pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/wireshark
Module Name: pkgsrc
Committed By: adam
Date: Thu Oct 9 14:43:44 UTC 2025
Modified Files:
pkgsrc/net/wireshark: Makefile PLIST distinfo
Added Files:
pkgsrc/net/wireshark/patches: patch-epan_dissectors_packet-kerberos.c
patch-writecap_pcapio.c
Log Message:
wireshark: updated to 4.6.0
Wireshark 4.6.0
New and Updated Features
The following features are new (or have been significantly updated) since version 4.6.0rc1:
Wireshark can dissect process information, packet metadata, flow IDs, drop information, and other information provided by tcpdump on macOS.
The following features are either new or have been significantly updated since version 4.4.0:
The Windows installers now ship with Npcap 1.83. They previously shipped with Npcap 1.79.
The Windows and macOS installers now ship with Qt 6.9.3. They previously shipped with Qt 6.5.3.
We now ship universal macOS installers instead of separate packages for Arm64 and Intel. Issue 17294
WinPcap is no longer supported. On Windows, use Npcap instead, uninstalling WinPcap if necessary. The final release of WinPcap was version 4.1.3 in 2013. It only supports up to Windows 8, which is no
longer supported by Microsoft or Wireshark.
A new “Plots” dialog has been added, which provides scatter plots in contrast to the “I/O Graphs” dialog, which provides histograms. The Plots dialog window supports multiple plots, markers, and
automatic scrolling.
Live captures can be compressed while writing. (Previously there was support for compressing when performing multiple file capture, at file rotation time.) The --compress option in TShark works on
live captures as well. Issue 9311
Absolute time fields, regardless of field display in the Packet Details, are always written in ISO 8601 format in UTC with -T json. This was already the case for -T ek since version 4.2.0. JSON is
primarily a data interchange format read by software, so a standard format is desirable.
When absolute times field are output with -T fields, the "show" field of -T pdml, or in custom columns (including CSV output of columns), the formatting similar to asctime (e.g., Dec 18, 2017
05:28:39.071704055 EST) has been deprecated in favor of ISO 8601. For backwards compatibility, a preference has been added, protocols.display_abs_time_ascii, which can be set to continue to format
times as before. This preference can also be set to never use ASCII time and to use ISO 8601 time formatting in the protocol tree (Packet Details) as well. It is possible that a future release will
remove the ascitime style formatting entirely.
UTC frame time column formats (including "Time (format as specified)" when a UTC time display format is selected) have a "Z" suffix per ISO 8601. Local time formats remain unqualified (including if
the local time zone is UTC.) Custom columns displaying FT_ABSOLUTE_TIME already had time zone indication.
The TShark -G option for generating glossary reports does not need to be the first option given on the command line anymore. In addition, the reports now are affected by other command line options
such as -o, -d, and --disable-protocol, in addition to the -C option, which was already supported. (The defaultprefs report remains unaffected by any other options.) As a part of this change, -G with
no argument, which was previously deprecated, is no longer supported. Use tshark -G fields to produce the same report. Also, the syntax for only listing fields with a certain prefix has changed to
tshark -G fields,prefix.
The underlying type of EUI-64 fields has been switched to bytes when packet matching, similar to most other address formats. This means that EUI-64 addresses can be sliced and compared to other bytes
types, e.g. the filter wpan.src64[:3] == eth.src[:3]. Fields can still be specified using 64-bit unsigned integer literals, though arithmetic with other integers is no longer supported.
Wireshark can now decrypt NTP packets using NTS (Network Time Security). To decrypt packets, the NTS-KE (Network Time Security Key Establishment Protocol) packets need to be present, alongside the
TLS client and exporter secrets. Additionally, the parts of a NTP packet which can be cryptographically authenticated (from NTP packet header until the end of the last extension field that precedes
the NTS Authenticator and Encrypted Extension Fields extension field) are checked for validity.
Wireshark’s ability to decrypt MACsec packets has been expanded to either use the SAK unwrapped by the MKA dissector, or the PSK configured in the MACsec dissector. To enable the MKA dissector to
unwrap the SAK, the CAK for the applicable CKN can be entered in the extended CKN/CAK Info UAT in the MKA dissector preferences. The ability of the MACsec dissector to decrypt packets using a PSK has
been extended to a list of PSKs, which can entered through a new UAT.
The TCP Stream Graph axes now use units with SI prefixes. Issue 20197
Custom columns have an option to show the values using the same format as in Packet Details.
Custom column complex expressions (e.g., with arithmetic, filter functions, etc.) that return numeric results are sorted numerically instead of lexicographically.
Display filter functions float and double are added to allow explicitly converting field types like integers and times to single and double precision floats. They can be used to perform further
arithmetic operations on fields of different types, including in custom column definitions.
The minimum width of the I/O Graph dialog window has been reduced, so it should work better on small resolution desktops, especially in certain languages. To enable this, some checkbox controls were
moved to the graph right-click context menu. Issue 20147
X.509 certificates, used in TLS and elsewhere, can be exported via the File › Export Objects menu in Wireshark (under the name "X509AF") and --export-objects in TShark (with the protocol name x509af.)
Zstandard Content-Encoding is supported in the HTTP and HTTP/2 dissectors.
Follow Stream is supported for MPEG 2 Transport Stream PIDs, and for Packetized Elementary Streams contained within MPEG 2 TS. The latter can be used to extract audio or video for playback with other
tools.
DNP 3 (Distributed Network Protocol 3) is now supported in the Conversations and Endpoints table dialogs.
The Lua supplied preloaded libraries bit and rex_pcre2 are loaded in a way that adds them to the package.loaded table, as though through require, so that require("bit") and require("rex_pcre2")
statements in Lua dissectors, while usually superfluous, behave as expected. Issue 20213
The packet list (Wireshark) and event list (Stratoshark) no longer support rows with multiple lines. Issue 14424
The ethers file can also contain EUI-64 to name mappings. Issue 15487
Wireshark’s "Import from Hex Dump" feature and text2pcap now support byte groups with 2 to 4 bytes (with an option for little-endian byte order), and support hexadecimal offsets with a 0x or 0X
prefix (as produced by tcpdump -x, among others). Issue 16193
Frame timestamps can be added as preamble to hex dumps in Wireshark from the "Print" and "Export Packet Dissection" dialogs, and in TShark with the --hexdump time option. Issue 17132
Lua now has a Conversation object, which exposes conversations and conversation data to Lua. Issue 15396
An Edit › Copy › as HTML menu item has been added, along with associated context menu items and a keyboard shortcut. It provides an option (via knobs in preferences) to copy plain text with aligned
columns along with an ability to select a copy format to be used when copied via keyboard shortcut.
The "no duplicate keys" version of JSON output that tshark has supported since 2.6.0 is available through the GUI Export Dissections Dialog. Note that this format does not necessarily preserve the
ordering of all children in a tree, if sibling with identical keys are not consecutive.
The GUI Export Dissections Dialog can output raw hex bytes of the frame data for each field with or without exporting the field values, the same formats as the "-T json -x" and "-T jsonraw" output
modes, respectively, of TShark.
The Conversations and Endpoints dialogs have an option to display byte counts and bit rates in exact counts instead of human-readable numbers with SI units. The default setting when opening a dialog
is controlled by a Statistics preference, "conv.machine_readable". The same preference controls whether precise byte counts are used in the TShark "-z conv" and "-z endpoints" taps.
The output format for some TShark statistics taps (those selected with "-z <tap>,tree", which use the stats_tree system) can be controlled via a preference "-o statistics.output_format".
The color scheme can be set to Light or Dark mode independently of the current OS default on Windows and macOS, if Wireshark is built with Qt 6.8 or later as the official installers are. Issue 19328
libxml2 is now a required dependency. Note that Wireshark will not build with libxml2 2.15.0, but other versions should work.
The View menu has an option to Redissect Packets manually, which can be useful when address resolution or decryption secrets have changed.
HTTP2 tracking of 3GPP session over 5G Service Based Interfaces is now optional available. When enabled "Associate IMSI" will be add on HTTP2 streams which has been found belong to a session.
Building the documentation on Windows no longer requires Java.
On Linux, capture filters that use BPF extensions like "inbound", "outbound", and "ifindex" can be used for capturing (and compiled by the Compiled Filter dialog). Instead of always being rejected by
the syntax checker, they will be marked as unknown.
Removed Features and Support
Wireshark no longer supports AirPcap and WinPcap.
Wireshark no longer supports libnl versions 1 or 2.
The ENABLE_STATIC CMake option has been deprecated in favor of BUILD_SHARED_LIBS
New File Format Decoding Support
Resource Interchange File Format (RIFF) and TTL File Format
New Protocol Support
Asymmetric Key Packages (AKP), Binary HTTP, BIST TotalView-ITCH protocol (BIST-ITCH), BIST TotalView-OUCH protocol (BIST-OUCH), Bluetooth Android HCI (HCI ANDROID), Bluetooth Intel HCI (HCI INTEL),
BPSec COSE Context, BPSec Default SC, Commsignia Capture Protocol (C2P), DECT NR+ (DECT-2020 New Radio), DLMS/COSEM, Ephemeral Diffie-Hellman Over COSE, Identifier-Locator Network Protocol (ILNP),
LDA Neo Device trailer (LDA_NEO_TRAILER), Lenbrook Service Discovery Protocol (LSDP), LLC V1, Navitrol messaging, Network Time Security Key Establishment Protocol (NTS-KE), Ouster VLP-16, Private
Line Emulation (PLE), RC V3, RCG, Roughtime, SBAS L5 Navigation Message, SGP.22 GSMA Remote SIM Provisioning (SGP.22), SGP.32 GSMA Remote SIM Provisioning (SGP.32), SICK CoLA Ascii and CoLA Binary
protocols, Silabs Debug Channel, Universal Measurement and Calibration Protocol (XCP), USB Picture Transfer Protocol (USB-PTP), VLP-16 Data and Position messaging, and vSomeIP Internal Protocol
(vSomeIP
)
To generate a diff of this commit:
cvs rdiff -u -r1.337 -r1.338 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.102 -r1.103 pkgsrc/net/wireshark/PLIST
cvs rdiff -u -r1.185 -r1.186 pkgsrc/net/wireshark/distinfo
cvs rdiff -u -r0 -r1.3 \
pkgsrc/net/wireshark/patches/patch-epan_dissectors_packet-kerberos.c
cvs rdiff -u -r0 -r1.1 pkgsrc/net/wireshark/patches/patch-writecap_pcapio.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/net/wireshark/Makefile
diff -u pkgsrc/net/wireshark/Makefile:1.337 pkgsrc/net/wireshark/Makefile:1.338
--- pkgsrc/net/wireshark/Makefile:1.337 Sat Aug 30 22:46:06 2025
+++ pkgsrc/net/wireshark/Makefile Thu Oct 9 14:43:43 2025
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.337 2025/08/30 22:46:06 wiz Exp $
+# $NetBSD: Makefile,v 1.338 2025/10/09 14:43:43 adam Exp $
-DISTNAME= wireshark-4.4.9
-PKGREVISION= 1
+DISTNAME= wireshark-4.6.0
CATEGORIES= net
MASTER_SITES= https://www.wireshark.org/download/src/
EXTRACT_SUFX= .tar.xz
Index: pkgsrc/net/wireshark/PLIST
diff -u pkgsrc/net/wireshark/PLIST:1.102 pkgsrc/net/wireshark/PLIST:1.103
--- pkgsrc/net/wireshark/PLIST:1.102 Fri Aug 29 10:44:28 2025
+++ pkgsrc/net/wireshark/PLIST Thu Oct 9 14:43:43 2025
@@ -1,9 +1,8 @@
-@comment $NetBSD: PLIST,v 1.102 2025/08/29 10:44:28 adam Exp $
+@comment $NetBSD: PLIST,v 1.103 2025/10/09 14:43:43 adam Exp $
bin/capinfos
bin/captype
bin/dumpcap
bin/editcap
-bin/idl2wrs
bin/mergecap
bin/mmdbresolve
bin/randpkt
@@ -14,41 +13,41 @@ bin/text2pcap
bin/tshark
${PLIST.qt}bin/wireshark
lib/libwireshark.so
-lib/libwireshark.so.18
-lib/libwireshark.so.18.0.9
+lib/libwireshark.so.19
+lib/libwireshark.so.19.0.0
lib/libwiretap.so
-lib/libwiretap.so.15
-lib/libwiretap.so.15.0.9
+lib/libwiretap.so.16
+lib/libwiretap.so.16.0.0
lib/libwsutil.so
-lib/libwsutil.so.16
-lib/libwsutil.so.16.0.0
-lib/wireshark/extcap/androiddump
-lib/wireshark/extcap/ciscodump
-lib/wireshark/extcap/randpktdump
-lib/wireshark/extcap/sshdump
-lib/wireshark/extcap/udpdump
-lib/wireshark/extcap/wifidump
-lib/wireshark/plugins/4.4/codecs/amrnb.so
-lib/wireshark/plugins/4.4/codecs/g711.so
-${PLIST.spandsp}lib/wireshark/plugins/4.4/codecs/g722.so
-${PLIST.spandsp}lib/wireshark/plugins/4.4/codecs/g726.so
-${PLIST.ilbc}lib/wireshark/plugins/4.4/codecs/ilbc.so
-lib/wireshark/plugins/4.4/codecs/l16mono.so
-lib/wireshark/plugins/4.4/codecs/opus_dec.so
-lib/wireshark/plugins/4.4/epan/ethercat.so
-lib/wireshark/plugins/4.4/epan/gryphon.so
-lib/wireshark/plugins/4.4/epan/ipaddr.so
-lib/wireshark/plugins/4.4/epan/irda.so
-lib/wireshark/plugins/4.4/epan/mate.so
-lib/wireshark/plugins/4.4/epan/opcua.so
-lib/wireshark/plugins/4.4/epan/profinet.so
-lib/wireshark/plugins/4.4/epan/stats_tree.so
-lib/wireshark/plugins/4.4/epan/transum.so
-lib/wireshark/plugins/4.4/epan/unistim.so
-lib/wireshark/plugins/4.4/epan/wimax.so
-lib/wireshark/plugins/4.4/epan/wimaxasncp.so
-lib/wireshark/plugins/4.4/epan/wimaxmacphy.so
-lib/wireshark/plugins/4.4/wiretap/usbdump.so
+lib/libwsutil.so.17
+lib/libwsutil.so.17.0.0
+lib/wireshark/plugins/4.6/codecs/amrnb.so
+lib/wireshark/plugins/4.6/codecs/g711.so
+${PLIST.spandsp}lib/wireshark/plugins/4.6/codecs/g722.so
+${PLIST.spandsp}lib/wireshark/plugins/4.6/codecs/g726.so
+${PLIST.ilbc}lib/wireshark/plugins/4.6/codecs/ilbc.so
+lib/wireshark/plugins/4.6/codecs/l16mono.so
+lib/wireshark/plugins/4.6/codecs/opus_dec.so
+lib/wireshark/plugins/4.6/epan/ethercat.so
+lib/wireshark/plugins/4.6/epan/gryphon.so
+lib/wireshark/plugins/4.6/epan/ipaddr.so
+lib/wireshark/plugins/4.6/epan/irda.so
+lib/wireshark/plugins/4.6/epan/mate.so
+lib/wireshark/plugins/4.6/epan/opcua.so
+lib/wireshark/plugins/4.6/epan/profinet.so
+lib/wireshark/plugins/4.6/epan/stats_tree.so
+lib/wireshark/plugins/4.6/epan/transum.so
+lib/wireshark/plugins/4.6/epan/unistim.so
+lib/wireshark/plugins/4.6/epan/wimax.so
+lib/wireshark/plugins/4.6/epan/wimaxasncp.so
+lib/wireshark/plugins/4.6/epan/wimaxmacphy.so
+lib/wireshark/plugins/4.6/wiretap/usbdump.so
+libexec/wireshark/extcap/androiddump
+libexec/wireshark/extcap/ciscodump
+libexec/wireshark/extcap/randpktdump
+libexec/wireshark/extcap/sshdump
+libexec/wireshark/extcap/udpdump
+libexec/wireshark/extcap/wifidump
${PLIST.doc}man/man1/androiddump.1
${PLIST.doc}man/man1/capinfos.1
${PLIST.doc}man/man1/captype.1
@@ -129,7 +128,6 @@ share/wireshark/dfilters
share/wireshark/diameter/AlcatelLucent.xml
share/wireshark/diameter/Cisco.xml
share/wireshark/diameter/CiscoSystems.xml
-share/wireshark/diameter/Custom.xml
share/wireshark/diameter/Ericsson.xml
share/wireshark/diameter/HP.xml
share/wireshark/diameter/Huawei.xml
@@ -150,6 +148,7 @@ share/wireshark/diameter/VerizonWireless
share/wireshark/diameter/Vodafone.xml
share/wireshark/diameter/chargecontrol.xml
share/wireshark/diameter/dictionary.dtd
+share/wireshark/diameter/dictionary.ent
share/wireshark/diameter/dictionary.xml
share/wireshark/diameter/eap.xml
share/wireshark/diameter/etsie2e4.xml
@@ -208,6 +207,7 @@ share/wireshark/radius/dictionary.arista
share/wireshark/radius/dictionary.aruba
share/wireshark/radius/dictionary.ascend
share/wireshark/radius/dictionary.ascend.illegal
+share/wireshark/radius/dictionary.ascend.illegal.extended
share/wireshark/radius/dictionary.asn
share/wireshark/radius/dictionary.audiocodes
share/wireshark/radius/dictionary.avaya
@@ -285,6 +285,7 @@ share/wireshark/radius/dictionary.iea
share/wireshark/radius/dictionary.infinera
share/wireshark/radius/dictionary.infoblox
share/wireshark/radius/dictionary.infonet
+share/wireshark/radius/dictionary.ingate
share/wireshark/radius/dictionary.ipunplugged
share/wireshark/radius/dictionary.issanni
share/wireshark/radius/dictionary.itk
Index: pkgsrc/net/wireshark/distinfo
diff -u pkgsrc/net/wireshark/distinfo:1.185 pkgsrc/net/wireshark/distinfo:1.186
--- pkgsrc/net/wireshark/distinfo:1.185 Fri Aug 29 10:44:28 2025
+++ pkgsrc/net/wireshark/distinfo Thu Oct 9 14:43:43 2025
@@ -1,6 +1,8 @@
-$NetBSD: distinfo,v 1.185 2025/08/29 10:44:28 adam Exp $
+$NetBSD: distinfo,v 1.186 2025/10/09 14:43:43 adam Exp $
-BLAKE2s (wireshark-4.4.9.tar.xz) = 8801c8679b0e7c2dc24f6bf7784ab7b20306ae53bfe640123b639af08c1a64c7
-SHA512 (wireshark-4.4.9.tar.xz) = a4f13bc0c8b1c08dfed8fe8e88997e5378c0ad1f9eeb972ea07cd85e7c7140b17f63ec9efce286b636abea7b99b9f54a640852a2ec4a36bfab96c6cf08e4772d
-Size (wireshark-4.4.9.tar.xz) = 46830008 bytes
+BLAKE2s (wireshark-4.6.0.tar.xz) = b6a3b0fc3f9487edad9c62dcd6d4de75056b2f7da04c9425fdda69c7306ec100
+SHA512 (wireshark-4.6.0.tar.xz) = f531dc8a4aa9b6539235fe1c87a680a01a6cba3af048297ba4b884edbcf1577b8af9061d9d4f43cbe1fbf213c18bb72fddd44b324a93edcc612e3f5b3cdde75e
+Size (wireshark-4.6.0.tar.xz) = 50726944 bytes
SHA1 (patch-CMakeLists.txt) = 80af7e00226894efe82db3b89ea8fee08bd30681
+SHA1 (patch-epan_dissectors_packet-kerberos.c) = 47efb616bb645c2a57ef606e18db2f494ee0706a
+SHA1 (patch-writecap_pcapio.c) = ba0b9275b7eab134d8d473312299cbf7c66a6f41
Added files:
Index: pkgsrc/net/wireshark/patches/patch-epan_dissectors_packet-kerberos.c
diff -u /dev/null pkgsrc/net/wireshark/patches/patch-epan_dissectors_packet-kerberos.c:1.3
--- /dev/null Thu Oct 9 14:43:44 2025
+++ pkgsrc/net/wireshark/patches/patch-epan_dissectors_packet-kerberos.c Thu Oct 9 14:43:44 2025
@@ -0,0 +1,15 @@
+$NetBSD: patch-epan_dissectors_packet-kerberos.c,v 1.3 2025/10/09 14:43:44 adam Exp $
+
+Fix a typo.
+
+--- epan/dissectors/packet-kerberos.c.orig 2025-10-09 14:14:19.389784749 +0000
++++ epan/dissectors/packet-kerberos.c
+@@ -3401,7 +3401,7 @@ read_keytab_file(const char *filename)
+
+ /* generate origin string, describing where this key came from */
+ for(i=0;i<key.principal->name.name_string.len;i++){
+- wmem_strbuf_append_printf(str_principal, "%s%s",(i?"/":""),key.principal->name.name_string.val[i]));
++ wmem_strbuf_append_printf(str_principal, "%s%s",(i?"/":""),key.principal->name.name_string.val[i]);
+ }
+ wmem_strbuf_append_printf(str_principal, "@%s",key.principal->realm);
+ new_key->key_origin = (char*)wmem_strbuf_get_str(str_principal);
Index: pkgsrc/net/wireshark/patches/patch-writecap_pcapio.c
diff -u /dev/null pkgsrc/net/wireshark/patches/patch-writecap_pcapio.c:1.1
--- /dev/null Thu Oct 9 14:43:44 2025
+++ pkgsrc/net/wireshark/patches/patch-writecap_pcapio.c Thu Oct 9 14:43:44 2025
@@ -0,0 +1,15 @@
+$NetBSD: patch-writecap_pcapio.c,v 1.1 2025/10/09 14:43:44 adam Exp $
+
+Fix build on NetBSD.
+
+--- writecap/pcapio.c.orig 2025-10-09 14:17:34.142800083 +0000
++++ writecap/pcapio.c
+@@ -438,7 +438,7 @@ write_to_file(pcapio_writer* pfile, cons
+ default:
+ nwritten = fwrite(data, data_length, 1, pfile->fh);
+ if (nwritten != 1) {
+- if (ferror(pfile->fh)) {
++ if (ferror((FILE *)pfile->fh)) {
+ *err = errno;
+ } else {
+ *err = WTAP_ERR_SHORT_WRITE;
Home |
Main Index |
Thread Index |
Old Index