[packages/wireshark] - updated to 4.4.1 (new sonames); patches for c-ares 1.34 (upstream) and falcosecurity 0.18
qboosh
qboosh at pld-linux.org
Thu Oct 17 18:58:55 CEST 2024
commit 26c00c595c9944b1c87f71399ec87d93ee8a3579
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Thu Oct 17 18:39:27 2024 +0200
- updated to 4.4.1 (new sonames); patches for c-ares 1.34 (upstream) and falcosecurity 0.18
wireshark-cares.patch | 48 ++++++++++++++++++++++++++++++++++++++
wireshark-falcosecurity.patch | 54 +++++++++++++++++++++++++++++++++++++++++++
wireshark.spec | 39 +++++++++++++++++++------------
3 files changed, 126 insertions(+), 15 deletions(-)
---
diff --git a/wireshark.spec b/wireshark.spec
index 341c1ba..ac2f6e3 100644
--- a/wireshark.spec
+++ b/wireshark.spec
@@ -9,7 +9,7 @@
%bcond_without gui # without QT GUI
%bcond_with qt5 # use Qt5 instead of Qt6
-%define branch_ver 4.2
+%define branch_ver 4.4
%define qt5_ver 5.12
%define qt6_ver 6
Summary: Network traffic and protocol analyzer
@@ -19,20 +19,23 @@ Summary(pt_BR.UTF-8): Analisador de tráfego de rede
Summary(ru.UTF-8): Анализатор сетевого траффика
Summary(uk.UTF-8): Аналізатор мережевого трафіку
Name: wireshark
-Version: 4.2.6
+Version: 4.4.1
Release: 1
License: GPL v2+
Group: Networking/Utilities
Source0: https://2.na.dl.wireshark.org/src/%{name}-%{version}.tar.xz
-# Source0-md5: e118da25ca399111a4e5d947385c7c79
+# Source0-md5: f6c14c48f2c5fe8d7bd52236a0a4001f
+Patch0: %{name}-cares.patch
+Patch1: %{name}-falcosecurity.patch
URL: https://www.wireshark.org/
BuildRequires: bcg729-devel
BuildRequires: c-ares-devel >= 1.13.0
BuildRequires: cmake >= 3.13
BuildRequires: doxygen
-%{?with_falcosecurity:BuildRequires: falcosecurity-libs-devel}
+%{?with_falcosecurity:BuildRequires: falcosecurity-libs-devel >= 0.18}
BuildRequires: flex
-BuildRequires: gcc >= 5:3.2
+# C11
+BuildRequires: gcc >= 5:4.7
BuildRequires: gettext-tools
BuildRequires: glib2-devel >= 1:2.54.0
BuildRequires: gnutls-devel >= 3.5.8
@@ -46,12 +49,13 @@ BuildRequires: libmaxminddb-devel
BuildRequires: libnl-devel >= 3.2
BuildRequires: libpcap-devel >= 2:1.0.0-4
BuildRequires: libsmi-devel
-BuildRequires: libssh-devel >= 0.6.0
+BuildRequires: libssh-devel >= 0.8.5
BuildRequires: libstdc++-devel >= 6:4.7
BuildRequires: libtool >= 2:2.2.2
BuildRequires: libxml2-devel >= 2.0
BuildRequires: libxslt-progs
-BuildRequires: lua52-devel
+# 5.4 (preferred) or 5.3
+BuildRequires: lua54-devel
BuildRequires: lz4-devel
BuildRequires: minizip-devel
%{?with_snmp:BuildRequires: net-snmp-devel}
@@ -168,9 +172,10 @@ Summary(pl.UTF-8): Analizator ruchu i protokołów sieciowych - wspólne pliki
Group: Networking
Requires(post,postun): /sbin/setcap
Requires: %{name}-libs = %{version}-%{release}
+%{?with_falcosecurity:Requires: falcosecurity-libs >= 0.18}
Requires: gnutls >= 3.5.8
Requires: libpcap >= 0.4
-Requires: libssh >= 0.6.0
+Requires: libssh >= 0.8.5
Provides: ethereal-common
Provides: group(wireshark)
Provides: wireshark-tools
@@ -300,6 +305,8 @@ Pliki nagłówkowe bibliotek Wiresharka.
%prep
%setup -q
+%patch0 -p1
+%patch1 -p1
%if %{with falcosecurity}
%{__sed} -i -e 's/CMAKE_CXX_STANDARD 11/CMAKE_CXX_STANDARD 17/' CMakeLists.txt
@@ -403,7 +410,7 @@ fi
%files common
%defattr(644,root,root,755)
-%doc AUTHORS* ChangeLog NEWS README.md README.linux doc/README.*
+%doc AUTHORS ChangeLog README.md README.DECT README.linux doc/README.*
%doc %{_docdir}/wireshark
%attr(755,root,root) %{_bindir}/capinfos
%attr(755,root,root) %{_bindir}/captype
@@ -421,9 +428,6 @@ fi
%attr(755,root,root) %{_libdir}/%{name}/extcap/androiddump
%attr(755,root,root) %{_libdir}/%{name}/extcap/ciscodump
%attr(755,root,root) %{_libdir}/%{name}/extcap/dpauxmon
-%if %{with falcosecurity}
-%attr(755,root,root) %{_libdir}/%{name}/extcap/falcodump
-%endif
%attr(755,root,root) %{_libdir}/%{name}/extcap/randpktdump
%attr(755,root,root) %{_libdir}/%{name}/extcap/sshdump
%attr(755,root,root) %{_libdir}/%{name}/extcap/sdjournal
@@ -437,6 +441,11 @@ fi
%attr(755,root,root) %{_libdir}/%{name}/plugins/%{branch_ver}/epan/*.so
%dir %{_libdir}/%{name}/plugins/%{branch_ver}/wiretap
%attr(755,root,root) %{_libdir}/%{name}/plugins/%{branch_ver}/wiretap/*.so
+%if %{with falcosecurity}
+%dir %{_libdir}/logray
+%dir %{_libdir}/logray/extcap
+%attr(755,root,root) %{_libdir}/logray/extcap/falcodump
+%endif
%{_mandir}/man1/androiddump.1*
%{_mandir}/man1/capinfos.1*
%{_mandir}/man1/captype.1*
@@ -471,11 +480,11 @@ fi
%files libs
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/libwireshark.so.*.*.*
-%attr(755,root,root) %ghost %{_libdir}/libwireshark.so.17
+%attr(755,root,root) %ghost %{_libdir}/libwireshark.so.18
%attr(755,root,root) %{_libdir}/libwiretap.so.*.*.*
-%attr(755,root,root) %ghost %{_libdir}/libwiretap.so.14
+%attr(755,root,root) %ghost %{_libdir}/libwiretap.so.15
%attr(755,root,root) %{_libdir}/libwsutil.so.*.*.*
-%attr(755,root,root) %ghost %{_libdir}/libwsutil.so.15
+%attr(755,root,root) %ghost %{_libdir}/libwsutil.so.16
%dir %{_libdir}/%{name}
%files devel
diff --git a/wireshark-cares.patch b/wireshark-cares.patch
new file mode 100644
index 0000000..3e64ae9
--- /dev/null
+++ b/wireshark-cares.patch
@@ -0,0 +1,48 @@
+From 7c1418625d2ba5095ef5393abdb2141c990a662c Mon Sep 17 00:00:00 2001
+From: Gerald Combs <gerald at wireshark.org>
+Date: Thu, 10 Oct 2024 15:47:17 -0700
+Subject: [PATCH] CMake: Fix our c-ares version discovery
+
+c-ares 1.34.0 and later generate ARES_VERSION_STR using a macro, so
+fetch the version from ARES_VERSION_MAJOR, ARES_VERSION_MINOR, and
+ARES_VERSION_PATCH.
+
+Fixes #20125
+---
+ cmake/modules/FindCARES.cmake | 19 +++++++++++++++----
+ 1 file changed, 15 insertions(+), 4 deletions(-)
+
+diff --git a/cmake/modules/FindCARES.cmake b/cmake/modules/FindCARES.cmake
+index f69a2a906bf..5d005b50d4e 100644
+--- a/cmake/modules/FindCARES.cmake
++++ b/cmake/modules/FindCARES.cmake
+@@ -36,11 +36,22 @@ find_library( CARES_LIBRARY
+ )
+
+ # Try to retrieve version from header if found
++# Adapted from https://stackoverflow.com/a/47084079/82195
+ if(CARES_INCLUDE_DIR)
+- set(_version_regex "^#define[ \t]+ARES_VERSION_STR[ \t]+\"([^\"]+)\".*")
+- file(STRINGS "${CARES_INCLUDE_DIR}/ares_version.h" CARES_VERSION REGEX "${_version_regex}")
+- string(REGEX REPLACE "${_version_regex}" "\\1" CARES_VERSION "${CARES_VERSION}")
+- unset(_version_regex)
++ file(READ "${CARES_INCLUDE_DIR}/ares_version.h" _ares_version_h)
++
++ string(REGEX MATCH "#[\t ]*define[ \t]+ARES_VERSION_MAJOR[ \t]+([0-9]+)" _ ${_ares_version_h})
++ set(_ares_version_major ${CMAKE_MATCH_1})
++ string(REGEX MATCH "#[\t ]*define[ \t]+ARES_VERSION_MINOR[ \t]+([0-9]+)" _ ${_ares_version_h})
++ set(_ares_version_minor ${CMAKE_MATCH_1})
++ string(REGEX MATCH "#[\t ]*define[ \t]+ARES_VERSION_PATCH[ \t]+([0-9]+)" _ ${_ares_version_h})
++ set(_ares_version_patch ${CMAKE_MATCH_1})
++ set(CARES_VERSION ${_ares_version_major}.${_ares_version_minor}.${_ares_version_patch})
++
++ unset(_ares_version_h)
++ unset(_ares_version_major)
++ unset(_ares_version_minor)
++ unset(_ares_version_patch)
+ endif()
+
+ # handle the QUIETLY and REQUIRED arguments and set CARES_FOUND to TRUE if
+--
+GitLab
+
diff --git a/wireshark-falcosecurity.patch b/wireshark-falcosecurity.patch
new file mode 100644
index 0000000..aab143b
--- /dev/null
+++ b/wireshark-falcosecurity.patch
@@ -0,0 +1,54 @@
+--- wireshark-4.4.1/extcap/falcodump.cpp.orig 2024-10-16 21:35:13.731822931 +0200
++++ wireshark-4.4.1/extcap/falcodump.cpp 2024-10-16 21:36:20.628127189 +0200
+@@ -1179,7 +1179,7 @@ int main(int argc, char **argv)
+ ws_warning("%s", init_err.c_str());
+ goto end;
+ }
+- inspector.open_plugin(extcap_conf->interface, plugin_source);
++ inspector.open_plugin(extcap_conf->interface, plugin_source, sinsp_plugin_platform::SINSP_PLATFORM_GENERIC);
+ // scap_dump_open handles "-"
+ } catch (sinsp_exception &e) {
+ ws_warning("%s", e.what());
+--- wireshark-4.4.1/plugins/epan/falco_bridge/sinsp-span.cpp.orig 2024-10-16 21:35:13.831253554 +0200
++++ wireshark-4.4.1/plugins/epan/falco_bridge/sinsp-span.cpp 2024-10-16 22:11:50.924659565 +0200
+@@ -443,13 +443,13 @@ void create_sinsp_syscall_source(sinsp_s
+ if (!sfc) {
+ continue;
+ }
+- if (strcmp(ffi->m_name, "evt.category") == 0) {
++ if (ffi->m_name == "evt.category") {
+ ssi->evt_category_idx = ssi->syscall_filter_fields.size();
+ }
+- if (strcmp(ffi->m_name, "evt.cpu") == 0) {
++ else if (ffi->m_name == "evt.cpu") {
+ ssi->cpu_id_idx = (uint16_t) ssi->syscall_filter_fields.size();
+ }
+- if (strcmp(ffi->m_name, "proc.pid") == 0) {
++ else if (ffi->m_name == "proc.pid") {
+ ssi->proc_id_idx = (uint16_t) ssi->syscall_filter_fields.size();
+ }
+ sfc->parse_field_name(ffi->m_name, true, false);
+@@ -559,18 +559,18 @@ bool get_sinsp_source_field_info(sinsp_s
+
+ if (ssi->source) {
+ ffi = &ssi->source->fields()[field_num];
+- g_strlcpy(field->abbrev, ffi->m_name, sizeof(field->abbrev));
++ g_strlcpy(field->abbrev, ffi->m_name.c_str(), sizeof(field->abbrev));
+ } else {
+ ffi = ssi->syscall_filter_fields[field_num];
+ if (ssi->field_to_category[field_num] == SSC_OTHER) {
+- snprintf(field->abbrev, sizeof(field->abbrev), FALCO_FIELD_NAME_PREFIX "%s", ffi->m_name);
++ snprintf(field->abbrev, sizeof(field->abbrev), FALCO_FIELD_NAME_PREFIX "%s", ffi->m_name.c_str());
+ } else {
+- g_strlcpy(field->abbrev, ffi->m_name, sizeof(field->abbrev));
++ g_strlcpy(field->abbrev, ffi->m_name.c_str(), sizeof(field->abbrev));
+ }
+ }
+
+- g_strlcpy(field->display, ffi->m_display, sizeof(field->display));
+- g_strlcpy(field->description, ffi->m_description, sizeof(field->description));
++ g_strlcpy(field->display, ffi->m_display.c_str(), sizeof(field->display));
++ g_strlcpy(field->description, ffi->m_description.c_str(), sizeof(field->description));
+
+ field->is_hidden = ffi->m_flags & EPF_TABLE_ONLY;
+ field->is_conversation = ffi->m_flags & EPF_CONVERSATION;
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/wireshark.git/commitdiff/26c00c595c9944b1c87f71399ec87d93ee8a3579
More information about the pld-cvs-commit
mailing list