dnsiff: openssl 1.1 patch

net-analyzer/dsniff/Manifest

@@ -1,3 +1,2 @@
 DIST dsniff-2.4b1.tar.gz 131666 BLAKE2B f0cc3c875ed37ee573a28d2c54e7dc89bd14df233b047273ebb054820c2f8c61be22b0310c9354446a9ca6e99fdcd7f027fa7a122da667d4a809362dcb8c957f SHA512 62dafab293de6dc3e9b01561b3627d63ca334467c01c3550a6318d8bcbe99d5a301ec16967af34065a14e8bca1c4b6a41da766cbd51ebd8338615b950c4f642f
-DIST dsniff_2.4b1+debian-18.diff.gz 44819 BLAKE2B 79b5614cbe4f36c2d321cd392cbfd2db94530680fbbab35f5069850ab6bda0fab6b7a2a93a983773793b9f645499c24393d6c652f0aba6c48651ae17ff4b24fe SHA512 9f219dfa7fd68399126cd2b373a7054168638606c03e8297af46a89c242f81e45f99857922e6782cab608b8cafab528bcfaeb37acd3cca85f5b4a8efd91e71d5
 DIST dsniff_2.4b1+debian-22.1.debian.tar.gz 29657 BLAKE2B 88333aad1498cb5b4fd68776f8e0599672c9c69ee5b0d5424f0a8e9f0958412fb420a6d6ae6d46dc5e6c73c4ab39b1fedbef1a4c6879bb4c2bd363271cb6d98b SHA512 11c6a3c04b5a8b3afb78901003132186964e88019011bea69b43a000c31d23f15c1a1c343c2ad1b03bf0a09664aebfa6f99e335fdfa1496bb020db6541eab6e3

net-analyzer/dsniff/dsniff-2.4_beta1-r11.ebuild

@@ -59,6 +59,9 @@ src_prepare() {
 	# libtirpc support
 	eapply "${FILESDIR}"/${PV}-rpc.patch
 
+	#openssl 1.1 patch from debian 29
+	eapply "${FILESDIR}"/24_Fix-OpenSSL1.1.0-Build.patch
+
 	default
 	eautoreconf
 }

net-analyzer/dsniff/files/24_Fix-OpenSSL1.1.0-Build.patch

@@ -0,0 +1,202 @@
+Description: Fix build with OpenSSL 1.1.0
+Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+
+--- a/ssh.c
++++ b/ssh.c
+@@ -234,7 +234,10 @@
+ 	u_char *p, cipher, cookie[8], msg[1024];
+ 	u_int32_t num;
+ 	int i;
+-	
++    
++	const BIGNUM *servkey_e, *servkey_n;
++	const BIGNUM *hostkey_e, *hostkey_n;
++
+ 	/* Generate anti-spoofing cookie. */
+ 	RAND_bytes(cookie, sizeof(cookie));
+ 	
+@@ -243,11 +246,13 @@
+ 	*p++ = SSH_SMSG_PUBLIC_KEY;			/* type */
+ 	memcpy(p, cookie, 8); p += 8;			/* cookie */
+ 	num = 768; PUTLONG(num, p);			/* servkey bits */
+-	put_bn(ssh->ctx->servkey->e, &p);		/* servkey exponent */
+-	put_bn(ssh->ctx->servkey->n, &p);		/* servkey modulus */
++	RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL);
++	put_bn(servkey_e, &p);		/* servkey exponent */
++	put_bn(servkey_n, &p);		/* servkey modulus */
+ 	num = 1024; PUTLONG(num, p);			/* hostkey bits */
+-	put_bn(ssh->ctx->hostkey->e, &p);		/* hostkey exponent */
+-	put_bn(ssh->ctx->hostkey->n, &p);		/* hostkey modulus */
++	RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL);
++	put_bn(hostkey_e, &p);		/* hostkey exponent */
++	put_bn(hostkey_n, &p);		/* hostkey modulus */
+ 	num = 0; PUTLONG(num, p);			/* protocol flags */
+ 	num = ssh->ctx->encmask; PUTLONG(num, p);	/* ciphers */
+ 	num = ssh->ctx->authmask; PUTLONG(num, p);	/* authmask */
+@@ -298,7 +303,7 @@
+ 	SKIP(p, i, 4);
+ 
+ 	/* Decrypt session key. */
+-	if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) {
++	if (BN_cmp(servkey_n, hostkey_n) > 0) {
+ 		rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey);
+ 		rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey);
+ 	}
+@@ -318,8 +323,8 @@
+ 	BN_clear_free(enckey);
+ 	
+ 	/* Derive real session key using session id. */
+-	if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+-				ssh->ctx->servkey->n)) == NULL) {
++	if ((p = ssh_session_id(cookie, hostkey_n,
++				servkey_n)) == NULL) {
+ 		warn("ssh_session_id");
+ 		return (-1);
+ 	}
+@@ -328,10 +333,8 @@
+ 	}
+ 	/* Set cipher. */
+ 	if (cipher == SSH_CIPHER_3DES) {
+-		ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+-		ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+-		ssh->encrypt = des3_encrypt;
+-		ssh->decrypt = des3_decrypt;
++		warnx("cipher 3des no longer supported");
++		return (-1);
+ 	}
+ 	else if (cipher == SSH_CIPHER_BLOWFISH) {
+ 		ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey));
+@@ -357,7 +360,10 @@
+ 	u_char *p, cipher, cookie[8], msg[1024];
+ 	u_int32_t num;
+ 	int i;
+-	
++
++	BIGNUM *servkey_n, *servkey_e;
++	BIGNUM *hostkey_n, *hostkey_e;
++
+ 	/* Get public key. */
+ 	if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+ 		warn("SSH_recv");
+@@ -379,21 +385,23 @@
+ 
+ 	/* Get servkey. */
+ 	ssh->ctx->servkey = RSA_new();
+-	ssh->ctx->servkey->n = BN_new();
+-	ssh->ctx->servkey->e = BN_new();
++	servkey_n = BN_new();
++	servkey_e = BN_new();
++	RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL);
+ 
+ 	SKIP(p, i, 4);
+-	get_bn(ssh->ctx->servkey->e, &p, &i);
+-	get_bn(ssh->ctx->servkey->n, &p, &i);
++	get_bn(servkey_e, &p, &i);
++	get_bn(servkey_n, &p, &i);
+ 
+ 	/* Get hostkey. */
+ 	ssh->ctx->hostkey = RSA_new();
+-	ssh->ctx->hostkey->n = BN_new();
+-	ssh->ctx->hostkey->e = BN_new();
++	hostkey_n = BN_new();
++	hostkey_e = BN_new();
++	RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL);
+ 
+ 	SKIP(p, i, 4);
+-	get_bn(ssh->ctx->hostkey->e, &p, &i);
+-	get_bn(ssh->ctx->hostkey->n, &p, &i);
++	get_bn(hostkey_e, &p, &i);
++	get_bn(hostkey_n, &p, &i);
+ 
+ 	/* Get cipher, auth masks. */
+ 	SKIP(p, i, 4);
+@@ -405,8 +413,8 @@
+ 	RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey));
+ 
+ 	/* Obfuscate with session id. */
+-	if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+-				ssh->ctx->servkey->n)) == NULL) {
++	if ((p = ssh_session_id(cookie, hostkey_n,
++				servkey_n)) == NULL) {
+ 		warn("ssh_session_id");
+ 		return (-1);
+ 	}
+@@ -422,7 +430,7 @@
+ 		else BN_add_word(bn, ssh->sesskey[i]);
+ 	}
+ 	/* Encrypt session key. */
+-	if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) {
++	if (BN_cmp(servkey_n, hostkey_n) < 0) {
+ 		rsa_public_encrypt(bn, bn, ssh->ctx->servkey);
+ 		rsa_public_encrypt(bn, bn, ssh->ctx->hostkey);
+ 	}
+@@ -470,10 +478,8 @@
+ 		ssh->decrypt = blowfish_decrypt;
+ 	}
+ 	else if (cipher == SSH_CIPHER_3DES) {
+-		ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+-		ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+-		ssh->encrypt = des3_encrypt;
+-		ssh->decrypt = des3_decrypt;
++		warnx("cipher 3des no longer supported");
++		return (-1);
+ 	}
+ 	/* Get server response. */
+ 	if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+--- a/sshcrypto.c
++++ b/sshcrypto.c
+@@ -28,10 +28,12 @@
+ 	u_char			iv[8];
+ };
+ 
++#if 0
+ struct des3_state {
+ 	des_key_schedule	k1, k2, k3;
+ 	des_cblock		iv1, iv2, iv3;
+ };
++#endif
+ 
+ void
+ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
+@@ -39,10 +41,12 @@
+ 	u_char *inbuf, *outbuf;
+ 	int len, ilen, olen;
+ 
+-	if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
++	const BIGNUM *n, *e;
++	RSA_get0_key(key, &n, &e, NULL);
++	if (BN_num_bits(e) < 2 || !BN_is_odd(e))
+ 		errx(1, "rsa_public_encrypt() exponent too small or not odd");
+ 
+-	olen = BN_num_bytes(key->n);
++	olen = BN_num_bytes(n);
+ 	outbuf = malloc(olen);
+ 
+ 	ilen = BN_num_bytes(in);
+@@ -71,7 +75,9 @@
+ 	u_char *inbuf, *outbuf;
+ 	int len, ilen, olen;
+ 
+-	olen = BN_num_bytes(key->n);
++	const BIGNUM *n;
++	RSA_get0_key(key, &n, NULL, NULL);
++	olen = BN_num_bytes(n);
+ 	outbuf = malloc(olen);
+ 
+ 	ilen = BN_num_bytes(in);
+@@ -146,6 +152,7 @@
+ 	swap_bytes(dst, dst, len);
+ }
+ 
++#if 0
+ /* XXX - SSH1's weirdo 3DES... */
+ void *
+ des3_init(u_char *sesskey, int len)
+@@ -194,3 +201,4 @@
+ 	des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT);
+ 	des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT);
+ }
++#endif