Update "wireshark" package to version 1.4.0. Change since version 1.2.10:

- The following bugs have been fixed:
  - Update time display in background. (Bug 1275)
  - Tshark returns 0 even with an invalid interface or capture
    filter. (Bug 4735)
- The following features are new (or have been significantly
  updated) since version 1.2:
  - The packet list internals have been rewritten and are now more
    efficient.
  - Columns are easier to use. You can add a protocol field as a
    column by right-clicking on its packet detail item, and you
    can adjust some column preferences by right-clicking the
    column header.
  - Preliminary Python scripting support has been added.
  - Many memory leaks have been fixed.
  - Packets can now be ignored (excluded from dissection), similar
    to the way they can be marked.
  - Manual IP address resolution is now supported.
  - Columns with seconds can now be displayed as hours, minutes
    and seconds.
  - You can now set the capture buffer size on UNIX and Linux if
    you have libpcap 1.0.0 or greater.
  - TShark no longer needs elevated privileges on UNIX or Linux to
    list interfaces. Only dumpcap requires privileges now.
  - Wireshark and TShark can enable 802.11 monitor mode directly
    if you have libpcap 1.0.0 or greater.
  - You can play RTP streams directly from the RTP Analysis
    window.
  - Capinfos and editcap now respectively support time order
    checking and forcing.
  - Wireshark now has a "jump to timestamp" command-line option.
  - You can open JPEG files directly in Wireshark.
- New Protocol Support
  3GPP Nb Interface RTP Multiplex, Access Node Control Protocol,
  Apple Network-MIDI Session Protocol, ARUBA encapsulated remote
  mirroring, Assa Abloy R3, Asynchronous Transfer Mode, B.A.T.M.A.N.
  Advanced Protocol, Bluetooth AMP Packet, Bluetooth OBEX, Bundle
  Protocol, CIP Class Generic, CIP Connection Configuration Object,
  CIP Connection Manager, CIP Message Router, collectd network data,
  Control And Provisioning of Wireless Access Points, Controller
  Area Network, Device Level Ring, DOCSIS Bonded Initial Ranging
  Message, Dropbox LAN sync Discovery Protocol, Dropbox LAN sync
  Protocol, DTN TCP Convergence Layer Protocol, EtherCAT Switch
  Link, Fibre Channel Delimiters, File Replication Service DFS-R,
  Gateway Load Balancing Protocol, Gigamon Header, GigE Vision
  Control Protocol, Git Smart Protocol, GSM over IP ip.access CCM
  sub-protocol, GSM over IP protocol as used by ip.access, GSM
  Radiotap, HI2Operations, Host Identity Protocol, HP encapsulated
  remote mirroring, HP NIC Teaming Heartbeat, IEC61850 Sampled
  Values, IEEE 1722 Protocol, InfiniBand Link, Interlink Protocol,
  IPv6 over IEEE 802.15.4, ISO 10035-1 OSI Connectionless
  Association Control Service, ISO 9548-1 OSI Connectionless Session
  Protocol, ISO 9576-1 OSI Connectionless Presentation Protocol,
  ITU-T Q.708 ISPC Analysis, Juniper Packet Mirror, Licklider
  Transmission Protocol, MPLS PW ATM AAL5 CPCS-SDU mode
  encapsulation, MPLS PW ATM Cell Header, MPLS PW ATM Control Word,
  MPLS PW ATM N-to-One encapsulation, no CW, MPLS PW ATM N-to-One
  encapsulation, with CW, MPLS PW ATM One-to-One or AAL5 PDU
  encapsulation, Multiple Stream Reservation Protocol, NetPerfMeter
  Protocol, NetScaler Trace, NexusWare C7 MTP, NSN FLIP, OMRON FINS
  Protocol, packetbb Protocol, Peer Network Resolution Protocol,
  PKIX Attribute Certificate, Pseudowire Padding, Server/Application
  State Protocol, Solaris IPNET, TN3270 Protocol, TN5250 Protocol,
  TRILL, Twisted Banana, UMTS FP Hint, UMTS MAC, UMTS Metadata, UMTS
  RLC, USB HID, USB HUB, UTRAN Iuh interface HNBAP signalling, UTRAN
  Iuh interface RUA signalling, V5.2, Vendor Specific Control
  Protocol, Vendor Specific Network Protocol, VMware Lab Manager,
  VXI-11 Asynchronous Abort, VXI-11 Core Protocol, VXI-11 Interrupt,
  X.411 Message Access Service, ZigBee Cluster Library
- Updated Protocol Support
  There are too many to list here.
- New and Updated Capture File Support
  Accellent 5Views, ASN.1 Basic Encoding Rules, Catapult DCT2000,
  Daintree SNA, Endace ERF, EyeSDN, Gammu DCT3 trace, IBM iSeries,
  JPEG/JFIF, libpcap, Lucent/Ascend access server trace, NetScaler,
  PacketLogger, pcapng, Shomiti/Finisar Surveyor, Sun snoop, Symbian
  OS btsnoop, Visual Networks

Pkgsrc changes:
A fix for the security vulnerability reported in SA41535 has been
integrated from the Wireshark SVN repository.

2 files changed, 131 insertions, 6 deletions

diff --git a/net/wireshark/patches/patch-ad b/net/wireshark/patches/patch-ad
index e887da44fea..79e9065ddfa 100644
--- a/net/wireshark/patches/patch-ad
+++ b/net/wireshark/patches/patch-ad
@@ -1,13 +1,22 @@
-$NetBSD: patch-ad,v 1.5 2010/01/29 12:09:52 tron Exp $
+$NetBSD: patch-ad,v 1.6 2010/09/25 11:19:10 tron Exp $
 
---- configure.orig	2010-01-27 16:14:11.000000000 +0000
-+++ configure	2010-01-29 11:42:14.000000000 +0000
-@@ -14889,7 +14889,7 @@
+--- configure.orig	2010-08-29 23:20:30.000000000 +0100
++++ configure	2010-09-25 11:47:16.000000000 +0100
+@@ -19604,7 +19604,7 @@
  fi
  
  
 -	if test x$have_ige_mac == x
 +	if test x$have_ige_mac = x
  	then
- 		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ige_mac_menu_set_menu_bar in -ligemacintegration" >&5
- $as_echo_n "checking for ige_mac_menu_set_menu_bar in -ligemacintegration... " >&6; }
+ 		#
+ 		# Not found - check for the old integration functions in
+@@ -19660,7 +19660,7 @@
+ 
+ 	fi
+ 
+-	if test x$have_ige_mac == x
++	if test x$have_ige_mac = x
+ 	then
+ 		#
+ 		# Not found - check for the old integration functions in
diff --git a/net/wireshark/patches/patch-ae b/net/wireshark/patches/patch-ae
new file mode 100644
index 00000000000..512065699ed
--- /dev/null
+++ b/net/wireshark/patches/patch-ae
@@ -0,0 +1,116 @@
+$NetBSD: patch-ae,v 1.1 2010/09/25 11:19:10 tron Exp $
+
+Fix for SA41535 taken from here:
+
+http://anonsvn.wireshark.org/viewvc?view=rev&revision=34111
+
+--- epan/dissectors/packet-ber.c.orig	2010-08-29 23:17:07.000000000 +0100
++++ epan/dissectors/packet-ber.c	2010-09-25 11:53:33.000000000 +0100
+@@ -200,6 +200,14 @@
+ 	{ 0, NULL }
+ };
+ 
++/*
++ * Set a limit on recursion so we don't blow away the stack. Another approach
++ * would be to remove recursion completely but then we'd exhaust CPU+memory
++ * trying to read a hellabyte of nested indefinite lengths.
++ * XXX - Max nesting in the ASN.1 plugin is 32. Should they match?
++ */
++#define BER_MAX_NESTING 500
++
+ static const true_false_string ber_real_binary_vals = {
+ 	"Binary encoding",
+ 	"Decimal encoding"
+@@ -422,7 +430,8 @@
+  return offset;
+ }
+ 
+-int dissect_unknown_ber(packet_info *pinfo, tvbuff_t *tvb, int offset, proto_tree *tree)
++static int
++try_dissect_unknown_ber(packet_info *pinfo, tvbuff_t *tvb, int offset, proto_tree *tree, gint nest_level)
+ {
+ 	int start_offset;
+ 	gint8 class;
+@@ -438,6 +447,11 @@
+ 	proto_item *pi, *cause;
+ 	asn1_ctx_t asn1_ctx;
+ 
++	if (nest_level > BER_MAX_NESTING) {
++		/* Assume that we have a malformed packet. */
++		THROW(ReportedBoundsError);
++	}
++
+ 	start_offset=offset;
+ 	asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
+ 
+@@ -500,7 +514,7 @@
+ 					}
+ 					item = proto_tree_add_item(tree, hf_ber_unknown_BER_OCTETSTRING, tvb, offset, len, FALSE);
+ 					next_tree = proto_item_add_subtree(item, ett_ber_octet_string);
+-					offset = dissect_unknown_ber(pinfo, tvb, offset, next_tree);
++					offset = try_dissect_unknown_ber(pinfo, tvb, offset, next_tree, nest_level+1);
+ 				}
+ 			} 
+ 			if (!is_decoded_as) {
+@@ -585,7 +599,7 @@
+ 		is_decoded_as = TRUE;
+ 		proto_item_append_text (pi, "[BER encoded]");
+ 		next_tree = proto_item_add_subtree(pi, ett_ber_primitive);
+-		offset = dissect_unknown_ber(pinfo, tvb, offset, next_tree);
++		offset = try_dissect_unknown_ber(pinfo, tvb, offset, next_tree, nest_level+1);
+ 	      }
+ 	    }
+ 
+@@ -632,7 +646,7 @@
+ 			next_tree=proto_item_add_subtree(item, ett_ber_SEQUENCE);
+ 		}
+ 		while(offset < (int)(start_offset + len + hdr_len))
+-		  offset=dissect_unknown_ber(pinfo, tvb, offset, next_tree);
++		  offset=try_dissect_unknown_ber(pinfo, tvb, offset, next_tree, nest_level+1);
+ 		break;
+ 	  case BER_CLASS_APP:
+ 	  case BER_CLASS_CON:
+@@ -643,7 +657,7 @@
+ 			next_tree=proto_item_add_subtree(item, ett_ber_SEQUENCE);
+ 		}
+ 		while(offset < (int)(start_offset + len + hdr_len))
+-		  offset=dissect_unknown_ber(pinfo, tvb, offset, next_tree);
++		  offset=try_dissect_unknown_ber(pinfo, tvb, offset, next_tree, nest_level+1);
+ 		break;
+ 
+ 	  }
+@@ -654,6 +668,11 @@
+ 	return offset;
+ }
+ 
++int
++dissect_unknown_ber(packet_info *pinfo, tvbuff_t *tvb, int offset, proto_tree *tree)
++{
++	return try_dissect_unknown_ber(pinfo, tvb, offset, tree, 1);
++}
+ 
+ int
+ call_ber_oid_callback(const char *oid, tvbuff_t *tvb, int offset, packet_info *pinfo, proto_tree *tree)
+@@ -853,13 +872,6 @@
+  */
+ /* 8.1.3 Length octets */
+ 
+-/*
+- * Set a limit on recursion so we don't blow away the stack. Another approach
+- * would be to remove recursion completely but then we'd exhaust CPU+memory
+- * trying to read a hellabyte of nested indefinite lengths.
+- * XXX - Max nesting in the ASN.1 plugin is 32. Should they match?
+- */
+-#define BER_MAX_INDEFINITE_NESTING 500
+ static int
+ try_get_ber_length(tvbuff_t *tvb, int offset, guint32 *length, gboolean *ind, gint nest_level) {
+ 	guint8 oct, len;
+@@ -873,7 +885,7 @@
+ 	tmp_length = 0;
+ 	tmp_ind = FALSE;
+ 
+-	if (nest_level > BER_MAX_INDEFINITE_NESTING) {
++	if (nest_level > BER_MAX_NESTING) {
+ 		/* Assume that we have a malformed packet. */
+ 		THROW(ReportedBoundsError);
+ 	}