diff options
author | Peter Volkov <pva@gentoo.org> | 2011-10-08 16:27:15 +0000 |
---|---|---|
committer | Peter Volkov <pva@gentoo.org> | 2011-10-08 16:27:15 +0000 |
commit | 958f28c133db078e06dd740fe95f5615a2331b5e (patch) | |
tree | d51032943a157bd433d5a80030cef8ada4aca15b /net-analyzer | |
parent | x86 stable wrt bug #385795 (diff) | |
download | gentoo-2-958f28c133db078e06dd740fe95f5615a2331b5e.tar.gz gentoo-2-958f28c133db078e06dd740fe95f5615a2331b5e.tar.bz2 gentoo-2-958f28c133db078e06dd740fe95f5615a2331b5e.zip |
Drop old and vulnerable.
(Portage version: 2.1.10.20/cvs/Linux x86_64)
Diffstat (limited to 'net-analyzer')
11 files changed, 12 insertions, 394 deletions
diff --git a/net-analyzer/wireshark/ChangeLog b/net-analyzer/wireshark/ChangeLog index 460fc987d83e..13a4981c2e35 100644 --- a/net-analyzer/wireshark/ChangeLog +++ b/net-analyzer/wireshark/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for net-analyzer/wireshark # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/ChangeLog,v 1.318 2011/09/27 17:11:06 xarthisius Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/ChangeLog,v 1.319 2011/10/08 16:27:15 pva Exp $ + + 08 Oct 2011; Peter Volkov <pva@gentoo.org> + -files/wireshark-0.99.7-asneeded.patch, + -files/wireshark-0.99.8-as-needed.patch, + -files/wireshark-1.0.5-text2pcap-protos.patch, + -files/wireshark-1.0-sigpipe.patch, -files/wireshark-1.1.2--as-needed.patch, + -files/wireshark-1.2.8-zlib-1.2.5-capture.patch, + -files/wireshark-1.4.6-gnutls_nettle.patch, + -files/wireshark-1.4.6-wspy_dissectors_dir.patch, -wireshark-1.4.8.ebuild, + -files/wireshark-except-double-free.diff: + Drop old and vulnerable. 27 Sep 2011; Kacper Kowalik <xarthisius@gentoo.org> wireshark-1.4.9.ebuild: ppc/ppc64 stable wrt #381551 diff --git a/net-analyzer/wireshark/files/wireshark-0.99.7-asneeded.patch b/net-analyzer/wireshark/files/wireshark-0.99.7-asneeded.patch deleted file mode 100644 index 36069368e141..000000000000 --- a/net-analyzer/wireshark/files/wireshark-0.99.7-asneeded.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- ./epan/dissectors/Makefile.am.orig 2007-12-11 16:38:03.000000000 +0300 -+++ ./epan/dissectors/Makefile.am 2007-12-11 16:38:37.000000000 +0300 -@@ -32,6 +32,7 @@ - - libasndissectors_la_SOURCES = \ - $(ASN_DISSECTOR_SRC) -+libasndissectors_la_LIBADD = ../../wiretap/libwiretap.la - - libpidldissectors_la_SOURCES = \ - $(PIDL_DISSECTOR_SRC) diff --git a/net-analyzer/wireshark/files/wireshark-0.99.8-as-needed.patch b/net-analyzer/wireshark/files/wireshark-0.99.8-as-needed.patch deleted file mode 100644 index df495f8cf71b..000000000000 --- a/net-analyzer/wireshark/files/wireshark-0.99.8-as-needed.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- wiretap/Makefile.am.orig 2008-02-21 23:11:41.000000000 +0300 -+++ wiretap/Makefile.am 2008-02-21 23:12:08.000000000 +0300 -@@ -67,7 +67,7 @@ - $(GENERATOR_FILES) \ - $(GENERATED_FILES) - --libwiretap_la_LIBADD = libwiretap_generated.la -+libwiretap_la_LIBADD = libwiretap_generated.la $(GLIB_LIBS) - libwiretap_la_DEPENDENCIES = libwiretap_generated.la - - RUNLEX = $(top_srcdir)/tools/runlex.sh diff --git a/net-analyzer/wireshark/files/wireshark-1.0-sigpipe.patch b/net-analyzer/wireshark/files/wireshark-1.0-sigpipe.patch deleted file mode 100644 index ad81e382e221..000000000000 --- a/net-analyzer/wireshark/files/wireshark-1.0-sigpipe.patch +++ /dev/null @@ -1,31 +0,0 @@ -https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1740 -https://bugs.gentoo.org/show_bug.cgi?id=260457 - -=== modified file 'capture_opts.c' ---- capture_opts.c 2009-03-05 16:59:51 +0000 -+++ capture_opts.c 2009-03-05 17:06:49 +0000 -@@ -59,6 +59,7 @@ - # include "inet_v6defs.h" - #endif - -+#include <signal.h> - #include <glib.h> - - #include <epan/packet.h> -@@ -759,6 +760,15 @@ - "Dropped"); - } - -+#ifndef _WIN32 -+ /* handle SIGPIPE signal to default action */ -+ struct sigaction act; -+ act.sa_handler = SIG_DFL; -+ sigemptyset(&act.sa_mask); -+ act.sa_flags = SA_RESTART; -+ sigaction(SIGPIPE,&act,NULL); -+#endif -+ - while (1) { /* XXX - Add signal handling? */ - for (stat_entry = g_list_first(stat_list); stat_entry != NULL; stat_entry = g_list_next(stat_entry)) { - if_stat = stat_entry->data; - diff --git a/net-analyzer/wireshark/files/wireshark-1.0.5-text2pcap-protos.patch b/net-analyzer/wireshark/files/wireshark-1.0.5-text2pcap-protos.patch deleted file mode 100644 index eed2df16a70b..000000000000 --- a/net-analyzer/wireshark/files/wireshark-1.0.5-text2pcap-protos.patch +++ /dev/null @@ -1,18 +0,0 @@ -defining _XOPEN_SOURCE to nothing means the oldest version which means glibc -will not provide the strdup() prototype. this leads to an implicit decl which -leads to a return type of "int" -- 32bits of a ptr on a 64bit arch leads to -kaboom. - -https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3161 - ---- text2pcap.c -+++ text2pcap.c -@@ -90,7 +90,7 @@ - # define __USE_XOPEN - #endif - #ifndef _XOPEN_SOURCE --# define _XOPEN_SOURCE -+# define _XOPEN_SOURCE 600 - #endif - - #include <ctype.h> diff --git a/net-analyzer/wireshark/files/wireshark-1.1.2--as-needed.patch b/net-analyzer/wireshark/files/wireshark-1.1.2--as-needed.patch deleted file mode 100644 index 7da659c099fe..000000000000 --- a/net-analyzer/wireshark/files/wireshark-1.1.2--as-needed.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/epan/Makefile.am b/epan/Makefile.am -index b2a569d..717e233 100644 ---- a/epan/Makefile.am -+++ b/epan/Makefile.am -@@ -130,6 +130,7 @@ libwireshark_la_LIBADD = \ - dissectors/libdirtydissectors.la $(wslua_lib) @SOCKET_LIBS@ @NSL_LIBS@ \ - @C_ARES_LIBS@ @ADNS_LIBS@ @LIBGCRYPT_LIBS@ @LIBGNUTLS_LIBS@ \ - @KRB5_LIBS@ @SSL_LIBS@ @LIBSMI_LDFLAGS@ @GEOIP_LIBS@ \ -+ ${top_builddir}/wiretap/libwiretap.la \ - ${top_builddir}/wsutil/libwsutil.la -lm - - libwireshark_la_DEPENDENCIES = \ -@@ -137,6 +138,7 @@ libwireshark_la_DEPENDENCIES = \ - libwireshark_asmopt.la crypt/libairpdcap.la ftypes/libftypes.la \ - dfilter/libdfilter.la dissectors/libdissectors.la \ - dissectors/libdirtydissectors.la $(wslua_lib) \ -+ ${top_builddir}/wiretap/libwiretap.la \ - ${top_builddir}/wsutil/libwsutil.la - - #EXTRA_PROGRAMS = reassemble_test diff --git a/net-analyzer/wireshark/files/wireshark-1.2.8-zlib-1.2.5-capture.patch b/net-analyzer/wireshark/files/wireshark-1.2.8-zlib-1.2.5-capture.patch deleted file mode 100644 index 3120027400d4..000000000000 --- a/net-analyzer/wireshark/files/wireshark-1.2.8-zlib-1.2.5-capture.patch +++ /dev/null @@ -1,30 +0,0 @@ -http://anonsvn.wireshark.org/viewvc?view=rev&revision=32715 - ---- trunk/wiretap/wtap.c 2010/05/07 19:24:32 32714 -+++ trunk/wiretap/wtap.c 2010/05/07 19:45:47 32715 -@@ -35,6 +35,10 @@ - #include <unistd.h> - #endif - -+#ifdef HAVE_LIBZ -+#include <zlib.h> -+#endif -+ - #include "wtap-int.h" - #include "wtap.h" - -@@ -646,6 +650,14 @@ - */ - wth->phdr.pkt_encap = wth->file_encap; - -+#if defined(ZLIB_VERNUM) && ZLIB_VERNUM == 0x1250 -+ /* Reset EOF */ -+ /* g_log(NULL, G_LOG_LEVEL_DEBUG, "wtap_read: eof before seek: %d", gzeof(wth->fh)); */ -+ if (gzeof(wth->fh)) -+ gzseek(wth->fh, 0, SEEK_CUR); -+ /* g_log(NULL, G_LOG_LEVEL_DEBUG, "wtap_read: eof after seek: %d", gzeof(wth->fh)); */ -+#endif -+ - if (!wth->subtype_read(wth, err, err_info, data_offset)) - return FALSE; /* failure */ - diff --git a/net-analyzer/wireshark/files/wireshark-1.4.6-gnutls_nettle.patch b/net-analyzer/wireshark/files/wireshark-1.4.6-gnutls_nettle.patch deleted file mode 100644 index 422e2ea71a8c..000000000000 --- a/net-analyzer/wireshark/files/wireshark-1.4.6-gnutls_nettle.patch +++ /dev/null @@ -1,24 +0,0 @@ -https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5800 - -Index: epan/dissectors/packet-ssl-utils.c -=================================================================== ---- epan/dissectors/packet-ssl-utils.c (revision 37067) -+++ epan/dissectors/packet-ssl-utils.c (working copy) -@@ -946,7 +946,7 @@ - str->data_len = len; - } - --#ifdef HAVE_LIBGNUTLS -+#if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) - - static gint ver_major, ver_minor, ver_patch; - -@@ -2747,7 +2747,7 @@ - sscanf(str, "%d.%d.%d", &ver_major, &ver_minor, &ver_patch); - } - --#else /* HAVE_LIBGNUTLS */ -+#else /* defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) */ - /* no libgnutl: dummy operation to keep interface consistent*/ - void - ssl_lib_init(void) diff --git a/net-analyzer/wireshark/files/wireshark-1.4.6-wspy_dissectors_dir.patch b/net-analyzer/wireshark/files/wireshark-1.4.6-wspy_dissectors_dir.patch deleted file mode 100644 index 6401661b62e3..000000000000 --- a/net-analyzer/wireshark/files/wireshark-1.4.6-wspy_dissectors_dir.patch +++ /dev/null @@ -1,20 +0,0 @@ -https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5872 - ---- epan/wspython/Makefile.am 2011-04-29 06:57:10 +0000 -+++ epan/wspython/Makefile.am 2011-04-29 07:15:20 +0000 -@@ -44,12 +44,14 @@ - libwspython_la_CFLAGS = @PY_CFLAGS@ - - wspythondir=@pythondir@ -+wspythondissectorsdir=@pythondir@/wspy_dissectors - - wspython_DATA= \ - register-dissector.py \ - wspy_dissector.py \ - wspy_libws.py - -+wspythondissectors_DATA= - - EXTRA_DIST = \ - Makefile.common \ - diff --git a/net-analyzer/wireshark/files/wireshark-except-double-free.diff b/net-analyzer/wireshark/files/wireshark-except-double-free.diff deleted file mode 100644 index a7ca896a4999..000000000000 --- a/net-analyzer/wireshark/files/wireshark-except-double-free.diff +++ /dev/null @@ -1,16 +0,0 @@ -Index: except.c -=================================================================== ---- except.c (revision 19876) -+++ except.c (working copy) -@@ -192,6 +192,11 @@ - - assert (top->except_type == XCEPT_CATCHER); - except_free(catcher->except_obj.except_dyndata); -+ /* make sure no else can free this pointer again -+ See http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1001 -+ http://bugs.gentoo.org/show_bug.cgi?id=133092 -+ http://bugs.gentoo.org/show_bug.cgi?id=145974 */ -+ catcher->except_obj.except_dyndata = NULL; - - for (i = 0; i < catcher->except_size; pi++, i++) { - if (match(&except->except_id, pi)) { diff --git a/net-analyzer/wireshark/wireshark-1.4.8.ebuild b/net-analyzer/wireshark/wireshark-1.4.8.ebuild deleted file mode 100644 index 96df9a0142fa..000000000000 --- a/net-analyzer/wireshark/wireshark-1.4.8.ebuild +++ /dev/null @@ -1,213 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/wireshark-1.4.8.ebuild,v 1.6 2011/08/07 16:48:43 armin76 Exp $ - -EAPI="3" -PYTHON_DEPEND="python? 2" -inherit libtool flag-o-matic eutils toolchain-funcs python autotools - -[[ -n ${PV#*_rc} && ${PV#*_rc} != ${PV} ]] && MY_P=${PN}-${PV/_} || MY_P=${P} -DESCRIPTION="A network protocol analyzer formerly known as ethereal" -HOMEPAGE="http://www.wireshark.org/" -SRC_URI="http://www.wireshark.org/download/src/all-versions/${MY_P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd" -IUSE="adns ares doc doc-pdf gtk ipv6 lua gcrypt geoip kerberos -profile +pcap portaudio python +caps selinux smi ssl threads zlib" - -RDEPEND=">=dev-libs/glib-2.14:2 - zlib? ( sys-libs/zlib - !=sys-libs/zlib-1.2.4 ) - smi? ( net-libs/libsmi ) - gtk? ( >=x11-libs/gtk+-2.4.0:2 - x11-libs/pango - dev-libs/atk - x11-misc/xdg-utils ) - ssl? ( net-libs/gnutls ) - gcrypt? ( dev-libs/libgcrypt ) - pcap? ( net-libs/libpcap ) - caps? ( sys-libs/libcap ) - kerberos? ( virtual/krb5 ) - portaudio? ( media-libs/portaudio ) - ares? ( >=net-dns/c-ares-1.5 ) - !ares? ( adns? ( net-libs/adns ) ) - geoip? ( dev-libs/geoip ) - lua? ( >=dev-lang/lua-5.1 ) - selinux? ( sec-policy/selinux-wireshark )" - -DEPEND="${RDEPEND} - doc? ( dev-libs/libxslt - app-text/docbook-xml-dtd:4.2 - dev-libs/libxml2 - app-doc/doxygen - doc-pdf? ( dev-java/fop ) ) - >=dev-util/pkgconfig-0.15.0 - dev-lang/perl - sys-devel/bison - sys-apps/sed - sys-devel/flex" - -S=${WORKDIR}/${MY_P} - -# borrowed from GSoC2010_Gentoo_Capabilities by constanze and flameyeys -# @FUNCTION: fcaps -# @USAGE: fcaps {uid:gid} {file-mode} {cap1[,cap2,...]} {file} -# @RETURN: 0 if all okay; non-zero if failure and fallback -# @DESCRIPTION: -# fcaps sets the specified capabilities in the effective and permitted set of -# the given file. In case of failure fcaps sets the given file-mode. -fcaps() { - local uid_gid=$1 - local perms=$2 - local capset=$3 - local path=$4 - local res - - chmod $perms $path && \ - chown $uid_gid $path - res=$? - - use caps || return $res - - #set the capability - setcap "$capset=ep" "$path" &> /dev/null - #check if the capabilitiy got set correctly - setcap -v "$capset=ep" "$path" &> /dev/null - res=$? - - if [ $res -ne 0 ]; then - ewarn "Failed to set capabilities. Probable reason is missed kernel support." - ewarn "Kernel must have SECURITY_FILE_CAPABILITIES, and <FS>_FS_SECURITY" - ewarn "enabled (e.g. EXT3_FS_SECURITY) where <FS> is the filesystem to store" - ewarn "${path}" - ewarn - ewarn "Falling back to suid now..." - chmod u+s ${path} - fi - return $res -} - -pkg_setup() { - if ! use gtk; then - ewarn "USE=-gtk disables gtk-based gui called wireshark." - ewarn "Only command line utils will be built available" - fi - if use python; then - python_set_active_version 2 - python_pkg_setup - fi - # Add group for users allowed to sniff. - enewgroup wireshark -} - -src_configure() { - local myconf - - if [[ $(gcc-major-version) -lt 3 || - ( $(gcc-major-version) -eq 3 && - $(gcc-minor-version) -le 4 ) ]] ; then - die "Unsupported compiler version, please upgrade." - fi - - if use ares && use adns; then - elog "You asked for both, ares and adns, but we can use only one of them." - elog "c-ares supersedes adns resolver thus using c-ares (ares USE flag)." - myconf="$(use_with ares c-ares) --without-adns" - else - myconf="$(use_with adns) $(use_with ares c-ares)" - fi - - # profile and pie are incompatible #215806, #292991 - if use profile; then - ewarn "You've enabled the 'profile' USE flag, building PIE binaries is disabled." - ewarn "Also ignore \"unrecognized option '-nopie'\" gcc warning #358101." - append-flags $(test-flags-CC -nopie) - fi - - # Workaround bug #213705. If krb5-config --libs has -lcrypto then pass - # --with-ssl to ./configure. (Mimics code from acinclude.m4). - if use kerberos; then - case `krb5-config --libs` in - *-lcrypto*) - ewarn "Kerberos was built with ssl support: linkage with openssl is enabled." - ewarn "Note there are annoying license incompatibilities between the OpenSSL" - ewarn "license and the GPL, so do your check before distributing such package." - myconf+=" --with-ssl" - ;; - esac - fi - - # Hack around inability to disable doxygen/fop doc generation - use doc || export ac_cv_prog_HAVE_DOXYGEN=false - use doc-pdf || export ac_cv_prog_HAVE_FOP=false - - # dumpcap requires libcap, setuid-install requires dumpcap - econf $(use_enable gtk wireshark) \ - $(use_enable profile profile-build) \ - $(use_with ssl gnutls) \ - $(use_with gcrypt) \ - $(use_enable ipv6) \ - $(use_enable threads) \ - $(use_with lua) \ - $(use_with kerberos krb5) \ - $(use_with smi libsmi) \ - $(use_with pcap) \ - $(use_with zlib) \ - $(use_with geoip) \ - $(use_with portaudio) \ - $(use_with python) \ - $(use_with caps libcap) \ - $(use pcap && use_enable caps setcap-install) \ - $(use pcap && use_enable !caps setuid-install) \ - --sysconfdir=/etc/wireshark \ - --with-dumpcap-group=wireshark \ - --disable-extra-gcc-checks \ - ${myconf} -} - -src_compile() { - emake || die - use doc && cd docbook && { emake || die; } -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - if use doc; then - dohtml -r docbook/{release-notes.html,ws{d,u}g_html{,_chunked}} - if use doc-pdf; then - insinto /usr/share/doc/${PF}/pdf/ - doins docbook/{{developer,user}-guide,release-notes}-{a4,us}.pdf || die - fi - fi - - # FAQ is not required as is installed from help/faq.txt - dodoc AUTHORS ChangeLog NEWS README{,.bsd,.linux,.macos,.vmware} \ - doc/{randpkt.txt,README*} - - insinto /usr/include/wiretap - doins wiretap/wtap.h || die - - if use gtk; then - for c in hi lo; do - for d in 16 32 48; do - insinto /usr/share/icons/${c}color/${d}x${d}/apps - newins image/${c}${d}-app-wireshark.png wireshark.png - done - done - domenu wireshark.desktop || die - fi - chmod o-x "${ED}"/usr/bin/dumpcap #357237 -} - -pkg_postinst() { - if use caps && use pcap; then - fcaps 0:wireshark 550 cap_net_raw,cap_net_admin "${ROOT}"/usr/bin/dumpcap - fi - echo - ewarn "NOTE: To run wireshark as normal user you have to add yourself to" - ewarn "the wireshark group. This security measure ensures that only trusted" - ewarn "users are allowed to sniff your traffic." - echo -} |