From 90d860832353803286b5b018a0d50d55b8112c3d Mon Sep 17 00:00:00 2001
From: Lancelot SIX <lsix@lancelotsix.com>
Date: Tue, 1 Aug 2017 11:40:53 +0200
Subject: wireshark: 2.2.7 -> 2.4.0

Fixes the following CVEs:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11408
---
 .../wireshark/add_missing_udpdump_pod.patch        | 132 +++++++++++++++++++++
 .../networking/sniffers/wireshark/default.nix      |  24 +++-
 2 files changed, 151 insertions(+), 5 deletions(-)
 create mode 100644 pkgs/applications/networking/sniffers/wireshark/add_missing_udpdump_pod.patch

(limited to 'pkgs')

diff --git a/pkgs/applications/networking/sniffers/wireshark/add_missing_udpdump_pod.patch b/pkgs/applications/networking/sniffers/wireshark/add_missing_udpdump_pod.patch
new file mode 100644
index 000000000000..a009057307b0
--- /dev/null
+++ b/pkgs/applications/networking/sniffers/wireshark/add_missing_udpdump_pod.patch
@@ -0,0 +1,132 @@
+diff -Nur wireshark-2.4.0/doc/udpdump.pod wireshark-2.4.0-p/doc/udpdump.pod
+--- wireshark-2.4.0/doc/udpdump.pod	1970-01-01 01:00:00.000000000 +0100
++++ wireshark-2.4.0-p/doc/udpdump.pod	2017-08-01 10:48:40.551431319 +0200
+@@ -0,0 +1,128 @@
++
++=head1 NAME
++
++udpdump - Provide an UDP receiver that gets packets from network devices (like Aruba routers) and exports them in PCAP format.
++
++=head1 SYNOPSIS
++
++B<udpdump>
++S<[ B<--help> ]>
++S<[ B<--version> ]>
++S<[ B<--extcap-interfaces> ]>
++S<[ B<--extcap-dlts> ]>
++S<[ B<--extcap-interface>=E<lt>interfaceE<gt> ]>
++S<[ B<--extcap-config> ]>
++S<[ B<--capture> ]>
++S<[ B<--fifo>=E<lt>path to file or pipeE<gt> ]>
++S<[ B<--port>=E<lt>portE<gt> ]>
++S<[ B<--payload>=E<lt>typeE<gt> ]>
++
++=head1 DESCRIPTION
++
++B<udpdump> is a extcap tool that provides an UDP receiver that listens for exported datagrams coming from
++any source (like Aruba routers) and exports them in PCAP format. This provides the user two basic
++functionalities: the first one is to have a listener that prevents the localhost to send back an ICMP
++port-unreachable packet. The second one is to strip out the lower layers (layer 2, IP, UDP) that are useless
++(are used just as export vector). The format of the exported datagrams are EXPORTED_PDU, as specified in
++https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/exported_pdu.h;hb=refs/heads/master
++
++=head1 OPTIONS
++
++=over 4
++
++=item --help
++
++Print program arguments.
++
++=item --version
++
++Print program version.
++
++=item --extcap-interfaces
++
++List available interfaces.
++
++=item --extcap-interface=E<lt>interfaceE<gt>
++
++Use specified interfaces.
++
++=item --extcap-dlts
++
++List DLTs of specified interface.
++
++=item --extcap-config
++
++List configuration options of specified interface.
++
++=item --capture
++
++Start capturing from specified interface save saved it in place specified by --fifo.
++
++=item --fifo=E<lt>path to file or pipeE<gt>
++
++Save captured packet to file or send it through pipe.
++
++=item --port=E<lt>portE<gt>
++
++Set the listerner port. Port 5555 is the default.
++
++=item --payload=E<lt>typeE<gt>
++
++Set the payload of the exported PDU. Default: data.
++
++=back
++
++=head1 EXAMPLES
++
++To see program arguments:
++
++    udpdump --help
++
++To see program version:
++
++    udpdump --version
++
++To see interfaces:
++
++    udpdump --extcap-interfaces
++
++  Example output:
++    interface {value=udpdump}{display=UDP Listener remote capture}
++
++To see interface DLTs:
++
++    udpdump --extcap-interface=udpdump --extcap-dlts
++
++  Example output:
++    dlt {number=252}{name=udpdump}{display=Exported PDUs}
++
++To see interface configuration options:
++
++    udpdump --extcap-interface=udpdump --extcap-config
++
++  Example output:
++    arg {number=0}{call=--port}{display=Listen port}{type=unsigned}{range=1,65535}{default=5555}{tooltip=The port the receiver listens on}
++
++To capture:
++
++    udpdump --extcap-interface=randpkt --fifo=/tmp/randpkt.pcapng --capture
++
++NOTE: To stop capturing CTRL+C/kill/terminate application.
++
++=head1 SEE ALSO
++
++wireshark(1), tshark(1), dumpcap(1), extcap(4)
++
++=head1 NOTES
++
++B<udpdump> is part of the B<Wireshark> distribution.  The latest version
++of B<Wireshark> can be found at L<https://www.wireshark.org>.
++
++HTML versions of the Wireshark project man pages are available at:
++L<https://www.wireshark.org/docs/man-pages>.
++
++=head1 AUTHORS
++
++  Original Author
++  ---------------
++  Dario Lombardo             <lomato[AT]gmail.com>
diff --git a/pkgs/applications/networking/sniffers/wireshark/default.nix b/pkgs/applications/networking/sniffers/wireshark/default.nix
index 326529d1e0ff..ab93899518a1 100644
--- a/pkgs/applications/networking/sniffers/wireshark/default.nix
+++ b/pkgs/applications/networking/sniffers/wireshark/default.nix
@@ -1,6 +1,6 @@
 { stdenv, lib, fetchurl, pkgconfig, pcre, perl, flex, bison, gettext, libpcap, libnl, c-ares
 , gnutls, libgcrypt, libgpgerror, geoip, openssl, lua5, makeDesktopItem, python, libcap, glib
-, libssh, zlib, cmake, extra-cmake-modules
+, libssh, zlib, cmake, extra-cmake-modules, fetchpatch
 , withGtk ? false, gtk3 ? null, librsvg ? null, gsettings_desktop_schemas ? null, wrapGAppsHook ? null
 , withQt ? false, qt5 ? null
 , ApplicationServices, SystemConfiguration, gmp
@@ -12,17 +12,19 @@ assert withQt  -> !withGtk && qt5  != null;
 with stdenv.lib;
 
 let
-  version = "2.2.7";
+  version = "2.4.0";
   variant = if withGtk then "gtk" else if withQt then "qt" else "cli";
 
 in stdenv.mkDerivation {
   name = "wireshark-${variant}-${version}";
 
   src = fetchurl {
-    url = "http://www.wireshark.org/download/src/all-versions/wireshark-${version}.tar.bz2";
-    sha256 = "1dfvhra5v6xhzbp097qsxi0zvirw0srbasl4v1wjf58v49idz7b8";
+    url = "http://www.wireshark.org/download/src/all-versions/wireshark-${version}.tar.xz";
+    sha256 = "011vvrj76z1azkpvyy2j40b1x1z56ymld508zfc4xw3gh8dv82w9";
   };
 
+  cmakeFlags = optional withGtk "-DBUILD_wireshark_gtk=TRUE";
+
   nativeBuildInputs = [
     bison cmake extra-cmake-modules flex
   ] ++ optional withGtk wrapGAppsHook;
@@ -35,7 +37,19 @@ in stdenv.mkDerivation {
     ++ optionals stdenv.isLinux  [ libcap libnl ]
     ++ optionals stdenv.isDarwin [ SystemConfiguration ApplicationServices gmp ];
 
-  patches = [ ./wireshark-lookup-dumpcap-in-path.patch ];
+  patches = [ ./wireshark-lookup-dumpcap-in-path.patch
+
+              # Backported from master. Will probably have to be dropped during next
+              # update.
+              (fetchpatch {
+                 name = "AUTHORS_add_newline_after_bracket";
+                 url = "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=patch;h=27c6b12626d6e7b8e4d7a11784c2c5e2bfb87fde";
+                 sha256 = "1x30rkrq7dzgdlwrjv2r5ibdpdgwnn5wzvki77rdf13b0547vcw3";
+               })
+              # A file is missing from distribution. This should be fixed in upcoming
+              # releases
+              ./add_missing_udpdump_pod.patch
+            ];
 
   postInstall = optionalString (withQt || withGtk) ''
     ${optionalString withGtk ''
-- 
cgit 1.4.1