Or has something changed with the smtp and/or imf code that I need to get an update for?
No, something has changed in the core Wireshark dissection library that would require that plugins for 4.0.{0,1,2,3} be compiled with the 4.0.0 or 4.0.1 or 4.0.2 or 4.0.3 source and plugins for 4.0.4 be compiled with the 4.0.4 source.
Plugins compiled with the 4.0.0 or 4.0.1 or 4.0.2 or 4.0.3 source should work with 4.0.5.
But if you're that dependent on the SMTP and IMF code, either:
- if the changes aren't for SMTP changes incompatible with RFC 5321 SMTP or Internet message format changes incompatible with RFC 5322 Internet messages, and aren't adding support for some private extensions that other users of Wireshark are unlikely to ever see in captured traffic, you should consider making a pull request with your changes, so you no longer need to maintain modified versions of Wireshark code;
- otherwise, you might want to see whether this could be done by, instead of modifying the SMTP and IMF dissectors, adding to those dissectors some ability to call plugin dissectors to handle your changes, and, if so, make a pull request with changes to add that ability, so you don't need to maintain modified versions of Wireshark code, you only need to maintain the extension plugins (that won't prevent the code from breaking due to mistaken ABI changes in a dot-dot release, but it might reduce the number of possible mistaken ABI changes that would cause it to break).
