wireshark/wireshark.spec
Andreas Stieger 1a5e352e8d Wireshark 2.4.2
This release fixes minor vulnerabilities that could be used to
  trigger dissector crashes or infinite loops by making Wireshark
  read specially crafted packages from the network or a capture
  file (boo#1062645):
  * CVE-2017-15192: BT ATT dissector crash (wnpa-sec-2017-42)
  * CVE-2017-15193: MBIM dissector crash (wnpa-sec-2017-43)
  * CVE-2017-15191: DMP dissector crash (wnpa-sec-2017-44)
  * CVE-2017-15190: RTSP dissector crash (wnpa-sec-2017-45)
  * CVE-2017-15189: DOCSIS infinite loop (wnpa-sec-2017-46)

OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=232
2017-10-11 11:00:24 +00:00

437 lines
13 KiB
RPMSpec

#
# spec file for package wireshark
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# define libraries
%define libutil libwsutil8
%define libwire libwireshark10
%define libtap libwiretap7
%define libcodecs libwscodecs1
# disable caps
%define use_caps 0
# Enable new Qt gui on new releases and build old GTK2 gui on old releases
%if 0%{?suse_version} > 1140
%bcond_without gnutls
%bcond_without qt
%bcond_with gtk
%bcond_without geoip
%else
%bcond_with gnutls
%bcond_with qt
%bcond_without gtk
%bcond_with geoip
%endif
Name: wireshark
Version: 2.4.2
Release: 0
Summary: A Network Traffic Analyser
License: GPL-2.0+ AND GPL-3.0+
Group: Productivity/Networking/Diagnostic
Url: https://www.wireshark.org/
Source: https://www.wireshark.org/download/src/%{name}-%{version}.tar.xz
Source2: https://www.wireshark.org/download/SIGNATURES-%{version}.txt
Source3: https://www.wireshark.org/download/gerald_at_wireshark_dot_org.gpg#/wireshark.keyring
# PATCH-FIX-OPENSUSE wireshark-1.6.3-disable-warning-dialog.patch bnc#349782 prusnak@suse.cz -- don't show warning when running as root
Patch1: wireshark-1.2.0-disable-warning-dialog.patch
# PATCH-FEATURE-OPENSUSE wireshark-1.2.0-geoip.patch prusnak@suse.cz -- search in /var/lib/GeoIP if user hasn't set any GeoIP folders
Patch2: wireshark-1.2.0-geoip.patch
Patch4: wireshark-1.10.0-enable_lua.patch
# for patch7 wireshark-1.12.6-fix-QT-PIC-PIE.patch
BuildRequires: bison
BuildRequires: flex
BuildRequires: glib2-devel
BuildRequires: hicolor-icon-theme
BuildRequires: krb5-devel
BuildRequires: libcares-devel
BuildRequires: libgcrypt-devel >= 1.4.2
BuildRequires: libpcap-devel
BuildRequires: libsmi-devel
BuildRequires: libtool
BuildRequires: net-snmp-devel
BuildRequires: openssl-devel
BuildRequires: pcre-devel
BuildRequires: pkgconfig
BuildRequires: portaudio-devel
BuildRequires: tcpd-devel
BuildRequires: update-desktop-files
BuildRequires: zlib-devel
Requires: hicolor-icon-theme
Requires(pre): shadow
Recommends: wireshark-ui = %{version}
Provides: ethereal = %{version}
Obsoletes: ethereal < %{version}
%if %{with gnutls}
BuildRequires: libgnutls-devel >= 2.12.0
%endif
%if !0%{use_caps}
Requires: xdg-utils
%else
BuildRequires: libcap-devel
Requires(pre): permissions
%endif
%if %{with geoip}
BuildRequires: GeoIP-devel
Recommends: GeoIP
%endif
%if 0%{?suse_version} > 1310
BuildRequires: pkgconfig(libnl-3.0)
%endif
%if %{with gtk}
BuildRequires: cairo-devel
BuildRequires: gtk2-devel >= 2.12.0
%endif
%if %{with qt}
BuildRequires: libqt5-linguist
BuildRequires: pkgconfig(Qt5Core) >= 5.0.0
BuildRequires: pkgconfig(Qt5Gui)
BuildRequires: pkgconfig(Qt5Multimedia)
BuildRequires: pkgconfig(Qt5PrintSupport)
BuildRequires: pkgconfig(Qt5Widgets)
%endif
%if 0%{?suse_version} > 1320
BuildRequires: lua51-devel
%else
BuildRequires: lua-devel
%endif
%if 0%{?suse_version} <= 1110
BuildRequires: xz
%endif
%description
Wireshark is a network protocol analyzer. It allows examining data
from a live network or from a capture file on disk. You can
interactively browse the capture data, viewing summary and detailed
information for each packet. Wireshark has several features,
including a rich display filter language and the ability to view the
reconstructed stream of a TCP session.
%package -n %{libutil}
Summary: Library for wireshark utilities
Group: System/Libraries
%description -n %{libutil}
The libwsutil library provides utility functions for libwireshark.
%package -n %{libwire}
Summary: Network packet dissection library
Group: System/Libraries
%description -n %{libwire}
The libwireshark library provides the network packet dissection services
developed by the Wireshark project.
%package -n %{libtap}
Summary: Wireshark library for tapping
Group: System/Libraries
%description -n %{libtap}
Wiretap, part of the Wireshark project, is a library that allows one to read
and write several packet capture file formats.
%package -n %{libcodecs}
Summary: Network packet dissection codecs library
Group: System/Libraries
%description -n %{libcodecs}
The libwscodecs library provides codec functions for libwireshark.
%package devel
Summary: A Network Traffic Analyser
Group: Development/Libraries/C and C++
Requires: %{libcodecs} = %{version}
Requires: %{libtap} = %{version}
Requires: %{libutil} = %{version}
Requires: %{libwire} = %{version}
Requires: %{name} = %{version}
Requires: glib2-devel
Requires: glibc-devel
Provides: ethereal-devel = %{version}
Obsoletes: ethereal-devel < %{version}
%description devel
Wireshark is a network protocol analyzer. It allows examining data
from a live network or from a capture file on disk.
%if %{with gtk}
%package ui-gtk
Summary: A Network Traffic Analyser - GTK+ UI
Group: Productivity/Networking/Diagnostic
Requires: %{name} = %{version}
Provides: %{name}-ui = %{version}
%description ui-gtk
This package contains the GTK+ UI of Wireshark.
%endif
%if %{with qt}
%package ui-qt
Summary: A Network Traffic Analyser - Qt UI
Group: Productivity/Networking/Diagnostic
Requires: %{name} = %{version}
Provides: %{name}-ui = %{version}
# gtk is the deprecated ui so ensure its uninstall
Obsoletes: %{name}-ui-gtk
%description ui-qt
This package contains the Qt based UI for Wireshark.
%endif
%prep
# The publisher doesn't sign the source tarball, but a signatures file containing multiple hashes.
# Verify hashes in that file against source tarball.
echo "`grep %{name}-%{version}.tar.xz %{SOURCE2} | grep SHA1 | head -n1 | cut -d= -f2` %{SOURCE0}" | sha1sum -c
echo "`grep %{name}-%{version}.tar.xz %{SOURCE2} | grep SHA256 | head -n1 | cut -d= -f2` %{SOURCE0}" | sha256sum -c
%setup -q
%patch2 -p1
%patch4 -p1
%if ! %{use_caps}
%patch1 -p1
# open capture files without root privileges bsc#1025714
for X in wireshark{,-gtk}.desktop; do
cp -pv $X ${X/wireshark/wireshark-file}
echo "NoDisplay=true" >> ${X/wireshark/wireshark-file}
done
sed -i '/^MimeType.*/d' wireshark{,-gtk}.desktop
# run as root if not using caps
sed -i 's!^Exec=wireshark!Exec=%{_bindir}/xdg-su -c %{_bindir}/wireshark!' wireshark{,-gtk}.desktop
%endif
sed -i 's/^Icon=wireshark.png$/Icon=wireshark/' wireshark*.desktop
%build
export CFLAGS="%{optflags} -fPIC"
export CXXFLAGS="%{optflags} -fPIC"
export LDFLAGS="-pie"
%if %{with qt}
#XXX: buggy autoconf checks..
export PATH="%{_libdir}/qt5/bin:$PATH"
%endif
%configure \
%if %{with gtk}
--with-gtk=2 \
%endif
%if %{with qt}
--with-qt=yes \
%else
--with-qt=no \
%endif
--with-ssl \
%if %{with gnutls}
--with-gnutls=yes \
%else
--with-gnutls=no \
%endif
--with-plugins=%{_libdir}/%{name}/plugins/%{version} \
--with-pic=yes
make %{?_smp_mflags} V=1
%install
%make_install
find %{buildroot} -type f -name "*.la" -delete -print
# Ethereal support (remove when SLE-11 is out of scope
%if %{with gtk}
ln -fs wireshark-gtk %{buildroot}%{_bindir}/ethereal
%endif
%if %{with qt}
ln -fs wireshark %{buildroot}%{_bindir}/ethereal
%endif
ln -fs tshark %{buildroot}%{_bindir}/tethereal
install -d -m 0755 %{buildroot}%{_sysconfdir}
install -d -m 0755 %{buildroot}%{_mandir}/man1/
# install separate appdata files corresponding to .desktop files for AppStore integration
%if %{with qt}
install -d -m0755 %{buildroot}%{_datadir}/appdata
install -m644 wireshark.appdata.xml %{buildroot}%{_datadir}/appdata/%{name}.appdata.xml
sed -i -e "/<description>/i \ \ \ \ <name>Wireshark (QT) Network Analyzer<\/name>" \
-e "/<description>/i \ \ \ \ <summary>QT interface for wireshark network traffic analyzer<\/summary>" \
%{buildroot}%{_datadir}/appdata/%{name}.appdata.xml
%else
rm -f %{buildroot}%{_datadir}/appdata/%{name}.appdata.xml
%endif
# -devel
install -d -m 0755 %{buildroot}%{_includedir}/wireshark
IDIR="%{buildroot}%{_includedir}/wireshark"
mkdir -p "${IDIR}/epan"
mkdir -p "${IDIR}/epan/crypt"
mkdir -p "${IDIR}/epan/ftypes"
mkdir -p "${IDIR}/epan/dfilter"
mkdir -p "${IDIR}/epan/dissectors"
mkdir -p "${IDIR}/epan/wmem"
mkdir -p "${IDIR}/wiretap"
mkdir -p "${IDIR}/wsutil"
install -m 644 *.h "${IDIR}/"
install -m 644 epan/*.h "${IDIR}/epan/"
install -m 644 epan/crypt/*.h "${IDIR}/epan/crypt"
install -m 644 epan/ftypes/*.h "${IDIR}/epan/ftypes"
install -m 644 epan/dfilter/*.h "${IDIR}/epan/dfilter"
install -m 644 epan/dissectors/*.h "${IDIR}/epan/dissectors"
install -m 644 epan/wmem/*.h "${IDIR}/epan/wmem"
install -m 644 wiretap/*.h "${IDIR}/wiretap"
install -m 644 wsutil/*.h "${IDIR}/wsutil"
%if %{with gtk}
install -D -m 0644 image/wsicon48.png %{buildroot}%{_datadir}/pixmaps/wireshark-gtk.png
install -D -m 0644 wireshark-gtk.desktop %{buildroot}%{_datadir}/applications/wireshark-gtk.desktop
%suse_update_desktop_file -n %{name}-gtk
%if ! %{use_caps}
install -D -m 0644 wireshark-file-gtk.desktop %{buildroot}%{_datadir}/applications/wireshark-file-gtk.desktop
%suse_update_desktop_file -n %{name}-file-gtk
%endif
%else
# sometimes the gtk.desktop gets autoinstalled by make_install
rm -f %{buildroot}%{_datadir}/applications/wireshark-gtk.desktop
%endif
%if %{with qt}
install -D -m 0644 image/wsicon48.png %{buildroot}%{_datadir}/pixmaps/wireshark.png
install -D -m 0644 wireshark.desktop %{buildroot}%{_datadir}/applications/wireshark.desktop
%suse_update_desktop_file %{name}
%if ! %{use_caps}
install -D -m 0644 wireshark-file.desktop %{buildroot}%{_datadir}/applications/wireshark-file.desktop
%suse_update_desktop_file %{name}-file
%endif
%else
rm -f %{buildroot}%{_datadir}/applications/wireshark.desktop
%endif
%if %{use_caps}
%pre
getent group wireshark >/dev/null || groupadd -r wireshark
%verifyscript
%{verify_permissions -e %{_bindir}/dumpcap}
%endif
%post
%if %{use_caps}
%if 0%{?set_permissions:1} > 0
%set_permissions %{_bindir}/dumpcap
%else
%run_permissions
%endif
%endif # use_caps
exit 0
%post -n %{libutil} -p /sbin/ldconfig
%postun -n %{libutil} -p /sbin/ldconfig
%post -n %{libwire} -p /sbin/ldconfig
%postun -n %{libwire} -p /sbin/ldconfig
%post -n %{libtap} -p /sbin/ldconfig
%postun -n %{libtap} -p /sbin/ldconfig
%post -n %{libcodecs} -p /sbin/ldconfig
%postun -n %{libcodecs} -p /sbin/ldconfig
%files
%doc AUTHORS COPYING NEWS README README.linux README.vmware
%{_mandir}/man1/[^i]*
%{_mandir}/man4/*
%{_bindir}/capinfos
%{_bindir}/captype
%{_bindir}/dftest
%{_bindir}/editcap
%{_bindir}/idl2wrs
%{_bindir}/mergecap
%{_bindir}/randpkt
%{_bindir}/rawshark
%{_bindir}/reordercap
%{_bindir}/tethereal
%{_bindir}/text2pcap
%{_bindir}/tshark
%{_bindir}/sharkd
%if %{use_caps}
%verify(not mode caps) %attr(0750,root,wireshark) %caps(cap_net_raw,cap_net_admin=eip) %{_bindir}/dumpcap
%else
%{_bindir}/dumpcap
%endif
%{_libdir}/wireshark/
%{_datadir}/wireshark/
%{_datadir}/icons/hicolor/*/apps/wireshark.png
%{_datadir}/icons/hicolor/*/mimetypes/application-wireshark-doc.png
%{_datadir}/icons/hicolor/scalable/apps/wireshark.svg
%{_datadir}/mime/packages/wireshark.xml
%files -n %{libutil}
%{_libdir}/libwsutil*.so.*
%files -n %{libwire}
%{_libdir}/libwireshark.so.*
%files -n %{libtap}
%{_libdir}/libwiretap.so.*
%files -n %{libcodecs}
%{_libdir}/libwscodecs.so.*
%files devel
%doc doc/README.*
%{_includedir}/wireshark
%{_libdir}/lib*.so
%{_libdir}/pkgconfig/wireshark.pc
%if %{with gtk}
%files ui-gtk
%{_bindir}/wireshark-gtk
%{_bindir}/ethereal
%{_datadir}/applications/wireshark-gtk.desktop
%if ! %{use_caps}
%{_datadir}/applications/wireshark-file-gtk.desktop
%endif
%{_datadir}/pixmaps/wireshark-gtk.png
%post ui-gtk
test -f %{_bindir}/update-mime-database && %{_bindir}/update-mime-database %{_datadir}/mime > /dev/null || :
test -f %{_bindir}/update-desktop-database && %{_bindir}/update-desktop-database > /dev/null || :
test -f /sbin/conf.d/SuSEconfig.gtk2 && SuSEconfig --module gtk2 > /dev/null || :
test -f /sbin/conf.d/SuSEconfig.glib2 && SuSEconfig --module glib2 > /dev/null || :
%postun ui-gtk
test -f %{_bindir}/update-mime-database && %{_bindir}/update-mime-database %{_datadir}/mime > /dev/null || :
test -f %{_bindir}/update-desktop-database && %{_bindir}/update-desktop-database > /dev/null || :
test -f /sbin/conf.d/SuSEconfig.gtk2 && SuSEconfig --module gtk2 > /dev/null || :
test -f /sbin/conf.d/SuSEconfig.glib2 && SuSEconfig --module glib2 > /dev/null || :
%endif
%if %{with qt}
%files ui-qt
%{_bindir}/wireshark
%{_bindir}/ethereal
%dir %{_datadir}/appdata
%{_datadir}/appdata/wireshark.appdata.xml
%{_datadir}/applications/wireshark.desktop
%if ! %{use_caps}
%{_datadir}/applications/wireshark-file.desktop
%endif
%{_datadir}/pixmaps/wireshark.png
%post ui-qt
%desktop_database_post
%icon_theme_cache_post
%postun ui-qt
%desktop_database_postun
%icon_theme_cache_postun
%endif
%changelog