpdump --extcap-dlts
+
+ Example output:
+ dlt {number=252}{name=udpdump}{display=Exported PDUs}
+
+To see interface configuration options:
+
+ udpdump --extcap-interface=udpdump --extcap-config
+
+ Example output:
+ arg {number=0}{call=--port}{display=Listen port}{type=unsigned}{range=1,65535}{default=5555}{tooltip=The port the receiver listens on}
+
+To capture:
+
+ udpdump --extcap-interface=randpkt --fifo=/tmp/randpkt.pcapng --capture
+
+NOTE: To stop capturing CTRL+C/kill/terminate application.
+
+=head1 SEE ALSO
+
+wireshark(1), tshark(1), dumpcap(1), extcap(4)
+
+=head1 NOTES
+
+B<udpdump> is part of the B<Wireshark> distribution. The latest version
+of B<Wireshark> can be found at L<https://www.wireshark.org>.
+
+HTML versions of the Wireshark project man pages are available at:
+L<https://www.wireshark.org/docs/man-pages>.
+
+=head1 AUTHORS
+
+ Original Author
+ ---------------
+ Dario Lombardo <lomato[AT]gmail.com>

24
pkgs/applications/networking/sniffers/wireshark/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, lib, fetchurl, pkgconfig, pcre, perl, flex, bison, gettext, libpcap, libnl, c-ares { stdenv, lib, fetchurl, pkgconfig, pcre, perl, flex, bison, gettext, libpcap, libnl, c-ares
, gnutls, libgcrypt, libgpgerror, geoip, openssl, lua5, makeDesktopItem, python, libcap, glib , gnutls, libgcrypt, libgpgerror, geoip, openssl, lua5, makeDesktopItem, python, libcap, glib
, libssh, zlib, cmake, extra-cmake-modules , libssh, zlib, cmake, extra-cmake-modules, fetchpatch
, withGtk ? false, gtk3 ? null, librsvg ? null, gsettings_desktop_schemas ? null, wrapGAppsHook ? null , withGtk ? false, gtk3 ? null, librsvg ? null, gsettings_desktop_schemas ? null, wrapGAppsHook ? null
, withQt ? false, qt5 ? null , withQt ? false, qt5 ? null
, ApplicationServices, SystemConfiguration, gmp , ApplicationServices, SystemConfiguration, gmp
@ -12,17 +12,19 @@ assert withQt -> !withGtk && qt5 != null;
with stdenv.lib; with stdenv.lib;
let let
version = "2.2.7"; version = "2.4.0";
variant = if withGtk then "gtk" else if withQt then "qt" else "cli"; variant = if withGtk then "gtk" else if withQt then "qt" else "cli";
in stdenv.mkDerivation { in stdenv.mkDerivation {
name = "wireshark-${variant}-${version}"; name = "wireshark-${variant}-${version}";
src = fetchurl { src = fetchurl {
url = "http://www.wireshark.org/download/src/all-versions/wireshark-${version}.tar.bz2"; url = "http://www.wireshark.org/download/src/all-versions/wireshark-${version}.tar.xz";
sha256 = "1dfvhra5v6xhzbp097qsxi0zvirw0srbasl4v1wjf58v49idz7b8"; sha256 = "011vvrj76z1azkpvyy2j40b1x1z56ymld508zfc4xw3gh8dv82w9";
}; };
cmakeFlags = optional withGtk "-DBUILD_wireshark_gtk=TRUE";
nativeBuildInputs = [ nativeBuildInputs = [
bison cmake extra-cmake-modules flex bison cmake extra-cmake-modules flex
] ++ optional withGtk wrapGAppsHook; ] ++ optional withGtk wrapGAppsHook;
@ -35,7 +37,19 @@ in stdenv.mkDerivation {
++ optionals stdenv.isLinux [ libcap libnl ] ++ optionals stdenv.isLinux [ libcap libnl ]
++ optionals stdenv.isDarwin [ SystemConfiguration ApplicationServices gmp ]; ++ optionals stdenv.isDarwin [ SystemConfiguration ApplicationServices gmp ];
patches = [ ./wireshark-lookup-dumpcap-in-path.patch ]; patches = [ ./wireshark-lookup-dumpcap-in-path.patch
# Backported from master. Will probably have to be dropped during next
# update.
(fetchpatch {
name = "AUTHORS_add_newline_after_bracket";
url = "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=patch;h=27c6b12626d6e7b8e4d7a11784c2c5e2bfb87fde";
sha256 = "1x30rkrq7dzgdlwrjv2r5ibdpdgwnn5wzvki77rdf13b0547vcw3";
})
# A file is missing from distribution. This should be fixed in upcoming
# releases
./add_missing_udpdump_pod.patch
];
postInstall = optionalString (withQt || withGtk) '' postInstall = optionalString (withQt || withGtk) ''
${optionalString withGtk '' ${optionalString withGtk ''