wireshark/wireshark.spec
Andreas Stieger e8aaeac1ab - Wireshark 2.2.8 (bsc#1049255):
This release fixes minor vulnerabilities that could be used to
  trigger dissector crashes, infinite loopsm or cause excessive use
  of memory resources by making Wireshark read specially crafted
  packages from the network or a capture file:
  * CVE-2017-7702 CVE-2017-11410: WBMXL dissector infinite loop
    (wnpa-sec-2017-13)
  * CVE-2017-9350 CVE-2017-11411: openSAFETY dissector memory
    exhaustion (wnpa-sec-2017-28)
  * CVE-2017-11408: AMQP dissector crash (wnpa-sec-2017-34)
  * CVE-2017-11407: MQ dissector crash (wnpa-sec-2017-35)
  * CVE-2017-11406: DOCSIS infinite loop (wnpa-sec-2017-36)

OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=218
2017-07-18 21:45:56 +00:00

449 lines
14 KiB
RPMSpec

#
# spec file for package wireshark
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# define libraries
%define libutil libwsutil7
%define libwire libwireshark8
%define libtap libwiretap6
%define libcodecs libwscodecs1
# disable caps
%define use_caps 0
# Enable new Qt gui on new releases and build old GTK2 gui on old releases
%if 0%{?suse_version} > 1140
%bcond_without gnutls
%bcond_without qt
%bcond_with gtk
%bcond_without geoip
%else
%bcond_with gnutls
%bcond_with qt
%bcond_without gtk
%bcond_with geoip
%endif
Name: wireshark
Version: 2.2.8
Release: 0
Summary: A Network Traffic Analyser
License: GPL-2.0+ and GPL-3.0+
Group: Productivity/Networking/Diagnostic
Url: https://www.wireshark.org/
Source: https://www.wireshark.org/download/src/%{name}-%{version}.tar.bz2
Source2: https://www.wireshark.org/download/SIGNATURES-%{version}.txt
Source3: https://www.wireshark.org/download/gerald_at_wireshark_dot_org.gpg#/wireshark.keyring
# PATCH-FIX-OPENSUSE wireshark-1.6.3-disable-warning-dialog.patch bnc#349782 prusnak@suse.cz -- don't show warning when running as root
Patch1: wireshark-1.2.0-disable-warning-dialog.patch
# PATCH-FEATURE-OPENSUSE wireshark-1.2.0-geoip.patch prusnak@suse.cz -- search in /var/lib/GeoIP if user hasn't set any GeoIP folders
Patch2: wireshark-1.2.0-geoip.patch
Patch4: wireshark-1.10.0-enable_lua.patch
# for patch7 wireshark-1.12.6-fix-QT-PIC-PIE.patch
BuildRequires: bison
BuildRequires: flex
BuildRequires: glib2-devel
BuildRequires: hicolor-icon-theme
BuildRequires: krb5-devel
BuildRequires: libcares-devel
BuildRequires: libgcrypt-devel >= 1.1.92
BuildRequires: libpcap-devel
BuildRequires: libsmi-devel
BuildRequires: libtool
BuildRequires: net-snmp-devel
BuildRequires: openssl-devel
BuildRequires: pcre-devel
BuildRequires: pkgconfig
BuildRequires: portaudio-devel
BuildRequires: tcpd-devel
BuildRequires: update-desktop-files
BuildRequires: zlib-devel
Requires: hicolor-icon-theme
Requires(pre): shadow
Recommends: wireshark-ui = %{version}
Provides: ethereal = %{version}
Obsoletes: ethereal < %{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if %{with gnutls}
BuildRequires: libgnutls-devel >= 2.12.0
%endif
%if !0%{use_caps}
Requires: xdg-utils
%else
BuildRequires: libcap-devel
Requires(pre): permissions
%endif
%if %{with geoip}
BuildRequires: GeoIP-devel
Recommends: GeoIP
%endif
%if 0%{?suse_version} > 1310
BuildRequires: pkgconfig(libnl-3.0)
%endif
%if %{with gtk}
BuildRequires: cairo-devel
BuildRequires: gtk2-devel >= 2.12.0
%endif
%if %{with qt}
BuildRequires: libqt5-linguist
BuildRequires: pkgconfig(Qt5Core) >= 5.0.0
BuildRequires: pkgconfig(Qt5Gui)
BuildRequires: pkgconfig(Qt5Multimedia)
BuildRequires: pkgconfig(Qt5PrintSupport)
BuildRequires: pkgconfig(Qt5Widgets)
%endif
%if 0%{?suse_version} > 1320
BuildRequires: lua52-devel
%else
BuildRequires: lua-devel
%endif
%description
Wireshark is a free network protocol analyzer for Unix and Windows. It
allows you to examine data from a live network or from a capture file
on disk. You can interactively browse the capture data, viewing summary
and detail information for each packet. Wireshark has several powerful
features, including a rich display filter language and the ability to
view the reconstructed stream of a TCP session.
%package -n %{libutil}
Summary: Library for wireshark utilities
Group: System/Libraries
%description -n %{libutil}
The libwsutil library provides utility functions for libwireshark.
%package -n %{libwire}
Summary: Network packet dissection library
Group: System/Libraries
%description -n %{libwire}
The libwireshark library provides the network packet dissection services
developed by the Wireshark project.
%package -n %{libtap}
Summary: Wireshark library for tapping
Group: System/Libraries
%description -n %{libtap}
Wiretap, part of the Wireshark project, is a library that allows one to read
and write several packet capture file formats.
%package -n %{libcodecs}
Summary: Network packet dissection codecs library
Group: System/Libraries
%description -n %{libcodecs}
The libwscodecs library provides codec functions for libwireshark.
%package devel
Summary: A Network Traffic Analyser
Group: Development/Libraries/C and C++
Requires: %{libcodecs} = %{version}
Requires: %{libtap} = %{version}
Requires: %{libutil} = %{version}
Requires: %{libwire} = %{version}
Requires: %{name} = %{version}
Requires: glib2-devel
Requires: glibc-devel
Provides: ethereal-devel = %{version}
Obsoletes: ethereal-devel < %{version}
%description devel
Wireshark is a free network protocol analyzer for Unix and Windows. It
allows you to examine data from a live network or from a capture file
on disk. You can interactively browse the capture data, viewing summary
and detail information for each packet. Wireshark has several powerful
features, including a rich display filter language and the ability to
view the reconstructed stream of a TCP session.
%if %{with gtk}
%package ui-gtk
Summary: A Network Traffic Analyser - GTK+ UI
Group: Productivity/Networking/Diagnostic
Requires: %{name} = %{version}
Provides: %{name}-ui = %{version}
%description ui-gtk
This package contains the GTK+ UI of Wireshark.
%endif
%if %{with qt}
%package ui-qt
Summary: A Network Traffic Analyser - Qt UI
Group: Productivity/Networking/Diagnostic
Requires: %{name} = %{version}
Provides: %{name}-ui = %{version}
# gtk is the deprecated ui so ensure its uninstall
Obsoletes: %{name}-ui-gtk
%description ui-qt
This package contains the Qt based UI for Wireshark.
%endif
%prep
# The publisher doesn't sign the source tarball, but a signatures file containing multiple hashes.
# Verify hashes in that file against source tarball.
echo "`grep %{name}-%{version}.tar.bz2 %{SOURCE2} | grep MD5 | head -n1 | cut -d= -f2` %{SOURCE0}" | md5sum -c
echo "`grep %{name}-%{version}.tar.bz2 %{SOURCE2} | grep SHA1 | head -n1 | cut -d= -f2` %{SOURCE0}" | sha1sum -c
echo "`grep %{name}-%{version}.tar.bz2 %{SOURCE2} | grep SHA256 | head -n1 | cut -d= -f2` %{SOURCE0}" | sha256sum -c
%setup -q
%patch2 -p1
%patch4 -p1
%if ! %{use_caps}
%patch1 -p1
# open capture files without root privileges bsc#1025714
for X in wireshark{,-gtk}.desktop; do
cp -pv $X ${X/wireshark/wireshark-file}
echo "NoDisplay=true" >> ${X/wireshark/wireshark-file}
done
sed -i '/^MimeType.*/d' wireshark{,-gtk}.desktop
# run as root if not using caps
sed -i 's!^Exec=wireshark!Exec=%{_bindir}/xdg-su -c %{_bindir}/wireshark!' wireshark{,-gtk}.desktop
%endif
sed -i 's/^Icon=wireshark.png$/Icon=wireshark/' wireshark*.desktop
%build
export CFLAGS="%{optflags} -fPIC"
export CXXFLAGS="%{optflags} -fPIC"
export LDFLAGS="-pie"
%if %{with qt}
#XXX: buggy autoconf checks..
export PATH="%{_libdir}/qt5/bin:$PATH"
%endif
%configure \
%if %{with gtk}
--with-gtk3=no \
--with-gtk2=yes \
%endif
%if %{with qt}
--with-qt=yes \
%else
--with-qt=no \
%endif
--with-ssl \
%if %{with gnutls}
--with-gnutls=yes \
%else
--with-gnutls=no \
%endif
--with-gcrypt=yes \
--with-plugins=%{_libdir}/%{name}/plugins/%{version} \
--with-pic=yes
make %{?_smp_mflags} V=1
%install
%make_install
find %{buildroot} -type f -name "*.la" -delete -print
# Ethereal support (remove when SLE-11 is out of scope
%if %{with gtk}
ln -fs wireshark-gtk %{buildroot}%{_bindir}/ethereal
%endif
%if %{with qt}
ln -fs wireshark %{buildroot}%{_bindir}/ethereal
%endif
ln -fs tshark %{buildroot}%{_bindir}/tethereal
install -d -m 0755 %{buildroot}%{_sysconfdir}
install -d -m 0755 %{buildroot}%{_mandir}/man1/
# install separate appdata files corresponding to .desktop files for AppStore integration
%if %{with qt}
install -d -m0755 %{buildroot}%{_datadir}/appdata
install -m644 wireshark.appdata.xml %{buildroot}%{_datadir}/appdata/%{name}.appdata.xml
sed -i -e "/<description>/i \ \ \ \ <name>Wireshark (QT) Network Analyzer<\/name>" \
-e "/<description>/i \ \ \ \ <summary>QT interface for wireshark network traffic analyzer<\/summary>" \
%{buildroot}%{_datadir}/appdata/%{name}.appdata.xml
%else
rm -f %{buildroot}%{_datadir}/appdata/%{name}.appdata.xml
%endif
# -devel
install -d -m 0755 %{buildroot}%{_includedir}/wireshark
IDIR="%{buildroot}%{_includedir}/wireshark"
mkdir -p "${IDIR}/epan"
mkdir -p "${IDIR}/epan/crypt"
mkdir -p "${IDIR}/epan/ftypes"
mkdir -p "${IDIR}/epan/dfilter"
mkdir -p "${IDIR}/epan/dissectors"
mkdir -p "${IDIR}/epan/wmem"
mkdir -p "${IDIR}/wiretap"
mkdir -p "${IDIR}/wsutil"
install -m 644 *.h "${IDIR}/"
install -m 644 epan/*.h "${IDIR}/epan/"
install -m 644 epan/crypt/*.h "${IDIR}/epan/crypt"
install -m 644 epan/ftypes/*.h "${IDIR}/epan/ftypes"
install -m 644 epan/dfilter/*.h "${IDIR}/epan/dfilter"
install -m 644 epan/dissectors/*.h "${IDIR}/epan/dissectors"
install -m 644 epan/wmem/*.h "${IDIR}/epan/wmem"
install -m 644 wiretap/*.h "${IDIR}/wiretap"
install -m 644 wsutil/*.h "${IDIR}/wsutil"
%if %{with gtk}
install -D -m 0644 image/wsicon48.png %{buildroot}%{_datadir}/pixmaps/wireshark-gtk.png
install -D -m 0644 wireshark-gtk.desktop %{buildroot}%{_datadir}/applications/wireshark-gtk.desktop
%suse_update_desktop_file -n %{name}-gtk
%if ! %{use_caps}
install -D -m 0644 wireshark-file-gtk.desktop %{buildroot}%{_datadir}/applications/wireshark-file-gtk.desktop
%suse_update_desktop_file -n %{name}-file-gtk
%endif
%else
# sometimes the gtk.desktop gets autoinstalled by make_install
rm -f %{buildroot}%{_datadir}/applications/wireshark-gtk.desktop
%endif
%if %{with qt}
install -D -m 0644 image/wsicon48.png %{buildroot}%{_datadir}/pixmaps/wireshark.png
install -D -m 0644 wireshark.desktop %{buildroot}%{_datadir}/applications/wireshark.desktop
%suse_update_desktop_file %{name}
%if ! %{use_caps}
install -D -m 0644 wireshark-file.desktop %{buildroot}%{_datadir}/applications/wireshark-file.desktop
%suse_update_desktop_file %{name}-file
%endif
%else
rm -f %{buildroot}%{_datadir}/applications/wireshark.desktop
%endif
%if %{use_caps}
%pre
getent group wireshark >/dev/null || groupadd -r wireshark
%verifyscript
%{verify_permissions -e %{_bindir}/dumpcap}
%endif
%post
%if %{use_caps}
%if 0%{?set_permissions:1} > 0
%set_permissions %{_bindir}/dumpcap
%else
%run_permissions
%endif
%endif # use_caps
exit 0
%post -n %{libutil} -p /sbin/ldconfig
%postun -n %{libutil} -p /sbin/ldconfig
%post -n %{libwire} -p /sbin/ldconfig
%postun -n %{libwire} -p /sbin/ldconfig
%post -n %{libtap} -p /sbin/ldconfig
%postun -n %{libtap} -p /sbin/ldconfig
%post -n %{libcodecs} -p /sbin/ldconfig
%postun -n %{libcodecs} -p /sbin/ldconfig
%files
%defattr(-,root,root)
%doc AUTHORS COPYING NEWS README README.linux README.vmware
%{_mandir}/man1/[^i]*
%{_mandir}/man4/*
%{_bindir}/capinfos
%{_bindir}/captype
%{_bindir}/dftest
%{_bindir}/editcap
%{_bindir}/idl2wrs
%{_bindir}/mergecap
%{_bindir}/randpkt
%{_bindir}/rawshark
%{_bindir}/reordercap
%{_bindir}/tethereal
%{_bindir}/text2pcap
%{_bindir}/tshark
%if %{use_caps}
%verify(not mode caps) %attr(0750,root,wireshark) %caps(cap_net_raw,cap_net_admin=eip) %{_bindir}/dumpcap
%else
%{_bindir}/dumpcap
%endif
%{_libdir}/wireshark/
%{_datadir}/wireshark/
%{_datadir}/icons/hicolor/*/apps/wireshark.png
%{_datadir}/icons/hicolor/*/mimetypes/application-wireshark-doc.png
%{_datadir}/icons/hicolor/scalable/apps/wireshark.svg
%{_datadir}/mime/packages/wireshark.xml
%files -n %{libutil}
%defattr(-,root,root)
%{_libdir}/libwsutil*.so.*
%files -n %{libwire}
%defattr(-,root,root)
%{_libdir}/libwireshark.so.*
%files -n %{libtap}
%defattr(-,root,root)
%{_libdir}/libwiretap.so.*
%files -n %{libcodecs}
%defattr(-,root,root)
%{_libdir}/libwscodecs.so.*
%files devel
%defattr(-,root,root)
%doc doc/README.*
%{_includedir}/wireshark
%{_libdir}/lib*.so
%{_libdir}/pkgconfig/wireshark.pc
%if %{with gtk}
%files ui-gtk
%defattr(-,root,root)
%{_bindir}/wireshark-gtk
%{_bindir}/ethereal
%{_datadir}/applications/wireshark-gtk.desktop
%if ! %{use_caps}
%{_datadir}/applications/wireshark-file-gtk.desktop
%endif
%{_datadir}/pixmaps/wireshark-gtk.png
%post ui-gtk
test -f %{_bindir}/update-mime-database && %{_bindir}/update-mime-database %{_datadir}/mime > /dev/null || :
test -f %{_bindir}/update-desktop-database && %{_bindir}/update-desktop-database > /dev/null || :
test -f /sbin/conf.d/SuSEconfig.gtk2 && SuSEconfig --module gtk2 > /dev/null || :
test -f /sbin/conf.d/SuSEconfig.glib2 && SuSEconfig --module glib2 > /dev/null || :
%postun ui-gtk
test -f %{_bindir}/update-mime-database && %{_bindir}/update-mime-database %{_datadir}/mime > /dev/null || :
test -f %{_bindir}/update-desktop-database && %{_bindir}/update-desktop-database > /dev/null || :
test -f /sbin/conf.d/SuSEconfig.gtk2 && SuSEconfig --module gtk2 > /dev/null || :
test -f /sbin/conf.d/SuSEconfig.glib2 && SuSEconfig --module glib2 > /dev/null || :
%endif
%if %{with qt}
%files ui-qt
%defattr(-,root,root)
%{_bindir}/wireshark
%{_bindir}/ethereal
%dir %{_datadir}/appdata
%{_datadir}/appdata/wireshark.appdata.xml
%{_datadir}/applications/wireshark.desktop
%if ! %{use_caps}
%{_datadir}/applications/wireshark-file.desktop
%endif
%{_datadir}/pixmaps/wireshark.png
%post ui-qt
%desktop_database_post
%icon_theme_cache_post
%postun ui-qt
%desktop_database_postun
%icon_theme_cache_postun
%endif
%changelog