 | 1 | initial version |
As it turns out, how macOS deals with dynamic libraries as plugins is different, and depending on the source of the libwireshark used for compilation, there may be some work needed to get it loaded correctly on wireshark.
This bash function could be a good staring point to modify generated plugins generated on macOS to be loaded correctly.
process_plugin() {
local plugin_path="$1"
echo "Starting plugin post-processing..."
echo "Input plugin: $plugin_path"
echo
if [ ! -f "$plugin_path" ]; then
echo "Error: Plugin file not found: $plugin_path"
return 1
fi
local filename=$(basename "$plugin_path")
local dirname=$(dirname "$plugin_path")
# Show initial state
echo "Initial library dependencies:"
otool -L "$plugin_path" | grep -E "libw[^[:space:]]+\.dylib"
echo
# If it's a .dylib, rename it to .so
if [[ "$filename" == *.dylib ]]; then
local new_filename="${filename%.dylib}.so"
mv "$plugin_path" "$dirname/$new_filename"
plugin_path="$dirname/$new_filename"
echo "Renamed $filename to $new_filename"
echo
fi
# Wireshark-related library dependencies from the plugin
local deps=$(otool -L "$plugin_path" | grep -E "libw[^[:space:]]+\.dylib" | awk '{print $1}')
# System wireshark rpath references
echo "Getting reference paths from system Wireshark..."
local wireshark_refs=$(otool -L $(which tshark) | grep -E "@rpath/libw[^[:space:]]+\.dylib" | awk '{print $1}')
while IFS= read -r dep; do
if [ -n "$dep" ]; then
local lib_name=$(basename "$dep")
local rpath_ref=$(echo "$wireshark_refs" | grep "$lib_name" || true)
if [ -n "$rpath_ref" ]; then
echo "Converting $dep"
echo " to $rpath_ref"
install_name_tool -change "$dep" "$rpath_ref" "$plugin_path"
else
echo "Warning: No matching rpath reference found for $lib_name"
fi
fi
done <<< "$deps"
echo
echo "Final library dependencies:"
otool -L "$plugin_path" | grep -E "libw[^[:space:]]+\.dylib"
echo
echo "Post-processing complete for $plugin_path"
return 0
}