Plugin compilation error on Kali Rolling

[gedsic]

Hi,

I followed the instructions for plugin compilation (wireshark-dev is version 2.2.1+ga6fbd27-1) and get the following errors:

[  6%] Building C object CMakeFiles/sap.dir/src/packet-sapdiag.c.o
/home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c: In function ‘dissect_sapdiag_rfc_call’:
/home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c:1542:4: error: too few arguments to function ‘col_set_writable’
    col_set_writable(pinfo->cinfo, FALSE);
    ^~~~~~~~~~~~~~~~
In file included from /usr/include/wireshark/epan/packet.h:31:0,
                 from /home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c:24:
/usr/include/wireshark/epan/column-utils.h:163:20: note: declared here
 WS_DLL_PUBLIC void col_set_writable(column_info *cinfo, const gint col, const gboolean writable);
                    ^~~~~~~~~~~~~~~~
/home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c: In function ‘dissect_sapdiag_snc_frame’:
/home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c:1563:4: error: too few arguments to function ‘col_set_writable’
    col_set_writable(pinfo->cinfo, FALSE);
    ^~~~~~~~~~~~~~~~
In file included from /usr/include/wireshark/epan/packet.h:31:0,
                 from /home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c:24:
/usr/include/wireshark/epan/column-utils.h:163:20: note: declared here
 WS_DLL_PUBLIC void col_set_writable(column_info *cinfo, const gint col, const gboolean writable);
                    ^~~~~~~~~~~~~~~~
/home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c: In function ‘proto_register_sapdiag’:
/home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c:3580:2: warning: implicit declaration of function ‘new_register_dissector’ [-Wimplicit-function-declaration]
  new_register_dissector("sapdiag", dissect_sapdiag, proto_sapdiag);
  ^~~~~~~~~~~~~~~~~~~~~~
/home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c: In function ‘proto_reg_handoff_sapdiag’:
/home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c:3621:20: warning: implicit declaration of function ‘new_create_dissector_handle’ [-Wimplicit-function-declaration]
   sapdiag_handle = new_create_dissector_handle(dissect_sapdiag, proto_sapdiag);
                    ^~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/usrname/SAP-Dissection-plug-in-for-Wireshark/src/packet-sapdiag.c:3621:18: warning: assignment makes pointer from integer without a cast [-Wint-conversion]
   sapdiag_handle = new_create_dissector_handle(dissect_sapdiag, proto_sapdiag);
                  ^
CMakeFiles/sap.dir/build.make:103: recipe for target 'CMakeFiles/sap.dir/src/packet-sapdiag.c.o' failed
make[2]: *** [CMakeFiles/sap.dir/src/packet-sapdiag.c.o] Error 1
CMakeFiles/Makefile2:67: recipe for target 'CMakeFiles/sap.dir/all' failed
make[1]: *** [CMakeFiles/sap.dir/all] Error 2
Makefile:127: recipe for target 'all' failed
make: *** [all] Error 2

[gedsic]

I forgot, cmake output is

-- The C compiler identification is GNU 6.2.0
-- The CXX compiler identification is GNU 6.2.0
-- Check for working C compiler: /usr/bin/cc
-- Check for working C compiler: /usr/bin/cc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: /usr/bin/c++
-- Check for working CXX compiler: /usr/bin/c++ -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Found wireshark libs at /usr/include/wireshark
-- Wireshark libraries found, performing a stand-alone plug-in build.
-- Plug-in will be installed in: ~/.wireshark/plugins
ERRORUnsupported build setup
-- Found PkgConfig: /usr/bin/pkg-config (found version "0.29") 
-- Checking for one of the modules 'glib-2.0>=2.4.0'
-- Found GLIB2: /usr/lib/x86_64-linux-gnu/libglib-2.0.so  
-- Configuring done
-- Generating done
-- Build files have been written to: /home/usrname/SAP-Dissection-plug-in-for-Wireshark/build

[martingalloar]

Hi! I've just started to work on supporting Wireshark 2.2 in the wireshark-2.2 branch, but still need some work. In the meantime, you can build it as part of Wireshark 2.0 and it should work (check here). Any help or feedback is welcomed :)

[vah13]

@martingalloar I think need compile Wireshark with your plugin and push to Github, for fasting download and use, what are you say?

[martingalloar]

@vah13 I was definetily thinking about doing it. Need to setup a clean build environment and will try to push binaries, at least for the last release.

[blshkv]

Hello, I'm testing wireshark-2.2 branch. There are still 2 errors (and few non-critical warnings):

/var/tmp/portage/net-misc/wireshark-sap-plugin-9999/work/wireshark-sap-plugin-9999/src/packet-sapenqueue.c:567:35: warning: passing argument 2 of ‘register_dissector’ from incompatible pointer type
  register_dissector("sapenqueue", dissect_sapenqueue, proto_sapenqueue);

/var/tmp/portage/net-misc/wireshark-sap-plugin-9999/work/wireshark-sap-plugin-9999/src/packet-sapprotocol.c: In function ‘proto_register_sap_protocol’:
/var/tmp/portage/net-misc/wireshark-sap-plugin-9999/work/wireshark-sap-plugin-9999/src/packet-sapprotocol.c:265:25: error: too few arguments to function ‘register_dissector_table’
  sub_dissectors_table = register_dissector_table("sapni.port", "SAP Protocol Port", FT_UINT16, BASE_DEC);
                         ^
In file included from /var/tmp/portage/net-misc/wireshark-sap-plugin-9999/work/wireshark-sap-plugin-9999/src/packet-sapprotocol.c:24:0:
/usr/include/wireshark/epan/packet.h:183:33: note: declared here
 WS_DLL_PUBLIC dissector_table_t register_dissector_table(const char *name,
                                 ^
/var/tmp/portage/net-misc/wireshark-sap-plugin-9999/work/wireshark-sap-plugin-9999/src/packet-sapprotocol.c:266:27: error: too few arguments to function ‘register_heur_dissector_list’
  heur_subdissector_list = register_heur_dissector_list("sapni");

Could you please fix it?

We have the latest 2.2 wireshark stabilized at Gentoo and I dont want to go back just because of one plugin.

[vah13]

@martingalloar are you can check plugin from https://github.com/vah13/SAP-Dissection-plug-in-for-Wireshark/releases. I compiled with Wireshark 2.0.7.

[martingalloar]

@gedsic / @blshkv I think there're more than 2 errors still to go, but I'm working on it!

@vah13: Thanks, that's awesome!

In the meantime I've been working on providing Vagrant configs to easier a little bit the build process and be able to have reproducible build envs using Ubuntu Xenial for the Wireshark 2.0 branch. Check it out here. If anyone wants to give a shoot and try them, please let me know your feedback!

[martingalloar]

Looks like the plugin it's building fine on Wireshark 2.2: https://travis-ci.org/CoreSecurity/SAP-Dissection-plug-in-for-Wireshark/builds/175176719

Need some testing (unit tests using tshark are very basic) before merging, but looks nice!

[blshkv]

Tested under Pentoo, wireshark has loaded it, but I can't comment on the functionality.

sap.so 0.4.1 dissector /usr/lib64/wireshark/plugins/2.2.1/sap.so

Good enough for me ;-) Thank you!

[martingalloar]

After a few tests finally merged the branch on master. Next release would work on the 2.2 branch! I'll keep the wireshark-2.2 branch open as it's basically the latest version of the plugin ported to 2.2 without any other change. Thanks!