path: root/community/wireshark/APKBUILD

# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Contributor: Jeremy Thomerson <jeremy@thomersonfamily.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wireshark
# 3.3.x is an experimental release for 3.4.x, stay on stable
pkgver=3.4.1
pkgrel=0
pkgdesc="Network protocol analyzer"
url="https://www.wireshark.org"
arch="all !armhf" # blocked by qt5-qtdeclarative
license="GPL-2.0-or-later"
pkggroups="wireshark"
makedepends="
	bash
	bison
	c-ares-dev
	cmake
	flex
	glib
	glib-dev
	gnutls-dev
	libcap-dev
	libgcrypt-dev
	libnl3-dev
	libpcap-dev
	lua5.2-dev
	nghttp2-dev
	pcre-dev
	perl-dev
	portaudio-dev
	qt5-qtbase-dev
	qt5-qtmultimedia-dev
	qt5-qtsvg-dev
	qt5-qttools-dev
	"
checkdepends="py3-pytest py3-pytest-xdist"
subpackages="$pkgname-dev $pkgname-doc $pkgname-common tshark"
source="https://www.wireshark.org/download/src/wireshark-$pkgver.tar.xz
	fix-udpdump.patch
	disable-tests.patch
	"

# secfixes:
#   3.4.1-r0:
#     - CVE-2020-26418
#     - CVE-2020-26419
#     - CVE-2020-26420
#     - CVE-2020-26421
#   3.4.0-r0:
#     - CVE-2020-26575
#     - CVE-2020-28030
#   3.2.7-r0:
#     - CVE-2020-25863
#     - CVE-2020-25862
#     - CVE-2020-25866
#   3.2.6-r0:
#     - CVE-2020-17498
#   3.2.5-r0:
#     - CVE-2020-15466
#   3.2.4-r0:
#     - CVE-2020-13164
#   3.2.3-r0:
#     - CVE-2020-11647
#   3.2.2-r0:
#     - CVE-2020-9428
#     - CVE-2020-9430
#     - CVE-2020-9431
#   3.0.8-r0:
#     - CVE-2020-7045
#   3.0.7-r0:
#     - CVE-2019-19553
#   3.0.4-r0:
#     - CVE-2019-16319
#   3.0.3-r0:
#     - CVE-2019-13619
#   3.0.2-r0:
#     - CVE-2019-12295
#   3.0.1-r0:
#     - CVE-2019-10897
#     - CVE-2019-10898
#     - CVE-2019-10900
#     - CVE-2019-10902
#   2.6.8-r0:
#     - CVE-2019-10894
#     - CVE-2019-10895
#     - CVE-2019-10896
#     - CVE-2019-10899
#     - CVE-2019-10901
#     - CVE-2019-10903
#   2.6.7-r0:
#     - CVE-2019-9208
#     - CVE-2019-9209
#     - CVE-2019-9214
#   2.6.6-r0:
#     - CVE-2019-5717
#     - CVE-2019-5718
#     - CVE-2019-5719
#     - CVE-2019-5721
#   2.6.5-r0:
#     - CVE-2018-19622
#     - CVE-2018-19623
#     - CVE-2018-19624
#     - CVE-2018-19625
#     - CVE-2018-19626
#     - CVE-2018-19627
#     - CVE-2018-19628
#   2.6.4-r0:
#     - CVE-2018-12086
#     - CVE-2018-18225
#     - CVE-2018-18226
#     - CVE-2018-18227
#   2.6.3-r0:
#     - CVE-2018-16056
#     - CVE-2018-16057
#     - CVE-2018-16058
#   2.6.2-r0:
#     - CVE-2018-14339
#     - CVE-2018-14340
#     - CVE-2018-14341
#     - CVE-2018-14342
#     - CVE-2018-14343
#     - CVE-2018-14344
#     - CVE-2018-14367
#     - CVE-2018-14368
#     - CVE-2018-14369
#     - CVE-2018-14370
#   2.4.7-r0:
#     - CVE-2018-11356
#     - CVE-2018-11357
#     - CVE-2018-11358
#     - CVE-2018-11359
#     - CVE-2018-11360
#     - CVE-2018-11362
#   2.4.6-r0:
#     - CVE-2018-9256
#     - CVE-2018-9257
#     - CVE-2018-9258
#     - CVE-2018-9260
#     - CVE-2018-9261
#     - CVE-2018-9262
#     - CVE-2018-9263
#     - CVE-2018-9264
#     - CVE-2018-9267
#     - CVE-2018-10194
#   2.4.5-r0:
#     - CVE-2018-7320
#     - CVE-2018-7321
#     - CVE-2018-7322
#     - CVE-2018-7323
#     - CVE-2018-7324
#     - CVE-2018-7325
#     - CVE-2018-7326
#     - CVE-2018-7327
#     - CVE-2018-7328
#     - CVE-2018-7329
#     - CVE-2018-7330
#     - CVE-2018-7331
#     - CVE-2018-7332
#     - CVE-2018-7333
#     - CVE-2018-7334
#     - CVE-2018-7335
#     - CVE-2018-7336
#     - CVE-2018-7337
#     - CVE-2018-7417
#     - CVE-2018-7418
#     - CVE-2018-7419
#     - CVE-2018-7420
#   2.4.4-r0:
#     - CVE-2018-5334
#     - CVE-2018-5335
#     - CVE-2018-5336
#   2.4.3-r0:
#     - CVE-2017-17083
#     - CVE-2017-17084
#     - CVE-2017-17085
#   2.2.10-r0:
#     - CVE-2017-15191
#     - CVE-2017-15192
#     - CVE-2017-15193
#   2.2.9-r0:
#     - CVE-2017-13765
#     - CVE-2017-13766
#     - CVE-2017-13767
#   2.2.8-r0:
#     - CVE-2017-11406
#     - CVE-2017-11407
#     - CVE-2017-11408
#   2.2.7-r0:
#     - CVE-2017-9343
#     - CVE-2017-9344
#     - CVE-2017-9345
#     - CVE-2017-9346
#     - CVE-2017-9347
#     - CVE-2017-9348
#     - CVE-2017-9349
#     - CVE-2017-9350
#     - CVE-2017-9351
#     - CVE-2017-9352
#     - CVE-2017-9353
#     - CVE-2017-9354
#   2.2.6-r0:
#     - CVE-2017-7700
#     - CVE-2017-7701
#     - CVE-2017-7702
#     - CVE-2017-7703
#     - CVE-2017-7704
#     - CVE-2017-7705
#   2.2.5-r0:
#     - CVE-2017-6467
#     - CVE-2017-6468
#     - CVE-2017-6469
#     - CVE-2017-6470
#     - CVE-2017-6471
#     - CVE-2017-6472
#     - CVE-2017-6473
#     - CVE-2017-6474
#   2.2.4-r1:
#     - CVE-2017-6014
#   2.0.5-r0:
#     - CVE-2016-6505
#     - CVE-2016-6506
#     - CVE-2016-6508
#     - CVE-2016-6509
#     - CVE-2016-6510
#     - CVE-2016-6511
#     - CVE-2016-6512
#     - CVE-2016-6513

build() {
	cmake -B build \
		-DCMAKE_BUILD_TYPE=None \
		-DCMAKE_INSTALL_PREFIX=/usr \
		-DCMAKE_INSTALL_LIBDIR=lib \
		-DENABLE_GNUTLS=ON \
		-DENABLE_LUA=ON
	make -C build
}

check() {
	cd build
	make test-programs
	# Disabled tests 1, 2 fail on armhf
	# See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15771
	# Disabled tests 3-10 fail on s390x
	# See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15772
	py.test-3 ../test/ \
		--deselect test/suite_wslua.py::case_wslua::test_wslua_tvb_tree \
		--deselect test/suite_wslua.py::case_wslua::test_wslua_tvb_no_tree \
		--deselect test/suite_capture.py::case_dumpcap_pcapng_sections::test_dumpcap_pcapng_single_in_multi_out \
		--deselect test/suite_capture.py::case_dumpcap_pcapng_sections::test_dumpcap_pcapng_single_in_single_out \
		--deselect test/suite_capture.py::case_dumpcap_pcapng_sections::test_dumpcap_pcapng_multi_in_single_out \
		--deselect test/suite_capture.py::case_dumpcap_pcapng_sections::test_dumpcap_pcapng_multi_in_multi_out \
		--deselect test/suite_decryption.py::case_decrypt_smb2::test_smb311_bad_key \
		--deselect test/suite_decryption.py::case_decrypt_smb2::test_smb300_aes128ccm \
		--deselect test/suite_decryption.py::case_decrypt_smb2::test_smb300_bad_key \
		--deselect test/suite_decryption.py::case_decrypt_smb2::test_smb311_aes128ccm
}

package() {
	make -C build -j1 DESTDIR="$pkgdir" install

	# Allow users in the wireshark group to capture packages
	# See: https://wiki.wireshark.org/CaptureSetup/CapturePrivileges#Limiting_capture_permission_to_only_one_group
	chmod 0750 "$pkgdir"/usr/bin/dumpcap
	chown root:wireshark "$pkgdir"/usr/bin/dumpcap
	setcap cap_net_raw,cap_net_admin+eip "$pkgdir"/usr/bin/dumpcap

	# Move cmake files to the right location
	mkdir -p $pkgdir/usr/lib/cmake/wireshark
	mv $pkgdir/usr/lib/wireshark/cmake/*.cmake \
		$pkgdir/usr/lib/cmake/wireshark/
}

common() {
	pkgdesc="Network protoccol analyzer (Common files)"
	install="$subpkgname.pre-install $subpkgname.pre-upgrade $subpkgname.post-install"

	mkdir -p "$subpkgdir"/usr/lib "$subpkgdir"/usr/share \
		"$subpkgdir"/usr/bin
	mv "$pkgdir"/usr/share/wireshark "$subpkgdir"/usr/share/
	mv "$pkgdir"/usr/lib*/* "$subpkgdir"/usr/lib/

	# Move all bins except wireshark
	local i
	for i in "$pkgdir"/usr/bin/*; do
		case "$i" in
			*/tshark|*/wireshark) continue;;
			*) mv "$i" "$subpkgdir"/usr/bin/
		esac
	done
}

tshark() {
	pkgdesc="Network protoccol analyzer (Console version)"
	install -d "$subpkgdir"/usr/bin
	mv "$pkgdir"/usr/bin/tshark "$subpkgdir"/usr/bin/tshark
}

sha512sums="a968158a5a22d04a9bf3b060246f7579210a8106e06184411fd00dad69e030c10aecfa579c09dcca11fb659e0a1de4773951578cb3697dd2dc8e5153d3892728  wireshark-3.4.1.tar.xz
287159576be76fc8afbce450a53f969bbd519321e038c812b96857ca08c352052dbbfaa9208d54ed30d7a0c9ca4192b83c8865de60562c4490d99d75c61ede0b  fix-udpdump.patch
3c907a037504d39a56766db37eecc9d5f968fdcb90c431e099b3f77e4ffc52fb65cb6c3896406aa939a846d526daf5676693ae5c2ff933e1d878e39ac074417a  disable-tests.patch"