Pullup ticket 3232 - requested by tron

security update

Revisions pulled up:
- pkgsrc/net/wireshark/Makefile			1.52
- pkgsrc/net/wireshark/PLIST			1.19
- pkgsrc/net/wireshark/distinfo			1.34
- pkgsrc/net/wireshark/patches/patch-ad		1.6

Files added:
- pkgsrc/net/wireshark/patches/patch-ae

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Sat Sep 25 11:19:10 UTC 2010

   Modified Files:
           pkgsrc/net/wireshark: Makefile PLIST distinfo
           pkgsrc/net/wireshark/patches: patch-ad
   Added Files:
           pkgsrc/net/wireshark/patches: patch-ae

   Log Message:
   Update "wireshark" package to version 1.4.0. Change since version 1.2.10:
   - The following bugs have been fixed:
     - Update time display in background. (Bug 1275)
     - Tshark returns 0 even with an invalid interface or capture
       filter. (Bug 4735)
   - The following features are new (or have been significantly
     updated) since version 1.2:
     - The packet list internals have been rewritten and are now more
       efficient.
     - Columns are easier to use. You can add a protocol field as a
       column by right-clicking on its packet detail item, and you
       can adjust some column preferences by right-clicking the
       column header.
     - Preliminary Python scripting support has been added.
     - Many memory leaks have been fixed.
     - Packets can now be ignored (excluded from dissection), similar
       to the way they can be marked.
     - Manual IP address resolution is now supported.
     - Columns with seconds can now be displayed as hours, minutes
       and seconds.
     - You can now set the capture buffer size on UNIX and Linux if
       you have libpcap 1.0.0 or greater.
     - TShark no longer needs elevated privileges on UNIX or Linux to
       list interfaces. Only dumpcap requires privileges now.
     - Wireshark and TShark can enable 802.11 monitor mode directly
       if you have libpcap 1.0.0 or greater.
     - You can play RTP streams directly from the RTP Analysis
       window.
     - Capinfos and editcap now respectively support time order
       checking and forcing.
     - Wireshark now has a "jump to timestamp" command-line option.
     - You can open JPEG files directly in Wireshark.
   - New Protocol Support
     3GPP Nb Interface RTP Multiplex, Access Node Control Protocol,
     Apple Network-MIDI Session Protocol, ARUBA encapsulated remote
     mirroring, Assa Abloy R3, Asynchronous Transfer Mode, B.A.T.M.A.N.
     Advanced Protocol, Bluetooth AMP Packet, Bluetooth OBEX, Bundle
     Protocol, CIP Class Generic, CIP Connection Configuration Object,
     CIP Connection Manager, CIP Message Router, collectd network data,
     Control And Provisioning of Wireless Access Points, Controller
     Area Network, Device Level Ring, DOCSIS Bonded Initial Ranging
     Message, Dropbox LAN sync Discovery Protocol, Dropbox LAN sync
     Protocol, DTN TCP Convergence Layer Protocol, EtherCAT Switch
     Link, Fibre Channel Delimiters, File Replication Service DFS-R,
     Gateway Load Balancing Protocol, Gigamon Header, GigE Vision
     Control Protocol, Git Smart Protocol, GSM over IP ip.access CCM
     sub-protocol, GSM over IP protocol as used by ip.access, GSM
     Radiotap, HI2Operations, Host Identity Protocol, HP encapsulated
     remote mirroring, HP NIC Teaming Heartbeat, IEC61850 Sampled
     Values, IEEE 1722 Protocol, InfiniBand Link, Interlink Protocol,
     IPv6 over IEEE 802.15.4, ISO 10035-1 OSI Connectionless
     Association Control Service, ISO 9548-1 OSI Connectionless Session
     Protocol, ISO 9576-1 OSI Connectionless Presentation Protocol,
     ITU-T Q.708 ISPC Analysis, Juniper Packet Mirror, Licklider
     Transmission Protocol, MPLS PW ATM AAL5 CPCS-SDU mode
     encapsulation, MPLS PW ATM Cell Header, MPLS PW ATM Control Word,
     MPLS PW ATM N-to-One encapsulation, no CW, MPLS PW ATM N-to-One
     encapsulation, with CW, MPLS PW ATM One-to-One or AAL5 PDU
     encapsulation, Multiple Stream Reservation Protocol, NetPerfMeter
     Protocol, NetScaler Trace, NexusWare C7 MTP, NSN FLIP, OMRON FINS
     Protocol, packetbb Protocol, Peer Network Resolution Protocol,
     PKIX Attribute Certificate, Pseudowire Padding, Server/Application
     State Protocol, Solaris IPNET, TN3270 Protocol, TN5250 Protocol,
     TRILL, Twisted Banana, UMTS FP Hint, UMTS MAC, UMTS Metadata, UMTS
     RLC, USB HID, USB HUB, UTRAN Iuh interface HNBAP signalling, UTRAN
     Iuh interface RUA signalling, V5.2, Vendor Specific Control
     Protocol, Vendor Specific Network Protocol, VMware Lab Manager,
     VXI-11 Asynchronous Abort, VXI-11 Core Protocol, VXI-11 Interrupt,
     X.411 Message Access Service, ZigBee Cluster Library
   - Updated Protocol Support
     There are too many to list here.
   - New and Updated Capture File Support
     Accellent 5Views, ASN.1 Basic Encoding Rules, Catapult DCT2000,
     Daintree SNA, Endace ERF, EyeSDN, Gammu DCT3 trace, IBM iSeries,
     JPEG/JFIF, libpcap, Lucent/Ascend access server trace, NetScaler,
     PacketLogger, pcapng, Shomiti/Finisar Surveyor, Sun snoop, Symbian
     OS btsnoop, Visual Networks

   Pkgsrc changes:
   A fix for the security vulnerability reported in SA41535 has been
   integrated from the Wireshark SVN repository.


   To generate a diff of this commit:
   cvs rdiff -u -r1.51 -r1.52 pkgsrc/net/wireshark/Makefile
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/net/wireshark/PLIST
   cvs rdiff -u -r1.33 -r1.34 pkgsrc/net/wireshark/distinfo
   cvs rdiff -u -r1.5 -r1.6 pkgsrc/net/wireshark/patches/patch-ad
   cvs rdiff -u -r0 -r1.1 pkgsrc/net/wireshark/patches/patch-ae

5 files changed, 209 insertions, 14 deletions

diff --git a/net/wireshark/Makefile b/net/wireshark/Makefile
index dd7fd5baf99..d7affe92820 100644
--- a/net/wireshark/Makefile
+++ b/net/wireshark/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.47.2.2 2010/08/04 21:11:23 spz Exp $
+# $NetBSD: Makefile,v 1.47.2.3 2010/09/28 05:36:59 spz Exp $
 
-DISTNAME=		wireshark-1.2.10
+DISTNAME=		wireshark-1.4.0
 CATEGORIES=		net
 MASTER_SITES=		http://www.wireshark.org/download/src/ \
 			${MASTER_SITE_SOURCEFORGE:=wireshark/}
diff --git a/net/wireshark/PLIST b/net/wireshark/PLIST
index 1bd393db3ea..7f4b872a448 100644
--- a/net/wireshark/PLIST
+++ b/net/wireshark/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.18 2010/05/15 20:27:28 tron Exp $
+@comment $NetBSD: PLIST,v 1.18.2.1 2010/09/28 05:36:59 spz Exp $
 bin/capinfos
 bin/dftest
 bin/dumpcap
@@ -31,11 +31,14 @@ lib/wireshark/plugins/${PKGVERSION}/tango.la
 lib/wireshark/plugins/${PKGVERSION}/unistim.la
 lib/wireshark/plugins/${PKGVERSION}/wimax.la
 lib/wireshark/plugins/${PKGVERSION}/wimaxasncp.la
+lib/wireshark/plugins/${PKGVERSION}/interlink.la
 man/man1/capinfos.1
+man/man1/dftest.1
 man/man1/dumpcap.1
 man/man1/editcap.1
 man/man1/idl2wrs.1
 man/man1/mergecap.1
+man/man1/randpkt.1
 man/man1/rawshark.1
 man/man1/text2pcap.1
 man/man1/tshark.1
@@ -48,6 +51,7 @@ share/wireshark/cfilters
 share/wireshark/colorfilters
 ${PLIST.lua}share/wireshark/console.lua
 share/wireshark/dfilters
+share/wireshark/dftest.html
 share/wireshark/diameter/Ericsson.xml
 share/wireshark/diameter/TGPPGmb.xml
 share/wireshark/diameter/TGPPRx.xml
@@ -91,71 +95,136 @@ ${PLIST.lua}share/wireshark/init.lua
 share/wireshark/ipmap.html
 share/wireshark/manuf
 share/wireshark/mergecap.html
+share/wireshark/radius/README.radius_dictionary
 share/wireshark/radius/dictionary
 share/wireshark/radius/dictionary.3com
 share/wireshark/radius/dictionary.3gpp
 share/wireshark/radius/dictionary.3gpp2
 share/wireshark/radius/dictionary.acc
+share/wireshark/radius/dictionary.airespace
 share/wireshark/radius/dictionary.alcatel
 share/wireshark/radius/dictionary.alteon
 share/wireshark/radius/dictionary.altiga
+share/wireshark/radius/dictionary.alvarion
+share/wireshark/radius/dictionary.apc
 share/wireshark/radius/dictionary.aptis
 share/wireshark/radius/dictionary.aruba
 share/wireshark/radius/dictionary.ascend
+share/wireshark/radius/dictionary.asn
+share/wireshark/radius/dictionary.avaya
+share/wireshark/radius/dictionary.azaire
 share/wireshark/radius/dictionary.bay
 share/wireshark/radius/dictionary.bintec
 share/wireshark/radius/dictionary.bristol
 share/wireshark/radius/dictionary.cablelabs
 share/wireshark/radius/dictionary.cabletron
+share/wireshark/radius/dictionary.chillispot
 share/wireshark/radius/dictionary.cisco
 share/wireshark/radius/dictionary.cisco.bbsm
 share/wireshark/radius/dictionary.cisco.vpn3000
 share/wireshark/radius/dictionary.cisco.vpn5000
+share/wireshark/radius/dictionary.clavister
 share/wireshark/radius/dictionary.colubris
 share/wireshark/radius/dictionary.columbia_university
 share/wireshark/radius/dictionary.compat
 share/wireshark/radius/dictionary.cosine
+share/wireshark/radius/dictionary.dhcp
+share/wireshark/radius/dictionary.digium
+share/wireshark/radius/dictionary.epygi
 share/wireshark/radius/dictionary.ericsson
 share/wireshark/radius/dictionary.erx
 share/wireshark/radius/dictionary.extreme
+share/wireshark/radius/dictionary.fortinet
 share/wireshark/radius/dictionary.foundry
 share/wireshark/radius/dictionary.freeradius
+share/wireshark/radius/dictionary.freeradius.internal
+share/wireshark/radius/dictionary.freeswitch
 share/wireshark/radius/dictionary.gandalf
 share/wireshark/radius/dictionary.garderos
 share/wireshark/radius/dictionary.gemtek
+share/wireshark/radius/dictionary.h3c
+share/wireshark/radius/dictionary.hp
+share/wireshark/radius/dictionary.huawei
+share/wireshark/radius/dictionary.infonet
+share/wireshark/radius/dictionary.ipunplugged
+share/wireshark/radius/dictionary.issanni
 share/wireshark/radius/dictionary.itk
+share/wireshark/radius/dictionary.jradius
 share/wireshark/radius/dictionary.juniper
 share/wireshark/radius/dictionary.karlnet
+share/wireshark/radius/dictionary.lancom
 share/wireshark/radius/dictionary.livingston
 share/wireshark/radius/dictionary.localweb
+share/wireshark/radius/dictionary.lucent
+share/wireshark/radius/dictionary.manzara
 share/wireshark/radius/dictionary.merit
 share/wireshark/radius/dictionary.microsoft
 share/wireshark/radius/dictionary.mikrotik
+share/wireshark/radius/dictionary.motorola
 share/wireshark/radius/dictionary.navini
 share/wireshark/radius/dictionary.netscreen
+share/wireshark/radius/dictionary.networkphysics
+share/wireshark/radius/dictionary.nexans
 share/wireshark/radius/dictionary.nokia
+share/wireshark/radius/dictionary.nokia.conflict
 share/wireshark/radius/dictionary.nomadix
+share/wireshark/radius/dictionary.nortel
+share/wireshark/radius/dictionary.ntua
+share/wireshark/radius/dictionary.openser
+share/wireshark/radius/dictionary.packeteer
+share/wireshark/radius/dictionary.patton
 share/wireshark/radius/dictionary.propel
+share/wireshark/radius/dictionary.prosoft
+share/wireshark/radius/dictionary.quiconnect
 share/wireshark/radius/dictionary.quintum
 share/wireshark/radius/dictionary.redback
 share/wireshark/radius/dictionary.redcreek
+share/wireshark/radius/dictionary.rfc2865
+share/wireshark/radius/dictionary.rfc2866
+share/wireshark/radius/dictionary.rfc2867
+share/wireshark/radius/dictionary.rfc2868
+share/wireshark/radius/dictionary.rfc2869
+share/wireshark/radius/dictionary.rfc3162
+share/wireshark/radius/dictionary.rfc3576
+share/wireshark/radius/dictionary.rfc3580
+share/wireshark/radius/dictionary.rfc4072
+share/wireshark/radius/dictionary.rfc4372
+share/wireshark/radius/dictionary.rfc4675
+share/wireshark/radius/dictionary.rfc4679
+share/wireshark/radius/dictionary.rfc4818
+share/wireshark/radius/dictionary.rfc4849
+share/wireshark/radius/dictionary.rfc5090
+share/wireshark/radius/dictionary.rfc5176
+share/wireshark/radius/dictionary.riverstone
+share/wireshark/radius/dictionary.roaringpenguin
 share/wireshark/radius/dictionary.shasta
 share/wireshark/radius/dictionary.shiva
+share/wireshark/radius/dictionary.slipstream
+share/wireshark/radius/dictionary.sofaware
 share/wireshark/radius/dictionary.sonicwall
 share/wireshark/radius/dictionary.springtide
 share/wireshark/radius/dictionary.starent
 share/wireshark/radius/dictionary.t_systems_nova
 share/wireshark/radius/dictionary.telebit
+share/wireshark/radius/dictionary.telkom
 share/wireshark/radius/dictionary.trapeze
+share/wireshark/radius/dictionary.tropos
 share/wireshark/radius/dictionary.tunnel
 share/wireshark/radius/dictionary.unisphere
 share/wireshark/radius/dictionary.unix
 share/wireshark/radius/dictionary.usr
+share/wireshark/radius/dictionary.utstarcom
 share/wireshark/radius/dictionary.valemount
 share/wireshark/radius/dictionary.versanet
+share/wireshark/radius/dictionary.vqp
+share/wireshark/radius/dictionary.walabi
+share/wireshark/radius/dictionary.waverider
 share/wireshark/radius/dictionary.wimax
 share/wireshark/radius/dictionary.wispr
 share/wireshark/radius/dictionary.xedia
+share/wireshark/radius/dictionary.xylan
+share/wireshark/radius/dictionary.zyxel
+share/wireshark/randpkt.html
 share/wireshark/rawshark.html
 share/wireshark/services
 share/wireshark/smi_modules
diff --git a/net/wireshark/distinfo b/net/wireshark/distinfo
index 2d2fc215134..ae99ce33f74 100644
--- a/net/wireshark/distinfo
+++ b/net/wireshark/distinfo
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.32.2.1 2010/08/04 21:11:23 spz Exp $
+$NetBSD: distinfo,v 1.32.2.2 2010/09/28 05:36:59 spz Exp $
 
-SHA1 (wireshark-1.2.10.tar.bz2) = db9028d6c547fb736f126a0cd0659222094b4c1b
-RMD160 (wireshark-1.2.10.tar.bz2) = 15fd1087b7f817902da50d49a819773dfd589a85
-Size (wireshark-1.2.10.tar.bz2) = 15401498 bytes
+SHA1 (wireshark-1.4.0.tar.bz2) = a1dc5fa6eff0320da5dad7ec9c8f3a8f5a18be81
+RMD160 (wireshark-1.4.0.tar.bz2) = 8eb683e1a1175a0386fc5f1262f0289af177d17c
+Size (wireshark-1.4.0.tar.bz2) = 20481773 bytes
 SHA1 (patch-aa) = d0744f069ac2d3a8a43b810e1f958360d99200a9
 SHA1 (patch-ab) = 5ae79916603f04c2d362c764d39f0c99728e716c
 SHA1 (patch-ac) = 4e985520ea4b118aea6fc001f256b5de96de7840
-SHA1 (patch-ad) = 38baddf10f9335e2f766dc987589e7646b8ca014
+SHA1 (patch-ad) = a09b5ac9e836ef01fbd6ba103de00d08c0af2800
+SHA1 (patch-ae) = a741c3d126c0cd2496438c1c1540ccdfa10714c8
diff --git a/net/wireshark/patches/patch-ad b/net/wireshark/patches/patch-ad
index e887da44fea..cff8b8a657f 100644
--- a/net/wireshark/patches/patch-ad
+++ b/net/wireshark/patches/patch-ad
@@ -1,13 +1,22 @@
-$NetBSD: patch-ad,v 1.5 2010/01/29 12:09:52 tron Exp $
+$NetBSD: patch-ad,v 1.5.4.1 2010/09/28 05:36:59 spz Exp $
 
---- configure.orig	2010-01-27 16:14:11.000000000 +0000
-+++ configure	2010-01-29 11:42:14.000000000 +0000
-@@ -14889,7 +14889,7 @@
+--- configure.orig	2010-08-29 23:20:30.000000000 +0100
++++ configure	2010-09-25 11:47:16.000000000 +0100
+@@ -19604,7 +19604,7 @@
  fi
  
  
 -	if test x$have_ige_mac == x
 +	if test x$have_ige_mac = x
  	then
- 		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ige_mac_menu_set_menu_bar in -ligemacintegration" >&5
- $as_echo_n "checking for ige_mac_menu_set_menu_bar in -ligemacintegration... " >&6; }
+ 		#
+ 		# Not found - check for the old integration functions in
+@@ -19660,7 +19660,7 @@
+ 
+ 	fi
+ 
+-	if test x$have_ige_mac == x
++	if test x$have_ige_mac = x
+ 	then
+ 		#
+ 		# Not found - check for the old integration functions in
diff --git a/net/wireshark/patches/patch-ae b/net/wireshark/patches/patch-ae
new file mode 100644
index 00000000000..be55e0ee233
--- /dev/null
+++ b/net/wireshark/patches/patch-ae
@@ -0,0 +1,116 @@
+$NetBSD: patch-ae,v 1.1.2.2 2010/09/28 05:36:59 spz Exp $
+
+Fix for SA41535 taken from here:
+
+http://anonsvn.wireshark.org/viewvc?view=rev&revision=34111
+
+--- epan/dissectors/packet-ber.c.orig	2010-08-29 23:17:07.000000000 +0100
++++ epan/dissectors/packet-ber.c	2010-09-25 11:53:33.000000000 +0100
+@@ -200,6 +200,14 @@
+ 	{ 0, NULL }
+ };
+ 
++/*
++ * Set a limit on recursion so we don't blow away the stack. Another approach
++ * would be to remove recursion completely but then we'd exhaust CPU+memory
++ * trying to read a hellabyte of nested indefinite lengths.
++ * XXX - Max nesting in the ASN.1 plugin is 32. Should they match?
++ */
++#define BER_MAX_NESTING 500
++
+ static const true_false_string ber_real_binary_vals = {
+ 	"Binary encoding",
+ 	"Decimal encoding"
+@@ -422,7 +430,8 @@
+  return offset;
+ }
+ 
+-int dissect_unknown_ber(packet_info *pinfo, tvbuff_t *tvb, int offset, proto_tree *tree)
++static int
++try_dissect_unknown_ber(packet_info *pinfo, tvbuff_t *tvb, int offset, proto_tree *tree, gint nest_level)
+ {
+ 	int start_offset;
+ 	gint8 class;
+@@ -438,6 +447,11 @@
+ 	proto_item *pi, *cause;
+ 	asn1_ctx_t asn1_ctx;
+ 
++	if (nest_level > BER_MAX_NESTING) {
++		/* Assume that we have a malformed packet. */
++		THROW(ReportedBoundsError);
++	}
++
+ 	start_offset=offset;
+ 	asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
+ 
+@@ -500,7 +514,7 @@
+ 					}
+ 					item = proto_tree_add_item(tree, hf_ber_unknown_BER_OCTETSTRING, tvb, offset, len, FALSE);
+ 					next_tree = proto_item_add_subtree(item, ett_ber_octet_string);
+-					offset = dissect_unknown_ber(pinfo, tvb, offset, next_tree);
++					offset = try_dissect_unknown_ber(pinfo, tvb, offset, next_tree, nest_level+1);
+ 				}
+ 			} 
+ 			if (!is_decoded_as) {
+@@ -585,7 +599,7 @@
+ 		is_decoded_as = TRUE;
+ 		proto_item_append_text (pi, "[BER encoded]");
+ 		next_tree = proto_item_add_subtree(pi, ett_ber_primitive);
+-		offset = dissect_unknown_ber(pinfo, tvb, offset, next_tree);
++		offset = try_dissect_unknown_ber(pinfo, tvb, offset, next_tree, nest_level+1);
+ 	      }
+ 	    }
+ 
+@@ -632,7 +646,7 @@
+ 			next_tree=proto_item_add_subtree(item, ett_ber_SEQUENCE);
+ 		}
+ 		while(offset < (int)(start_offset + len + hdr_len))
+-		  offset=dissect_unknown_ber(pinfo, tvb, offset, next_tree);
++		  offset=try_dissect_unknown_ber(pinfo, tvb, offset, next_tree, nest_level+1);
+ 		break;
+ 	  case BER_CLASS_APP:
+ 	  case BER_CLASS_CON:
+@@ -643,7 +657,7 @@
+ 			next_tree=proto_item_add_subtree(item, ett_ber_SEQUENCE);
+ 		}
+ 		while(offset < (int)(start_offset + len + hdr_len))
+-		  offset=dissect_unknown_ber(pinfo, tvb, offset, next_tree);
++		  offset=try_dissect_unknown_ber(pinfo, tvb, offset, next_tree, nest_level+1);
+ 		break;
+ 
+ 	  }
+@@ -654,6 +668,11 @@
+ 	return offset;
+ }
+ 
++int
++dissect_unknown_ber(packet_info *pinfo, tvbuff_t *tvb, int offset, proto_tree *tree)
++{
++	return try_dissect_unknown_ber(pinfo, tvb, offset, tree, 1);
++}
+ 
+ int
+ call_ber_oid_callback(const char *oid, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree)
+@@ -853,13 +872,6 @@
+  */
+ /* 8.1.3 Length octets */
+ 
+-/*
+- * Set a limit on recursion so we don't blow away the stack. Another approach
+- * would be to remove recursion completely but then we'd exhaust CPU+memory
+- * trying to read a hellabyte of nested indefinite lengths.
+- * XXX - Max nesting in the ASN.1 plugin is 32. Should they match?
+- */
+-#define BER_MAX_INDEFINITE_NESTING 500
+ static int
+ try_get_ber_length(tvbuff_t *tvb, int offset, guint32 *length, gboolean *ind, gint nest_level) {
+ 	guint8 oct, len;
+@@ -873,7 +885,7 @@
+ 	tmp_length = 0;
+ 	tmp_ind = FALSE;
+ 
+-	if (nest_level > BER_MAX_INDEFINITE_NESTING) {
++	if (nest_level > BER_MAX_NESTING) {
+ 		/* Assume that we have a malformed packet. */
+ 		THROW(ReportedBoundsError);
+ 	}