Hello community, here is the log from the commit of package ndpi for openSUSE:Leap:15.2 checked in at 2020-01-17 12:01:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/ndpi (Old) and /work/SRC/openSUSE:Leap:15.2/.ndpi.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ndpi" Fri Jan 17 12:01:27 2020 rev:5 rq:763592 version:3.0 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/ndpi/ndpi.changes 2020-01-15 15:33:05.498845896 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.ndpi.new.26092/ndpi.changes 2020-01-17 12:01:30.104505675 +0100 @@ -1,0 +2,105 @@ +Thu Jan 2 11:50:52 UTC 2020 - Martin Hauke <[email protected]> + +- Add hyperscan-devel as dependency to libndpi-devel + +------------------------------------------------------------------- +Wed Dec 25 10:13:32 UTC 2019 - Martin Hauke <[email protected]> + +- Drop not longer needed patches (fixed upstream) + * ndpi-fix-build.patch + * reproducible.patch +- Update to version 3.0 + New Features + * nDPI now reports the protocol ASAP even when specific fields + have not yet been dissected because such packets have not yet + been observed. This is important for inline applications that + can immediately act on traffic. Applications that need full + dissection need to call the new API function + ndpi_extra_dissection_possible() to check if metadata dissection + has been completely performed or if there is more to read before + declaring it completed. + * TLS (formerly identified as SSL in nDPI v2.x) is now dissected + more deeply, certificate validity is extracted as well + certificate SHA-1. + * nDPIreader can now export data in CSV format with option -C + * Implemented Sequence of Packet Length and Time (SPLT) and Byte + Distribution (BD) as specified by Cisco Joy + (https://github.com/cisco/joy). This allows malware activities + on encrypted TLS streams. + * Available as library and in ndpiReader with option -J + * Promoted usage of protocol categories rather than protocol + identifiers in order to classify protocols. This allows + application protocols to be clustered in families and thus better + managed by users/developers rather than using hundred of + protocols unknown to most of the people. + * Added Inter-Arrival Time (IAT) calculation used to detect + protocol misbehaviour (e.g. slow-DoS detection) + * Added data analysis features for computign metrics such as + entropy, average, stddev, variance on a single and consistent + place that will prevent when possible. This should ease traffic + analysis on monitoring/security applications. New API calls have + been implemented such as ndpi_data_XXX() to handle these + calculations. + * Initial release of Python bindings available under nDPI/python. + * Implemented search of human readable strings for promoting data + exfiltration detection + * Available as library and in ndpiReader with option -e + * Fingerprints + JA3 (https://github.com/salesforce/ja3) + HASSH (https://github.com/salesforce/hassh) + DHCP + * Implemented a library to serialize/deserialize data in both + Type-Length-Value (TLV) and JSON format + New Supported Protocols and Services + * DTLS (i.e. TLS over UDP) + * Hulu + * TikTok/Musical.ly + * WhatsApp Video + * DNSoverHTTPS + * Datasaver + * Line protocol + * Google Duo and Hangout merged + * WireGuard VPN + * IMO + * Zoom.us + Improvements + * TLS + + Organizations + + Ciphers + + Certificate analysis + * Added PUBLISH/SUBSCRIBE methods to SIP + * Implemented STUN cache to enhance matching of STUN-based protocols + * Dissection improvements + + Viber + + WhatsApp + + AmazonVideo + + SnapChat + + FTP + + QUIC + + OpenVPN support for UDP-based VPNs + + Facebook Messenger mobile + + Various improvements for STUN, Hangout and Duo + * Added new categories: + + CUSTOM_CATEGORY_ANTIMALWARE, + + NDPI_PROTOCOL_CATEGORY_MUSIC, + + NDPI_PROTOCOL_CATEGORY_VIDEO, + + NDPI_PROTOCOL_CATEGORY_SHOPPING, + + NDPI_PROTOCOL_CATEGORY_PRODUCTIVITY + + NDPI_PROTOCOL_CATEGORY_FILE_SHARING + * Added NDPI_PROTOCOL_DANGEROUS classification + Fixes + * Fixed the dissection of certain invalid DNS responses + * Fixed Spotify dissection + * Fixed false positives with FTP and FTP_DATA + * Fix to discard STUN over TCP flows + * Fixed MySQL dissector + * Fix category detection due to missing initialization + * Fix DNS rsp_addr missing in some tiny responses + * Various hardening fixes + +------------------------------------------------------------------- +Wed Jun 5 04:03:31 UTC 2019 - Bernhard Wiedemann <[email protected]> + +- Add reproducible.patch to override build date (boo#1047218) + +------------------------------------------------------------------- Old: ---- ndpi-2.8.tar.gz ndpi-fix-build.patch New: ---- ndpi-3.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ndpi.spec ++++++ --- /var/tmp/diff_new_pack.JsnEUK/_old 2020-01-17 12:01:31.020506078 +0100 +++ /var/tmp/diff_new_pack.JsnEUK/_new 2020-01-17 12:01:31.028506082 +0100 @@ -1,7 +1,7 @@ # # spec file for package ndpi # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2017, Martin Hauke <[email protected]> # # All modifications and additions to the file contributed by third parties @@ -21,9 +21,9 @@ %bcond_without hyperscan %endif -%define sover 2 +%define sover 3 Name: ndpi -Version: 2.8 +Version: 3.0 Release: 0 Summary: Extensible deep packet inspection library # wireshark/ndpi.lua is GPL-3.0-or-later @@ -31,8 +31,6 @@ Group: Development/Libraries/C and C++ URL: https://github.com/ntop/nDPI Source: https://github.com/ntop/nDPI/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz -# FIXME: Upstream makefile is broken -Patch0: ndpi-fix-build.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: gcc-c++ @@ -67,6 +65,9 @@ Summary: Development headers for nNDPI Group: Development/Libraries/C and C++ Requires: libndpi%{sover} = %{version} +%if 0%{with hyperscan} +Requires: pkgconfig(libhs) +%endif %description -n libndpi-devel nDPI is a ntop-maintained superset of the OpenDPI library. It extends @@ -88,7 +89,6 @@ %prep %setup -q -n nDPI-%{version} -%patch0 -p1 %build sh autogen.sh @@ -102,6 +102,7 @@ %install %make_install PREFIX=%{_prefix} prefix=%{_prefix} libdir=%{_libdir} rm -f %{buildroot}/%{_libdir}/libndpi.a +rm -rf %{buildroot}/%{_sbindir}/ndpi %post -n libndpi%{sover} -p /sbin/ldconfig %postun -n libndpi%{sover} -p /sbin/ldconfig ++++++ ndpi-2.8.tar.gz -> ndpi-3.0.tar.gz ++++++ /work/SRC/openSUSE:Leap:15.2/ndpi/ndpi-2.8.tar.gz /work/SRC/openSUSE:Leap:15.2/.ndpi.new.26092/ndpi-3.0.tar.gz differ: char 15, line 1
