mirror/openwrt
1
0
Fork 1
mirror of https://git.openwrt.org/openwrt/openwrt.git synced 2026-01-30 23:33:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

libpcap: update to 1.10.6

Browse source 
Vulnerabilities fixed: CVE-2025-11961 and CVE-2025-11964
Various improvements and bug fixes.
Changelog: https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.10.6/CHANGES

Upstreamed patches removed:
  001-Add-support-for-Realtek-Ethertype-DSA-data.patch
  002-Linux-handle-other-DSA-tags.patch

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21744
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
Ivan Pavlov 2026-01-27 17:40:18 +03:00 committed by Hauke Mehrtens
parent 6879c8ea53
commit 9a7ddcac3f
6 changed files with 14 additions and 364 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
package/libs/libpcap/Makefile
View file

@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=libpcap
PKG_VERSION:=1.10.5
PKG_RELEASE:=3
PKG_VERSION:=1.10.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.tcpdump.org/release/
PKG_HASH:=37ced90a19a302a7f32e458224a00c365c117905c2cd35ac544b6880a81488f0
PKG_HASH:=872dd11337fe1ab02ad9d4fee047c9da244d695c6ddf34e2ebb733efd4ed8aa9
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=BSD-3-Clause

28
package/libs/libpcap/patches/001-Add-support-for-Realtek-Ethertype-DSA-data.patch
View file

@ -1,28 +0,0 @@
From fcb2cbc3a306afcf7785a60a74dbea431e609d76 Mon Sep 17 00:00:00 2001
From: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Date: Thu, 6 Jan 2022 15:51:54 -0300
Subject: [PATCH 1/2] Add support for Realtek (Ethertype) DSA data
Realtek switchtag rtl4a (4 bytes long, protocol 0xA) and rtl8_4 (8 bytes
long, protocol 0x04) are Ethertype DSA tags, inserted in the Ethernet
header similar to an 802.1Q tag. Both shares the same Ethertype 0x8899
as other Realtek proprietary protocols.
Realtek switchtag rtl8_4t is identical to rtl8_4 but positioned before
the CRC, at the end of the Ethernet frame.
---
pcap-linux.c | 3 +++
1 file changed, 3 insertions(+)
--- a/pcap-linux.c
+++ b/pcap-linux.c
@@ -5281,6 +5281,9 @@ static struct dsa_proto {
{ "brcm-prepend", DLT_DSA_TAG_BRCM_PREPEND },
{ "dsa", DLT_DSA_TAG_DSA },
{ "edsa", DLT_DSA_TAG_EDSA },
+ { "rtl4a", DLT_EN10MB },
+ { "rtl8_4", DLT_EN10MB },
+ { "rtl8_4t", DLT_EN10MB },
};
static int

322
package/libs/libpcap/patches/002-Linux-handle-other-DSA-tags.patch
View file

@ -1,322 +0,0 @@
From 7d298976beff0cce310fb53a430f82b53f43a394 Mon Sep 17 00:00:00 2001
From: Guy Harris <gharris@sonic.net>
Date: Fri, 14 Feb 2025 19:12:24 -0800
Subject: [PATCH 2/2] Linux: handle other DSA tags.
Many of those entries need their own LINKTYPE_/DLT_? values, including
tcpdump and Wireshark support for same, but at least this lets you see
raw hex data from a capture.
Fixes #1367.
Supercedes #1451.
---
pcap-linux.c | 284 ++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 280 insertions(+), 4 deletions(-)
--- a/pcap-linux.c
+++ b/pcap-linux.c
@@ -5267,23 +5267,299 @@ iface_get_offload(pcap_t *handle _U_)
}
#endif /* SIOCETHTOOL */
+/*
+ * As per
+ *
+ * https://www.kernel.org/doc/html/latest/networking/dsa/dsa.html#switch-tagging-protocols
+ *
+ * Type 1 means that the tag is prepended to the Ethernet packet.
+ * LINKTYPE_ETHERNET/DLT_EN10MB doesn't work, as it would try to
+ * dissect the tag data as the Ethernet header. These should get
+ * their own LINKTYPE_DLT_ values.
+ *
+ * Type 2 means that the tag is inserted into the Ethernet header
+ * after the source address and before the type/length field.
+ *
+ * Type 3 means that tag is a packet trailer. LINKTYPE_ETHERNET/DLT_EN10MB
+ * works, unless the next-layer protocol has no length field of its own,
+ * so that the tag might be treated as part of the payload. These should
+ * get their own LINKTYPE_/DLT_ values.
+ *
+ * If you get an "unsupported DSA tag" error, please add the tag to here,
+ * complete with a full comment indicating whether it's type 1, 2, or 3,
+ * and, for type 2, indicating whether it has an Ethertype and, if so
+ * what that type is, and whether it's registered with the IEEE or is
+ * self-assigned. Also, point to *something* that indicates the format
+ * of the tag.
+ */
static struct dsa_proto {
const char *name;
bpf_u_int32 linktype;
} dsa_protos[] = {
/*
- * None is special and indicates that the interface does not have
- * any tagging protocol configured, and is therefore a standard
- * Ethernet interface.
+ * Type 1. See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_ar9331.c
+ */
+ { "ar9331", DLT_EN10MB },
+
+ /*
+ * Type 2, without an Ethertype at the beginning,
+ * assigned a LINKTYPE_/DLT_ value.
*/
- { "none", DLT_EN10MB },
{ "brcm", DLT_DSA_TAG_BRCM },
+
+ /*
+ * Type 2, with Ethertype 0x8874, assigned to Broadcom.
+ *
+ * This doies not require a LINKTYPE_/DLT_ value, it
+ * just requires that Ethertype 0x8874 be dissected
+ * properly.
+ */
+ { "brcm-legacy", DLT_EN10MB },
+
+ /*
+ * Type 1.
+ */
{ "brcm-prepend", DLT_DSA_TAG_BRCM_PREPEND },
+
+ /*
+ * Type 2, without an Etherype at he beginning,
+ * assigned a LINKTYPE_/DLT_ value.
+ */
{ "dsa", DLT_DSA_TAG_DSA },
+
+ /*
+ * Type 2, with an Ethertype field, but without
+ * an assigned Ethertype value that can be relied
+ * on; assigned a LINKTYPE_/DLT_ value.
+ */
{ "edsa", DLT_DSA_TAG_EDSA },
+
+ /*
+ * Type 1, with different transmit and receive headers,
+ * so can't really be handled well with the current
+ * libpcap API and with pcap files. Use DLT_LINUX_SLL,
+ * to get the direction?
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_gswip.c
+ */
+ { "gswip", DLT_EN10MB },
+
+ /*
+ * Type 3. See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_hellcreek.c
+ */
+ { "hellcreek", DLT_EN10MB },
+
+ /*
+ * Type 3, with different transmit and receive headers,
+ * so can't really be handled well with the current
+ * libpcap API and with pcap files. Use DLT_LINUX_SLL,
+ * to get the direction?
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_ksz.c#L102
+ */
+ { "ksz8795", DLT_EN10MB },
+
+ /*
+ * Type 3, with different transmit and receive headers,
+ * so can't really be handled well with the current
+ * libpcap API and with pcap files. Use DLT_LINUX_SLL,
+ * to get the direction?
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_ksz.c#L160
+ */
+ { "ksz9477", DLT_EN10MB },
+
+ /*
+ * Type 3, with different transmit and receive headers,
+ * so can't really be handled well with the current
+ * libpcap API and with pcap files. Use DLT_LINUX_SLL,
+ * to get the direction?
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_ksz.c#L341
+ */
+ { "ksz9893", DLT_EN10MB },
+
+ /*
+ * Type 3, with different transmit and receive headers,
+ * so can't really be handled well with the current
+ * libpcap API and with pcap files. Use DLT_LINUX_SLL,
+ * to get the direction?
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_ksz.c#L386
+ */
+ { "lan937x", DLT_EN10MB },
+
+ /*
+ * Type 2, with Ethertype 0x8100; the VID can be interpreted
+ * as per
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_lan9303.c#L24
+ *
+ * so giving its own LINKTYPE_/DLT_ value would allow a
+ * dissector to do so.
+ */
+ { "lan9303", DLT_EN10MB },
+
+ /*
+ * Type 2, without an Etherype at he beginning,
+ * should be assigned a LINKTYPE_/DLT_ value.
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_mtk.c#L15
+ */
+ { "mtk", DLT_EN10MB },
+
+ /*
+ * None is special and indicates that the interface does not have
+ * any tagging protocol configured, and is therefore a standard
+ * Ethernet interface.
+ */
+ { "none", DLT_EN10MB },
+
+ /*
+ * Type 1.
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_ocelot.c
+ */
+ { "ocelot", DLT_EN10MB },
+
+ /*
+ * Type 1.
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_ocelot.c
+ */
+ { "seville", DLT_EN10MB },
+
+ /*
+ * Type 2, with Ethertype 0x8100; the VID can be interpreted
+ * as per
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_8021q.c#L15
+ *
+ * so giving its own LINKTYPE_/DLT_ value would allow a
+ * dissector to do so.
+ */
+ { "ocelot-8021q", DLT_EN10MB },
+
+ /*
+ * Type 2, without an Etherype at he beginning,
+ * should be assigned a LINKTYPE_/DLT_ value.
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_qca.c
+ */
+ { "qca", DLT_EN10MB },
+
+ /*
+ * Type 2, with Ethertype 0x8899, assigned to Realtek;
+ * they use it for several on-the-Ethernet protocols
+ * as well, but there are fields that allow the two
+ * tag formats, and all the protocols in question,
+ * to be distinguiished from one another.
+ *
+ * This doies not require a LINKTYPE_/DLT_ value, it
+ * just requires that Ethertype 0x8899 be dissected
+ * properly.
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_rtl4_a.c
+ *
+ * http://realtek.info/pdf/rtl8306sd%28m%29_datasheet_1.1.pdf
+ *
+ * and various pages in tcpdump's print-realtek.c and Wireshark's
+ * epan/dissectors/packet-realtek.c for the other protocols.
+ */
{ "rtl4a", DLT_EN10MB },
+
+ /*
+ * Type 2, with Ethertype 0x8899, assigned to Realtek;
+ * see above.
+ */
{ "rtl8_4", DLT_EN10MB },
+
+ /*
+ * Type 3, with the same tag format as rtl8_4.
+ */
{ "rtl8_4t", DLT_EN10MB },
+
+ /*
+ * Type 2, with Ethertype 0xe001; that's probably
+ * self-assigned, so this really should ahve its
+ * own LINKTYPE_/DLT_ value.
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_rzn1_a5psw.c
+ */
+ { "a5psw", DLT_EN10MB },
+
+ /*
+ * Type 2, with Ethertype 0x8100 or the self-assigned
+ * 0xdadb, so this really should ahve its own
+ * LINKTYPE_/DLT_ value; that would also allow the
+ * VID of the tag to be dissected as per
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_8021q.c#L15
+ */
+ { "sja1105", DLT_EN10MB },
+
+ /*
+ * Type "none of the above", with both a header and trailer,
+ * with different transmit and receive tags. Has
+ * Ethertype 0xdadc, which is probably self-assigned.
+ * This should really have its own LINKTYPE_/DLT_ value.
+ */
+ { "sja1110", DLT_EN10MB },
+
+ /*
+ * Type 3, as the name suggests.
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_trailer.c
+ */
+ { "trailer", DLT_EN10MB },
+
+ /*
+ * Type 2, with Ethertype 0x8100; the VID can be interpreted
+ * as per
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_8021q.c#L15
+ *
+ * so giving its own LINKTYPE_/DLT_ value would allow a
+ * dissector to do so.
+ */
+ { "vsc73xx-8021q", DLT_EN10MB },
+
+ /*
+ * Type 3.
+ *
+ * See
+ *
+ * https://elixir.bootlin.com/linux/v6.13.2/source/net/dsa/tag_xrs700x.c
+ */
+ { "xrs700x", DLT_EN10MB },
};
static int

2
package/libs/libpcap/patches/100-no-openssl.patch
View file

@ -1,6 +1,6 @@
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1441,7 +1441,6 @@ if(ENABLE_REMOTE)
@@ -1470,7 +1470,6 @@ if(ENABLE_REMOTE)
#
# OpenSSL/libressl.
#

2
package/libs/libpcap/patches/102-skip-manpages.patch
View file

@ -9,7 +9,7 @@ Subject: [PATCH] skip manpages
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3548,57 +3548,6 @@ if(NOT MSVC)
@@ -3575,57 +3575,6 @@ if(NOT MSVC)
if(MINGW)
find_program(LINK_EXECUTABLE ln)
endif(MINGW)

18
package/libs/libpcap/patches/300-Add-support-for-B.A.T.M.A.N.-Advanced.patch
View file

@ -220,7 +220,7 @@ Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
#endif
--- a/gencode.c
+++ b/gencode.c
@@ -58,6 +58,8 @@
@@ -51,6 +51,8 @@
#include "sunatmpos.h"
#include "pflog.h"
#include "ppp.h"
@ -229,7 +229,7 @@ Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
#include "pcap/sll.h"
#include "pcap/ipnet.h"
#include "arcnet.h"
@@ -9704,6 +9706,168 @@ gen_geneve(compiler_state_t *cstate, bpf
@@ -9846,6 +9848,168 @@ gen_geneve(compiler_state_t *cstate, bpf
return b1;
}
@ -412,7 +412,7 @@ Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
struct block *gen_atmtype_abbrev(compiler_state_t *, int);
--- a/grammar.y.in
+++ b/grammar.y.in
@@ -383,6 +383,7 @@ DIAG_OFF_BISON_BYACC
@@ -370,6 +370,7 @@ DIAG_OFF_BISON_BYACC
%type <i> mtp2type
%type <blk> mtp3field
%type <blk> mtp3fieldvalue mtp3value mtp3listvalue
@ -420,7 +420,7 @@ Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
%token DST SRC HOST GATEWAY
@@ -401,7 +402,7 @@ DIAG_OFF_BISON_BYACC
@@ -388,7 +389,7 @@ DIAG_OFF_BISON_BYACC
%token LEN
%token IPV6 ICMPV6 AH ESP
%token VLAN MPLS
@ -429,7 +429,7 @@ Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
%token ISO ESIS CLNP ISIS L1 L2 IIH LSP SNP CSNP PSNP
%token STP
%token IPX
@@ -698,11 +699,40 @@ other: pqual TK_BROADCAST { CHECK_PTR_
@@ -685,11 +686,40 @@ other: pqual TK_BROADCAST { CHECK_PTR_
| PPPOES { CHECK_PTR_VAL(($$ = gen_pppoes(cstate, 0, 0))); }
| GENEVE pnum { CHECK_PTR_VAL(($$ = gen_geneve(cstate, $2, 1))); }
| GENEVE { CHECK_PTR_VAL(($$ = gen_geneve(cstate, 0, 0))); }
@ -472,7 +472,7 @@ Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
| PF_RNR NUM { CHECK_PTR_VAL(($$ = gen_pf_rnr(cstate, $2))); }
--- a/nametoaddr.c
+++ b/nametoaddr.c
@@ -134,8 +134,12 @@
@@ -109,8 +109,12 @@
#include "diag-control.h"
@ -485,7 +485,7 @@ Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
#include "nametoaddr.h"
#include "thread-local.h"
@@ -597,6 +601,7 @@ PCAP_API_DEF struct eproto eproto_db[] =
@@ -572,6 +576,7 @@ PCAP_API_DEF struct eproto eproto_db[] =
{ "moprc", ETHERTYPE_MOPRC },
{ "rarp", ETHERTYPE_REVARP },
{ "sca", ETHERTYPE_SCA },
@ -493,7 +493,7 @@ Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
{ (char *)0, 0 }
};
@@ -631,6 +636,60 @@ pcap_nametollc(const char *s)
@@ -606,6 +611,60 @@ pcap_nametollc(const char *s)
while (p->s != 0) {
if (strcmp(p->s, s) == 0)
@ -632,7 +632,7 @@ Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
* If a protocol is unknown, PROTO_UNDEF is returned.
--- a/scanner.l
+++ b/scanner.l
@@ -365,6 +365,7 @@ mpls return MPLS;
@@ -343,6 +343,7 @@ mpls return MPLS;
pppoed return PPPOED;
pppoes return PPPOES;
geneve return GENEVE;