Thanks, applied as f6d24029107b2825a9d6f652f4ce2a33a21b26bf.
Michael
[sent from post-receive hook]
On Fri, 06 Jan 2023 17:01:22 +0100, Christian Melki <christian.melki@t2data.com> wrote:
> Mostly bugfixes.
> https://github.com/the-tcpdump-group/tcpdump/blob/e6d119663fd850eca250e7b999015b0d3b856f28/CHANGES#L54
> Reworked .in file for various errors.
>
> * Correct various (double-) whitespace errors.
> * libcap-ng is not "as well" in relation to libpcap as in wording.
> It's a completely different library related to POSIX
> capabilities. It's needed for tcpdump to run in non-root mode.
> Don't make them sound like they're similar.
> * Some other minor text fixes.
>
> Signed-off-by: Christian Melki <christian.melki@t2data.com>
> Message-Id: <20230102100926.1906782-1-christian.melki@t2data.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/rules/tcpdump.in b/rules/tcpdump.in
> index 74d607252f09..bc5ffdecca58 100644
> --- a/rules/tcpdump.in
> +++ b/rules/tcpdump.in
> @@ -6,35 +6,38 @@ menuconfig TCPDUMP
> select LIBCAP_NG if TCPDUMP_ENABLE_LIBCAP_NG
> select OPENSSL if TCPDUMP_ENABLE_CRYPTO
> help
> - Tcpdump prints out the headers of packets on a network interface
> - that match the boolean expression. It can also be run with
> + Tcpdump prints out the headers of packets on a network interface
> + that match the boolean expression. It can also be run with
> the -w flag, which causes it to save the packet data to a file
> for later analysis, and/or with the -r flag, which causes it to
> read from a saved packet file rather than to read packets from
> - a network interface. In all cases, only packets that match
> + a network interface. In all cases, only packets that match
> expression will be processed by tcpdump.
>
> if TCPDUMP
>
> config TCPDUMP_ENABLE_LIBCAP_NG
> bool
> - prompt "use libcap-ng as well"
> + prompt "enable libcap-ng support"
> help
> - Use libpcap and libcap-ng
> + Use libcap-ng (POSIX capabilities) in tcpdump.
> + It allows tcpdump to shift uid/gid and chroot to
> + operate in a non-privileged mode instead of using root.
>
> config TCPDUMP_ENABLE_CRYPTO
> bool
> prompt "enable crypto support"
> help
> - Select this, if you don't need support for
> - encryption (e.g. IPsec ESP packets)
> + Select this if you need support for decoding various
> + protocols in relation to encryption (f.ex. IPsec packets)
>
> config TCPDUMP_SMB
> bool
> - prompt "enable possibly-buggy SMB printer"
> + prompt "enable SMB-printer decoding support"
> default y
> help
> - Notes from configure, when this entry is checked:
> - The SMB printer may have exploitable buffer overflows!!!
> + Select this if need support for decoding packets
> + in relation to SMB/CIFS (printers).
> + Still considered buggy.
>
> endif
> diff --git a/rules/tcpdump.make b/rules/tcpdump.make
> index b618c8749480..4a040e01704f 100644
> --- a/rules/tcpdump.make
> +++ b/rules/tcpdump.make
> @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_TCPDUMP) += tcpdump
> #
> # Paths and names
> #
> -TCPDUMP_VERSION := 4.99.1
> -TCPDUMP_MD5 := 929a255c71a9933608bd7c31927760f7
> +TCPDUMP_VERSION := 4.99.2
> +TCPDUMP_MD5 := 69f8cc8e44606ba49482fa98c2f7f937
> TCPDUMP := tcpdump-$(TCPDUMP_VERSION)
> TCPDUMP_SUFFIX := tar.gz
> TCPDUMP_URL := http://www.tcpdump.org/release/$(TCPDUMP).$(TCPDUMP_SUFFIX)