Scapy

This update contains fixes for various small bugs introduced in v2.6.0:

- On linux machines with IPv6 disabled, Scapy would crash on startup (4541)
- The `scapy.1` manpage was no longer installed (4549)
- Upon the first startup, there could be a crash related to the creation of Scapy's `XDG-*` related folders. (4558)
- other small bugs that could lead to issues during packaging. Thanks to the downstream package maintainers for their help.

Please have a look at the [**full v2.6.0 changelog over here**](https://github.com/secdev/scapy/releases/tag/v2.6.0).

_Note to package maintainers: it is important to point out that special care should be taken when porting/testing this release. The plateform-specific code aimed at reading the network configuration (interfaces, routes, etc.) has been entirely rewritten on both Linux and *BSD flavors. Plateforms that were tested include: Linux, OpenBSD, NetBSD, FreeBSD, Darwin. Other plateforms have not been tested, therefore we encourage maintainers to perform additional testing. This has no impact on the other plateforme that we support, such as Windows._

Changelog

General
- [removal] **DROP SUPPORT OF PYTHON 2.7**
- **Python 3.11-3.13 support**. The full range of supported Python versions is therefore **3.7-3.13**
- Improve packaging (`pyproject.toml`) and version handling. Scapy will now include wheels on pypi.
- We welcome Nils Weiss (polybassa) as a new maintainer !

Main changes
- **[major]** support for RFC6874-like scope identifiers. This is very useful for multicast IPs as one can now do the following on L3: `sr(IP(dst="224.0.0.1%eth0")/..., multi=True)`
- **[major]** using the `iface=` argument is deprecated on level3 functions (send, sr, sr1), as its behavior was undefined. It remains in use for level2 functions (sendp, srp, srp1). RFC6874-like scope identifiers (see just above) should be used.
- **[major]** the internals that read the routes and interfaces configuration **have been rewritten** on Linux and BSD:
- on linux, to use **RTNETLINK**. (this should help on machines that have huge BPG tables)
- on *BSDs, to use **PF_ROUTE**.
- on Linux, NetBSD and FreeBSD, link-local and multicast routes should now properly be loaded
- **[new]** Windows protocols:
- DCE/RPC: `DCERPC_Client` and `DCERPC_Server` with support for `NCACN_IP_TCP` and `NCACN_NP`
- SMB2/3:
- Protocol refactor, many more SMB2/3 structures supported
- Server (class + 'simple' util `smbserver()`) (2.0.2 to 3.1.1)
- Client (class + interactive CLI `smbclient()`) (2.0.2 to 3.1.1)
- SMB socket, RPC over SMB socket, etc.
- Kerberos:
- KerberosSSP to use in SMB/RPC clients/servers, [MS-KILE] variants, SFU and more !
- Crypto: use cryptography, latest RFC8009, GSS_WrapEx support, typing, etc.
- Util functions krb_as_req, krb_tgt_req, kpasswd (both modes), etc.
- Ticketer++: ccache support, ask/renew/resign/edit tickets, etc
- NTLM:
- refactor, clean SSP
- Extensive GSSAPI / SPNEGO support !
- LDAP
- Fixes, ASN.1 Windows variation support
- dclocator, answering machine for "LDAP PING", etc.
- add a (very) basic `LDAP_client` (support for various binding mechanisms, encryption, etc.)
- [dep] Support for recent [`cryptography`](https://github.com/pyca/cryptography) (42/43.0) versions
- [new] CLI improvements
- [breaking] Scapy CLI configuration now available in `~/.config/scapy/startup.py`. This follows XDG variables. (Older `~/.scapy_startup.py` is now non functional)
- Support for `bpython`, `ptpython` and `ptipython`
- [new] Wireshark extcap interfaces support (`load_extcap()`)
- Automaton:
- fixes memory usage on Windows
- support for EOF events
- spawn() mode, better socket.socket support
- [breaking] `StreamSocket` changes, support for TCP reassembly, etc. TCPSession(app=True) must no longer be used with `StreamSocket`. Custom sessions are marked as unstable.
- Use `L3RawSocket(6)` automatically on the loopback interface on linux
- `L3pcapSocket` (the default L3 on Windows or when libpcap is used) now follows the same behavior as other L3 sockets when routing
- the `sr*` class of functions now properly supports sending on multiple interfaces (Windows & Linux)
- performance issues with the `sr*` class of functions have also been fixed
- `manufdb` (from wireshark) is now bundled and cached in `~/.cache/scapy`, as it is no longer shipped as a standalone file in Wireshark.
- Improve builtin answering machines (`dnsd`, `llmnrd`, `nbnsd`, `dhcpd`...). Add `mdnsd` for mDNS support
- Fix performance issues with nested `*ListFields`
- [new] `conf.nameservers` contains the DNS servers. Also adds `dns_resolve()`
- [new] SSHv2 layer
- [breaking] Rework `Session` objects
- Fix L2 address computation when ARP is used over Ether (intrusive ARPs, bad guessing..)
- [breaking] change `sendpfast` loop argument to be consistent with `sendp`
- automaton: improve `graph()` to include implicit links
- HTTP:
- [new] add `HTTP_Client` and `HTTP_Server` which support the same SSPs as Windows
- rework `http_client`
- various fixes to reassembly when using TCPSession
- TLS:
- support for TLS 1.3 post handshake
- support for EdDSA signatures / keys (ed25519/ed448)
- various fixes (ffdhe generation, middlebox compat)
- support choosing of curve, signature algorithms, etc.
- More options supported in DHCP(v6), IPv6, DNS/LLMNR (special thanks to evverx)
- Bluetooth, 802.11: new payloads supported
- IPSEC: AES-NULL-GMAC support
- [breaking] Merge EAPOL contrib into EAP
- fix latex theme
- IKEv2, ISAKMP: NAT traversal support, and other fixes (notify, ...)
- Minor fixes in Netflow, NTP, SCTP, TACACS
- [deprecation] Deprecate Winpcap support on Windows (please use Npcap instead if you are not already using it).
- [removal] Remove ubberlogger.
- cache `get_if_hwaddr` for performance
- fix `arping` without IP
- [new] tcpros layer (ROS 1.1)
- **many** more fixes

Changelog

Scapy v2.5.0 is the last version to support Python 2.7

Main Changes

- **Type hinting of Scapy core**: Scapy now provides type hintings for [all of its core](https://github.com/secdev/scapy/issues/2158)
- **Python 3.9 and 3.10 support**
- macOS 10.15 support
- update built-in dependencies (six) + and our cryptography imports that created warnings
- fix sniffing performance issues with 2.4.4+ on Windows
- greatly improve BPF (macOS) support (timestamps...)
- enhanced loopback interface support on Linux, *BSD, and Windows
- SPDX License identifiers added
- several **major CLI improvements**, especially in **autocompletion**: you can now auto-complete the names for all Scapy fields, automatons, answering machines thanks to signature injection (and patches in IPython/bpython)

Core

- improved support of BPF
- support **pcapng writing**, comments, TLS secrets decryption block
- Re-work how `sent_time` is shared across packets iterators
- support new LINUX_SLL2 packet type (new tcpdump versions)
- pipes: performances issues fixed
- tools: fixes to hexdiff, lhex...
- **[breaking]** `FlagsField` in dict mode now uses values instead of offsets

Layers

- new layers related to Windows: DCERPC/NTLM/KERBEROS/GSSAPI/SPNEGO/(C)LDAP.
- new contrib layers: ESMC/RTPS/RTPC/metawatch
- rework Netbios/SMB1/SMB2, basic SMB clients & server, ntlm relay
- several fixes to the TLS implementation
- major zigbee/6lowpan improvements
- bug fixes in TLS: properly support FFDH, fix the TLS 1.3 notebooks... among other things
- p0f module update
- IPsec: fixes, x25519 support...
- various updates to the ASN.1 engine
- IKEv2: fixes, UDP encapsulation
- STUN support
- Postgres line protocol 3.0 support
- EDNS0 client subnet support
- ESMC protocol added
- support TCP-MD5 and TCP-AO options
- ERF Ethernet Support
- many fixes: modbus, 802.11, BTLE, SCTP, DNS, LLDP, Kerberos, RTPS, DHCP, MQTT, BGP, L2TP...

Automotive

- ISOTPSoftSocket: Bug fixes and performance improvements
- Documentation and API-Doc improvements
- Unit-Test speedups for Scanners
- IPv6 support for DoIP
- Bugfixes for DoIP
- Unit-Test cleanups
- UDS-, GMLAN- and OBD-Scanner refactoring
- CANFD support

Misc

- new sanity rules prevent fields from having the same name in all packets
- Currently displays a warning but will become a SyntaxError in the future!
- archives of the Scapy repo should now have more consistent hashes

Main Changes

Changelog

Core

- [354 commits to master](https://github.com/secdev/scapy/compare/v2.4.4...v2.4.5) since v2.4.4, from 73 contributors
- **Python 3.9 support**
- New interfaces system. `conf.iface` is now an object (retro-compatible as a string) which contains additional information about the interface and allows for an automatic selection of the socket type. `conf.ifaces` now lists all available interfaces.
- Fix *BSD support. Improve filters handling on Linux and `libpcap`
- Automaton: support for `STOP` event - allows to cleanly end an Automata. Implemented in all Scapy's automatons
- [Deprecated] Naming different fields with the same name will now raise a deprecation warning. This behavior has never properly worked and should never be necessary
- Enhance `Net` and `Net6`
- Improvements to scapy's logging, colored output and to UTscapy
- Fix edge-cases with `ConditionalField` and `MultipleTypeField` to make them more resilient
- [Doc] Enhancements: improved `MultipleTypeField` handling, add `view source`.
- [Internal] Move the test suite to GitHub Actions
- [Internal] Unit test housekeeping
- [Internal] Begin type hinting

Layers

- 6LoWPAN refactor
- TLS improvements (TLS 1.3 server downgrade, TLS 1.2 EXT MS...)
- HTTP improvements (http_request, support for zstd...)
- Refactor TunTap support
- Cleanup MACsec
- Many small bug fixes or improvements to layers (SMB2, BFD, DNS, Zigbee, EAP, HomeplugGP, DHCPv6, 802.11...)

Automotive

- Renaming of ENET to HSFZ
- Added XCP layer
- Added DoIP layer
- [Internal] Cleanup of interface preparation code in unit tests
- Renaming of ECU to Ecu
- Refactoring of EcuState class to be more versatile
- [Internal] Started with typing
- [Internal] Multiple minor cleanups
- Minor updates to the documentation

Main Changes

Core

- [784 commits to master](https://github.com/secdev/scapy/compare/v2.4.3...v2.4.4) since this v2.4.3
- fix how timestamps are measured on layer 3 (broken since 2.4.1)
- drop DNET support (deprecated since 2.4.0)
- Scapy will now use `libpcap` instead of `tcpdump` to compile the filters (`tcpdump` is still used to filter pcaps)
- major changes to the online doc: add an automatically generated [API reference](https://scapy.readthedocs.io/en/latest/api/scapy.html) with visual representation of each layer, move to Sphinx 3.0.0, new layer-specific doc...
- *BSD fixes
- more doc to many functions

Layers

- New layers (homeplug sg, smb2, NSH, RPL, ERSPAN, BFD, ROCE...)
- TLS: TLS 1.3 support & many fixes
- 802.11 improvements / WPA3 detection
- Netflow 9 fixes
- Major refactor & changes of the Automotive layers
- HTTP changes
- DHCPv6 fixes according to revision of the RFC
- Bluetooth improvements (+BLE)
- minor fixes to Radius, PPP, GTP, IPsec, CDP, VTP, HTTP/2, ...

Main Changes

Core

- 364 commits since v2.4.2
- better native support for FreeBSD, NetBSD, OpenBSD
- Windows: native RAW sockets support, load interfaces/routes using C calls, ...
- Solaris: fixed support
- latency improvements
- `sniff()` can be used to test BPF fiters on pcap files
- more unit tests and Python3 compatibility
- asynchronous sniffing
- UTScapy vim syntax highlighting
- drop distutils for setuptools
- Console / IPython integration improvements

Layers

Major changes

New

- HTTP (from the deprecated `scapy-http` module), TLS 1.3, ATA over Ethernet, OVD, IEC 60870-5-104, enip, ...

Improved

- NetflowV9, ISOTP, Zigbee, RTR, BLE, PPI, DNS, LLDP, ...
- Bluetooth/BTLE rework
- PPI / 802.11 improvements