net-analyzer/wireshark: security cleanup

Bug: https://bugs.gentoo.org/760800
Package-Manager: Portage-3.0.12-prefix, Repoman-3.0.2
Signed-off-by: Sam James <sam@gentoo.org>

3 files changed, 0 insertions, 520 deletions

diff --git a/net-analyzer/wireshark/Manifest b/net-analyzer/wireshark/Manifest
index 26950acdb186..1b280d0987c3 100644
--- a/net-analyzer/wireshark/Manifest
+++ b/net-analyzer/wireshark/Manifest
@@ -1,3 +1 @@
-DIST wireshark-3.4.0.tar.xz 32502760 BLAKE2B 5d8106f36cc3a1425fd472f7ba645b2a07bfb93c96178a98f90676f39cad38089b625d7d6725ecfaf67bfc78aba3476567b9bf390d6f0dd838537eb81bc4aaa7 SHA512 02070db23c64e1efe42b83cdcd7b52fb9b247e653da0aa12dc21a4283272fea0a135f4b0c5641197840bef88e52785d64a860c9fcfe1bcbaceb016c5258c9649
-DIST wireshark-3.4.1.tar.xz 32470004 BLAKE2B aa2c3e56df4232b087d09a52209eec1e91a10ab125f6fb973171771d86d349ddf76bef3da089f0d6740c67883009fb77c5760c1141c99a056e7a36fe8ae5c088 SHA512 a968158a5a22d04a9bf3b060246f7579210a8106e06184411fd00dad69e030c10aecfa579c09dcca11fb659e0a1de4773951578cb3697dd2dc8e5153d3892728
 DIST wireshark-3.4.2.tar.xz 32465900 BLAKE2B dab7e871c798a6e0f03f45eaa49ba5cbabc18afabd6a5675a3241e4f1e6d86ef21b56b4cee5d561da2f2ec2b274ac6c5a52ed7b8ad50cbf02949a3a7f68d4f09 SHA512 38dc62d306dafe1a25db16ca28e1f4181a83673700a0b4c6dd98c8cb27df51ad0c6414db0370c443250aeb2521eceefb183178fe7d23a11b697cbf3f5b06f53a
diff --git a/net-analyzer/wireshark/wireshark-3.4.0.ebuild b/net-analyzer/wireshark/wireshark-3.4.0.ebuild
deleted file mode 100644
index ddabdfd5f7b5..000000000000
--- a/net-analyzer/wireshark/wireshark-3.4.0.ebuild
+++ /dev/null
@@ -1,259 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6..9} )
-
-inherit fcaps flag-o-matic multilib python-any-r1 qmake-utils xdg-utils cmake
-
-DESCRIPTION="A network protocol analyzer formerly known as ethereal"
-HOMEPAGE="https://www.wireshark.org/"
-SRC_URI="https://www.wireshark.org/download/src/all-versions/${P/_/}.tar.xz"
-LICENSE="GPL-2"
-
-SLOT="0/${PV}"
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ppc64 x86"
-IUSE="
-	androiddump bcg729 brotli +capinfos +captype ciscodump +dftest doc dpauxmon
-	+dumpcap +editcap http2 ilbc kerberos libxml2 lto lua lz4 maxminddb
-	+mergecap +minizip +netlink opus +plugins plugin-ifdemo +pcap +qt5 +randpkt
-	+randpktdump +reordercap sbc selinux +sharkd smi snappy spandsp sshdump ssl
-	sdjournal test +text2pcap tfshark +tshark +udpdump zlib +zstd
-"
-S=${WORKDIR}/${P/_/}
-
-CDEPEND="
-	acct-group/pcap
-	>=dev-libs/glib-2.32:2
-	>=net-dns/c-ares-1.5
-	dev-libs/libgcrypt:0
-	bcg729? ( media-libs/bcg729 )
-	brotli? ( app-arch/brotli )
-	ciscodump? ( >=net-libs/libssh-0.6 )
-	filecaps? ( sys-libs/libcap )
-	http2? ( net-libs/nghttp2 )
-	ilbc? ( media-libs/libilbc )
-	kerberos? ( virtual/krb5 )
-	libxml2? ( dev-libs/libxml2 )
-	lua? ( >=dev-lang/lua-5.1:0= )
-	lz4? ( app-arch/lz4 )
-	maxminddb? ( dev-libs/libmaxminddb )
-	minizip? ( sys-libs/zlib[minizip] )
-	netlink? ( dev-libs/libnl:3 )
-	opus? ( media-libs/opus )
-	pcap? ( net-libs/libpcap )
-	qt5? (
-		dev-qt/qtcore:5
-		dev-qt/qtgui:5
-		dev-qt/qtmultimedia:5
-		dev-qt/qtprintsupport:5
-		dev-qt/qtwidgets:5
-		x11-misc/xdg-utils
-	)
-	sbc? ( media-libs/sbc )
-	sdjournal? ( sys-apps/systemd )
-	smi? ( net-libs/libsmi )
-	snappy? ( app-arch/snappy )
-	spandsp? ( media-libs/spandsp )
-	sshdump? ( >=net-libs/libssh-0.6 )
-	ssl? ( net-libs/gnutls:= )
-	zlib? ( sys-libs/zlib )
-	zstd? ( app-arch/zstd )
-"
-# We need perl for `pod2html`. The rest of the perl stuff is to block older
-# and broken installs. #455122
-DEPEND="
-	${CDEPEND}
-	${PYTHON_DEPS}
-"
-BDEPEND="
-	dev-lang/perl
-	sys-devel/bison
-	sys-devel/flex
-	virtual/pkgconfig
-	doc? (
-		app-doc/doxygen
-		dev-ruby/asciidoctor
-	)
-	qt5? (
-		dev-qt/linguist-tools:5
-	)
-	test? (
-		dev-python/pytest
-		dev-python/pytest-xdist
-	)
-"
-RDEPEND="
-	${CDEPEND}
-	qt5? ( virtual/freedesktop-icon-theme )
-	selinux? ( sec-policy/selinux-wireshark )
-"
-REQUIRED_USE="
-	plugin-ifdemo? ( plugins )
-"
-RESTRICT="test"
-PATCHES=(
-	"${FILESDIR}"/${PN}-2.6.0-redhat.patch
-	"${FILESDIR}"/${PN}-99999999-ui-needs-wiretap.patch
-)
-
-src_configure() {
-	local mycmakeargs
-
-	# Workaround bug #213705. If krb5-config --libs has -lcrypto then pass
-	# --with-ssl to ./configure. (Mimics code from acinclude.m4).
-	if use kerberos; then
-		case $(krb5-config --libs) in
-			*-lcrypto*)
-				ewarn "Kerberos was built with ssl support: linkage with openssl is enabled."
-				ewarn "Note there are annoying license incompatibilities between the OpenSSL"
-				ewarn "license and the GPL, so do your check before distributing such package."
-				mycmakeargs+=( -DENABLE_GNUTLS=$(usex ssl) )
-				;;
-		esac
-	fi
-
-	if use qt5; then
-		export QT_MIN_VERSION=5.3.0
-		append-cxxflags -fPIC -DPIC
-	fi
-
-	python_setup
-
-	mycmakeargs+=(
-		$(use androiddump && use pcap && echo -DEXTCAP_ANDROIDDUMP_LIBPCAP=yes)
-		$(usex qt5 LRELEASE=$(qt5_get_bindir)/lrelease '')
-		$(usex qt5 MOC=$(qt5_get_bindir)/moc '')
-		$(usex qt5 RCC=$(qt5_get_bindir)/rcc '')
-		$(usex qt5 UIC=$(qt5_get_bindir)/uic '')
-		-DBUILD_androiddump=$(usex androiddump)
-		-DBUILD_capinfos=$(usex capinfos)
-		-DBUILD_captype=$(usex captype)
-		-DBUILD_ciscodump=$(usex ciscodump)
-		-DBUILD_dftest=$(usex dftest)
-		-DBUILD_dpauxmon=$(usex dpauxmon)
-		-DBUILD_dumpcap=$(usex dumpcap)
-		-DBUILD_editcap=$(usex editcap)
-		-DBUILD_mergecap=$(usex mergecap)
-		-DBUILD_mmdbresolve=$(usex maxminddb)
-		-DBUILD_randpkt=$(usex randpkt)
-		-DBUILD_randpktdump=$(usex randpktdump)
-		-DBUILD_reordercap=$(usex reordercap)
-		-DBUILD_sdjournal=$(usex sdjournal)
-		-DBUILD_sharkd=$(usex sharkd)
-		-DBUILD_sshdump=$(usex sshdump)
-		-DBUILD_text2pcap=$(usex text2pcap)
-		-DBUILD_tfshark=$(usex tfshark)
-		-DBUILD_tshark=$(usex tshark)
-		-DBUILD_udpdump=$(usex udpdump)
-		-DBUILD_wireshark=$(usex qt5)
-		-DDISABLE_WERROR=yes
-		-DENABLE_BCG729=$(usex bcg729)
-		-DENABLE_BROTLI=$(usex brotli)
-		-DENABLE_CAP=$(usex filecaps caps)
-		-DENABLE_GNUTLS=$(usex ssl)
-		-DENABLE_ILBC=$(usex ilbc)
-		-DENABLE_KERBEROS=$(usex kerberos)
-		-DENABLE_LIBXML2=$(usex libxml2)
-		-DENABLE_LTO=$(usex lto)
-		-DENABLE_LUA=$(usex lua)
-		-DENABLE_LZ4=$(usex lz4)
-		-DENABLE_MINIZIP=$(usex minizip)
-		-DENABLE_NETLINK=$(usex netlink)
-		-DENABLE_NGHTTP2=$(usex http2)
-		-DENABLE_OPUS=$(usex opus)
-		-DENABLE_PCAP=$(usex pcap)
-		-DENABLE_PLUGINS=$(usex plugins)
-		-DENABLE_PLUGIN_IFDEMO=$(usex plugin-ifdemo)
-		-DENABLE_SBC=$(usex sbc)
-		-DENABLE_SMI=$(usex smi)
-		-DENABLE_SNAPPY=$(usex snappy)
-		-DENABLE_SPANDSP=$(usex spandsp)
-		-DENABLE_ZLIB=$(usex zlib)
-		-DENABLE_ZSTD=$(usex zstd)
-	)
-
-	cmake_src_configure
-}
-
-src_test() {
-	cmake_build test-programs
-
-	myctestargs=( --disable-capture --skip-missing-programs=all --verbose )
-	cmake_src_test
-}
-
-src_install() {
-	cmake_src_install
-
-	# FAQ is not required as is installed from help/faq.txt
-	dodoc AUTHORS ChangeLog NEWS README* doc/randpkt.txt doc/README*
-
-	# install headers
-	insinto /usr/include/wireshark
-	doins ws_diag_control.h ws_symbol_export.h \
-		"${BUILD_DIR}"/config.h "${BUILD_DIR}"/version.h
-
-	local dir dirs=(
-		epan
-		epan/crypt
-		epan/dfilter
-		epan/dissectors
-		epan/ftypes
-		epan/wmem
-		wiretap
-		wsutil
-	)
-	for dir in "${dirs[@]}"
-	do
-		insinto /usr/include/wireshark/${dir}
-		doins ${dir}/*.h
-	done
-
-	#with the above this really shouldn't be needed, but things may be looking
-	# in wiretap/ instead of wireshark/wiretap/
-	insinto /usr/include/wiretap
-	doins wiretap/wtap.h
-
-	if use qt5; then
-		local s
-		for s in 16 32 48 64 128 256 512 1024; do
-			insinto /usr/share/icons/hicolor/${s}x${s}/apps
-			newins image/wsicon${s}.png wireshark.png
-		done
-		for s in 16 24 32 48 64 128 256 ; do
-			insinto /usr/share/icons/hicolor/${s}x${s}/mimetypes
-			newins image/WiresharkDoc-${s}.png application-vnd.tcpdump.pcap.png
-		done
-	fi
-
-	if [[ -d "${D}"/usr/share/appdata ]]; then
-		rm -r "${D}"/usr/share/appdata || die
-	fi
-}
-
-pkg_postinst() {
-	xdg_desktop_database_update
-	xdg_icon_cache_update
-	xdg_mimeinfo_database_update
-
-	# Add group for users allowed to sniff.
-	chgrp pcap "${EROOT}"/usr/bin/dumpcap
-
-	if use dumpcap && use pcap; then
-		fcaps -o 0 -g pcap -m 4710 -M 0710 \
-			cap_dac_read_search,cap_net_raw,cap_net_admin \
-			"${EROOT}"/usr/bin/dumpcap
-	fi
-
-	ewarn "NOTE: To capture traffic with wireshark as normal user you have to"
-	ewarn "add yourself to the pcap group. This security measure ensures"
-	ewarn "that only trusted users are allowed to sniff your traffic."
-}
-
-pkg_postrm() {
-	xdg_desktop_database_update
-	xdg_icon_cache_update
-	xdg_mimeinfo_database_update
-}
diff --git a/net-analyzer/wireshark/wireshark-3.4.1.ebuild b/net-analyzer/wireshark/wireshark-3.4.1.ebuild
deleted file mode 100644
index f577758732b3..000000000000
--- a/net-analyzer/wireshark/wireshark-3.4.1.ebuild
+++ /dev/null
@@ -1,259 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6..9} )
-
-inherit fcaps flag-o-matic multilib python-any-r1 qmake-utils xdg-utils cmake
-
-DESCRIPTION="A network protocol analyzer formerly known as ethereal"
-HOMEPAGE="https://www.wireshark.org/"
-SRC_URI="https://www.wireshark.org/download/src/all-versions/${P/_/}.tar.xz"
-LICENSE="GPL-2"
-
-SLOT="0/${PV}"
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~ppc64 ~x86"
-IUSE="
-	androiddump bcg729 brotli +capinfos +captype ciscodump +dftest doc dpauxmon
-	+dumpcap +editcap http2 ilbc kerberos libxml2 lto lua lz4 maxminddb
-	+mergecap +minizip +netlink opus +plugins plugin-ifdemo +pcap +qt5 +randpkt
-	+randpktdump +reordercap sbc selinux +sharkd smi snappy spandsp sshdump ssl
-	sdjournal test +text2pcap tfshark +tshark +udpdump zlib +zstd
-"
-S=${WORKDIR}/${P/_/}
-
-CDEPEND="
-	acct-group/pcap
-	>=dev-libs/glib-2.32:2
-	>=net-dns/c-ares-1.5
-	dev-libs/libgcrypt:0
-	bcg729? ( media-libs/bcg729 )
-	brotli? ( app-arch/brotli )
-	ciscodump? ( >=net-libs/libssh-0.6 )
-	filecaps? ( sys-libs/libcap )
-	http2? ( net-libs/nghttp2 )
-	ilbc? ( media-libs/libilbc )
-	kerberos? ( virtual/krb5 )
-	libxml2? ( dev-libs/libxml2 )
-	lua? ( >=dev-lang/lua-5.1:0= )
-	lz4? ( app-arch/lz4 )
-	maxminddb? ( dev-libs/libmaxminddb )
-	minizip? ( sys-libs/zlib[minizip] )
-	netlink? ( dev-libs/libnl:3 )
-	opus? ( media-libs/opus )
-	pcap? ( net-libs/libpcap )
-	qt5? (
-		dev-qt/qtcore:5
-		dev-qt/qtgui:5
-		dev-qt/qtmultimedia:5
-		dev-qt/qtprintsupport:5
-		dev-qt/qtwidgets:5
-		x11-misc/xdg-utils
-	)
-	sbc? ( media-libs/sbc )
-	sdjournal? ( sys-apps/systemd )
-	smi? ( net-libs/libsmi )
-	snappy? ( app-arch/snappy )
-	spandsp? ( media-libs/spandsp )
-	sshdump? ( >=net-libs/libssh-0.6 )
-	ssl? ( net-libs/gnutls:= )
-	zlib? ( sys-libs/zlib )
-	zstd? ( app-arch/zstd )
-"
-# We need perl for `pod2html`. The rest of the perl stuff is to block older
-# and broken installs. #455122
-DEPEND="
-	${CDEPEND}
-	${PYTHON_DEPS}
-"
-BDEPEND="
-	dev-lang/perl
-	sys-devel/bison
-	sys-devel/flex
-	virtual/pkgconfig
-	doc? (
-		app-doc/doxygen
-		dev-ruby/asciidoctor
-	)
-	qt5? (
-		dev-qt/linguist-tools:5
-	)
-	test? (
-		dev-python/pytest
-		dev-python/pytest-xdist
-	)
-"
-RDEPEND="
-	${CDEPEND}
-	qt5? ( virtual/freedesktop-icon-theme )
-	selinux? ( sec-policy/selinux-wireshark )
-"
-REQUIRED_USE="
-	plugin-ifdemo? ( plugins )
-"
-RESTRICT="test"
-PATCHES=(
-	"${FILESDIR}"/${PN}-2.6.0-redhat.patch
-	"${FILESDIR}"/${PN}-99999999-ui-needs-wiretap.patch
-)
-
-src_configure() {
-	local mycmakeargs
-
-	# Workaround bug #213705. If krb5-config --libs has -lcrypto then pass
-	# --with-ssl to ./configure. (Mimics code from acinclude.m4).
-	if use kerberos; then
-		case $(krb5-config --libs) in
-			*-lcrypto*)
-				ewarn "Kerberos was built with ssl support: linkage with openssl is enabled."
-				ewarn "Note there are annoying license incompatibilities between the OpenSSL"
-				ewarn "license and the GPL, so do your check before distributing such package."
-				mycmakeargs+=( -DENABLE_GNUTLS=$(usex ssl) )
-				;;
-		esac
-	fi
-
-	if use qt5; then
-		export QT_MIN_VERSION=5.3.0
-		append-cxxflags -fPIC -DPIC
-	fi
-
-	python_setup
-
-	mycmakeargs+=(
-		$(use androiddump && use pcap && echo -DEXTCAP_ANDROIDDUMP_LIBPCAP=yes)
-		$(usex qt5 LRELEASE=$(qt5_get_bindir)/lrelease '')
-		$(usex qt5 MOC=$(qt5_get_bindir)/moc '')
-		$(usex qt5 RCC=$(qt5_get_bindir)/rcc '')
-		$(usex qt5 UIC=$(qt5_get_bindir)/uic '')
-		-DBUILD_androiddump=$(usex androiddump)
-		-DBUILD_capinfos=$(usex capinfos)
-		-DBUILD_captype=$(usex captype)
-		-DBUILD_ciscodump=$(usex ciscodump)
-		-DBUILD_dftest=$(usex dftest)
-		-DBUILD_dpauxmon=$(usex dpauxmon)
-		-DBUILD_dumpcap=$(usex dumpcap)
-		-DBUILD_editcap=$(usex editcap)
-		-DBUILD_mergecap=$(usex mergecap)
-		-DBUILD_mmdbresolve=$(usex maxminddb)
-		-DBUILD_randpkt=$(usex randpkt)
-		-DBUILD_randpktdump=$(usex randpktdump)
-		-DBUILD_reordercap=$(usex reordercap)
-		-DBUILD_sdjournal=$(usex sdjournal)
-		-DBUILD_sharkd=$(usex sharkd)
-		-DBUILD_sshdump=$(usex sshdump)
-		-DBUILD_text2pcap=$(usex text2pcap)
-		-DBUILD_tfshark=$(usex tfshark)
-		-DBUILD_tshark=$(usex tshark)
-		-DBUILD_udpdump=$(usex udpdump)
-		-DBUILD_wireshark=$(usex qt5)
-		-DDISABLE_WERROR=yes
-		-DENABLE_BCG729=$(usex bcg729)
-		-DENABLE_BROTLI=$(usex brotli)
-		-DENABLE_CAP=$(usex filecaps caps)
-		-DENABLE_GNUTLS=$(usex ssl)
-		-DENABLE_ILBC=$(usex ilbc)
-		-DENABLE_KERBEROS=$(usex kerberos)
-		-DENABLE_LIBXML2=$(usex libxml2)
-		-DENABLE_LTO=$(usex lto)
-		-DENABLE_LUA=$(usex lua)
-		-DENABLE_LZ4=$(usex lz4)
-		-DENABLE_MINIZIP=$(usex minizip)
-		-DENABLE_NETLINK=$(usex netlink)
-		-DENABLE_NGHTTP2=$(usex http2)
-		-DENABLE_OPUS=$(usex opus)
-		-DENABLE_PCAP=$(usex pcap)
-		-DENABLE_PLUGINS=$(usex plugins)
-		-DENABLE_PLUGIN_IFDEMO=$(usex plugin-ifdemo)
-		-DENABLE_SBC=$(usex sbc)
-		-DENABLE_SMI=$(usex smi)
-		-DENABLE_SNAPPY=$(usex snappy)
-		-DENABLE_SPANDSP=$(usex spandsp)
-		-DENABLE_ZLIB=$(usex zlib)
-		-DENABLE_ZSTD=$(usex zstd)
-	)
-
-	cmake_src_configure
-}
-
-src_test() {
-	cmake_build test-programs
-
-	myctestargs=( --disable-capture --skip-missing-programs=all --verbose )
-	cmake_src_test
-}
-
-src_install() {
-	cmake_src_install
-
-	# FAQ is not required as is installed from help/faq.txt
-	dodoc AUTHORS ChangeLog NEWS README* doc/randpkt.txt doc/README*
-
-	# install headers
-	insinto /usr/include/wireshark
-	doins ws_diag_control.h ws_symbol_export.h \
-		"${BUILD_DIR}"/config.h "${BUILD_DIR}"/version.h
-
-	local dir dirs=(
-		epan
-		epan/crypt
-		epan/dfilter
-		epan/dissectors
-		epan/ftypes
-		epan/wmem
-		wiretap
-		wsutil
-	)
-	for dir in "${dirs[@]}"
-	do
-		insinto /usr/include/wireshark/${dir}
-		doins ${dir}/*.h
-	done
-
-	#with the above this really shouldn't be needed, but things may be looking
-	# in wiretap/ instead of wireshark/wiretap/
-	insinto /usr/include/wiretap
-	doins wiretap/wtap.h
-
-	if use qt5; then
-		local s
-		for s in 16 32 48 64 128 256 512 1024; do
-			insinto /usr/share/icons/hicolor/${s}x${s}/apps
-			newins image/wsicon${s}.png wireshark.png
-		done
-		for s in 16 24 32 48 64 128 256 ; do
-			insinto /usr/share/icons/hicolor/${s}x${s}/mimetypes
-			newins image/WiresharkDoc-${s}.png application-vnd.tcpdump.pcap.png
-		done
-	fi
-
-	if [[ -d "${D}"/usr/share/appdata ]]; then
-		rm -r "${D}"/usr/share/appdata || die
-	fi
-}
-
-pkg_postinst() {
-	xdg_desktop_database_update
-	xdg_icon_cache_update
-	xdg_mimeinfo_database_update
-
-	# Add group for users allowed to sniff.
-	chgrp pcap "${EROOT}"/usr/bin/dumpcap
-
-	if use dumpcap && use pcap; then
-		fcaps -o 0 -g pcap -m 4710 -M 0710 \
-			cap_dac_read_search,cap_net_raw,cap_net_admin \
-			"${EROOT}"/usr/bin/dumpcap
-	fi
-
-	ewarn "NOTE: To capture traffic with wireshark as normal user you have to"
-	ewarn "add yourself to the pcap group. This security measure ensures"
-	ewarn "that only trusted users are allowed to sniff your traffic."
-}
-
-pkg_postrm() {
-	xdg_desktop_database_update
-	xdg_icon_cache_update
-	xdg_mimeinfo_database_update
-}