Plan to make NPcap available for Wireshark

[Yang Luo <hsluoyb () gmail com>]

Hi list,

Given that current Wireshark can't make use of NPcap because of the DLL
search path problem mentioned in
https://www.wireshark.org/lists/wireshark-dev/201506/msg00030.html, I'd
like to make a patch for Wireshark. As it is a security consideration that
Wireshark don't want to search the DLLs in the Windows way. My plan is to
explicitly add the NPcap path to Wireshark's DLL search logic. NPcap uses
the "C:\Windows\System32\NPcap" and "C:\Windows\SysWow64\NPcap" to store
its DLLs (WinPcap uses "C:\Windows\System32" and "C:\Windows\SysWow64"
directly). As it is a sub directory of System32 folder. Its access control
policy is the same with System32, and there should be no security problem I
think. The second question is if WinPcap and NPcap are both available in a
system, which will be loaded first? I'd like to hear your opinions:)

Cheers,
Yang

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe