From e95f7354fa4c2512c4701482063a2280531ec409 Mon Sep 17 00:00:00 2001 From: blshkv Date: Tue, 9 Apr 2019 21:51:02 +0800 Subject: [PATCH] dsniff: apply patches from https://bugs.gentoo.org/674192 --- net-analyzer/dsniff/Manifest | 2 +- .../dsniff/dsniff-2.4_beta1-r11.ebuild | 12 +- .../dsniff/files/2.4_beta1-make.patch | 62 ------ .../dsniff/files/2.4_beta1-rpc-r1.patch | 41 ++++ .../dsniff/files/2.4_beta1-sharedir.patch | 32 +++ .../files/24_Fix-OpenSSL1.1.0-Build.patch | 202 ------------------ 6 files changed, 79 insertions(+), 272 deletions(-) delete mode 100644 net-analyzer/dsniff/files/2.4_beta1-make.patch create mode 100644 net-analyzer/dsniff/files/2.4_beta1-rpc-r1.patch create mode 100644 net-analyzer/dsniff/files/2.4_beta1-sharedir.patch delete mode 100644 net-analyzer/dsniff/files/24_Fix-OpenSSL1.1.0-Build.patch diff --git a/net-analyzer/dsniff/Manifest b/net-analyzer/dsniff/Manifest index fd51c7ce2..afa0fe722 100644 --- a/net-analyzer/dsniff/Manifest +++ b/net-analyzer/dsniff/Manifest @@ -1,2 +1,2 @@ DIST dsniff-2.4b1.tar.gz 131666 BLAKE2B f0cc3c875ed37ee573a28d2c54e7dc89bd14df233b047273ebb054820c2f8c61be22b0310c9354446a9ca6e99fdcd7f027fa7a122da667d4a809362dcb8c957f SHA512 62dafab293de6dc3e9b01561b3627d63ca334467c01c3550a6318d8bcbe99d5a301ec16967af34065a14e8bca1c4b6a41da766cbd51ebd8338615b950c4f642f -DIST dsniff_2.4b1+debian-22.1.debian.tar.gz 29657 BLAKE2B 88333aad1498cb5b4fd68776f8e0599672c9c69ee5b0d5424f0a8e9f0958412fb420a6d6ae6d46dc5e6c73c4ab39b1fedbef1a4c6879bb4c2bd363271cb6d98b SHA512 11c6a3c04b5a8b3afb78901003132186964e88019011bea69b43a000c31d23f15c1a1c343c2ad1b03bf0a09664aebfa6f99e335fdfa1496bb020db6541eab6e3 +DIST dsniff_2.4b1+debian-29.debian.tar.xz 29668 BLAKE2B d41c4374ef25db7a93f9a64b9a1cf2d352e5c6938f31c28b765ef2e45416a7db71682e299a4b53446205c2403a26b4ffa2f7004db5d31ddf666a56816a742eac SHA512 a36b8a6d32bd586aa9e97d428807a113a159e0aa0ca014976a75cc2977ac6a62b57fdefc9ca8876533675249f0f32759767a4d0058e9643dde87091733e457c9 diff --git a/net-analyzer/dsniff/dsniff-2.4_beta1-r11.ebuild b/net-analyzer/dsniff/dsniff-2.4_beta1-r11.ebuild index 3c45bc076..5e1d45fc1 100644 --- a/net-analyzer/dsniff/dsniff-2.4_beta1-r11.ebuild +++ b/net-analyzer/dsniff/dsniff-2.4_beta1-r11.ebuild @@ -8,7 +8,7 @@ DESCRIPTION="A collection of tools for network auditing and penetration testing" HOMEPAGE="https://monkey.org/~dugsong/dsniff/" SRC_URI=" https://monkey.org/~dugsong/${PN}/beta/${P/_beta/b}.tar.gz - mirror://debian/pool/main/d/${PN}/${PN}_2.4b1+debian-22.1.debian.tar.gz + mirror://debian/pool/main/d/${PN}/${PN}_2.4b1+debian-29.debian.tar.xz " LICENSE="BSD" @@ -50,17 +50,15 @@ src_prepare() { # Bug 125084 eapply "${FILESDIR}"/${PV}-httppostfix.patch - # various Makefile.in patches - eapply "${FILESDIR}"/${PV}-make.patch - # bug #538462 eapply "${FILESDIR}"/${PV}-macof-size-calculation.patch + #https://bugs.gentoo.org/674192 # libtirpc support - eapply "${FILESDIR}"/${PV}-rpc.patch + eapply "${FILESDIR}"/${PV}-rpc-r1.patch - #openssl 1.1 patch from debian 29 - eapply "${FILESDIR}"/24_Fix-OpenSSL1.1.0-Build.patch + # undo damage from debian patches + eapply "${FILESDIR}"/${PV}-sharedir.patch default eautoreconf diff --git a/net-analyzer/dsniff/files/2.4_beta1-make.patch b/net-analyzer/dsniff/files/2.4_beta1-make.patch deleted file mode 100644 index 29964eb28..000000000 --- a/net-analyzer/dsniff/files/2.4_beta1-make.patch +++ /dev/null @@ -1,62 +0,0 @@ ---- a/Makefile.in -+++ b/Makefile.in -@@ -16,7 +16,7 @@ - mandir = @mandir@ - - CC = @CC@ --CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" -+CFLAGS = @CFLAGS@ - LDFLAGS = @LDFLAGS@ - - PCAPINC = @PCAPINC@ -@@ -75,12 +75,20 @@ - .c.o: - $(CC) $(CFLAGS) $(INCS) -c $(srcdir)/$*.c - --all: libmissing.a $(PROGS) -+all: $(PROGS) -+ -+$(PROGS): libmissing.a -+ -+$(OBJS): $(GEN) - -+mount.h: mount.x -+ rpcgen -h mount.x -o mount.h -+ - mount.c: mount.x -- rpcgen -h mount.x -o mount.h - rpcgen -c mount.x -o mount.c - -+nfs_prot.h: nfs_prot.x -+ rpcgen -h nfs_prot.x -o nfs_prot.h -+ - nfs_prot.c: nfs_prot.x -- rpcgen -h nfs_prot.x -o nfs_prot.h - rpcgen -c nfs_prot.x -o nfs_prot.c -@@ -93,7 +97,7 @@ - $(RANLIB) $@ - - dsniff: $(HDRS) $(SRCS) $(OBJS) -- $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) -+ $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(DBLIB) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(SSLLIB) - - arpspoof: arpspoof.o arp.o - $(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB) -@@ -114,7 +118,7 @@ - $(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) - - sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o -- $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -+ $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(DBLIB) $(LNETLIB) $(SSLLIB) - - sshow: sshow.o pcaputil.o - $(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) -@@ -132,7 +136,7 @@ - $(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) - - webmitm: webmitm.o base64.o buf.o decode_http.o record.o -- $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -+ $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(DBLIB) $(LNETLIB) $(SSLLIB) - - webspy: webspy.o base64.o buf.o remote.o - $(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB) diff --git a/net-analyzer/dsniff/files/2.4_beta1-rpc-r1.patch b/net-analyzer/dsniff/files/2.4_beta1-rpc-r1.patch new file mode 100644 index 000000000..7c4bcff40 --- /dev/null +++ b/net-analyzer/dsniff/files/2.4_beta1-rpc-r1.patch @@ -0,0 +1,41 @@ +diff -urP dsniff-2.4.orig/Makefile.in dsniff-2.4/Makefile.in +--- dsniff-2.4.orig/Makefile.in 2019-01-17 13:41:54.832180094 -0700 ++++ dsniff-2.4/Makefile.in 2019-01-17 14:13:30.282057880 -0700 +@@ -39,8 +39,8 @@ + X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@ + + INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \ +- -I$(srcdir)/missing +-LIBS = @LIBS@ -L$(srcdir) -lmissing ++ -I$(srcdir)/missing @RPC_CFLAGS@ ++LIBS = @LIBS@ -L$(srcdir) -lmissing @RPC_LIBS@ + + INSTALL = @INSTALL@ + INSTALL_PROGRAM = @INSTALL_PROGRAM@ +diff -urP dsniff-2.4.orig/configure.in dsniff-2.4/configure.in +--- dsniff-2.4.orig/configure.in 2019-01-17 13:41:54.632180080 -0700 ++++ dsniff-2.4/configure.in 2019-01-17 14:15:05.824064731 -0700 +@@ -338,4 +338,23 @@ + AC_SUBST(SSLINC) + AC_SUBST(SSLLIB) + ++AC_ARG_WITH([libtirpc], ++ AS_HELP_STRING([--with-libtirpc], [Use libtirpc as RPC implementation (instead of sunrpc)]), ++ [], [ with_libtirpc=no ]) ++ ++AS_IF([test "x$with_libtirpc" != xno], ++ [PKG_CHECK_MODULES([TIRPC], ++ [libtirpc], ++ [RPC_CFLAGS=$TIRPC_CFLAGS; RPC_LIBS=$TIRPC_LIBS;], ++ [AC_MSG_ERROR([libtirpc requested, but library not found.])] ++ )], ++ [AC_CHECK_HEADER(rpc/rpc.h, ++ [RPC_CFLAGS=""; RPC_LIBS="";], ++ [AC_MSG_ERROR([sunrpc requested, but headers are not present.])] ++ )] ++) ++ ++AC_SUBST(RPC_CFLAGS) ++AC_SUBST(RPC_LIBS) ++ + AC_OUTPUT(Makefile) diff --git a/net-analyzer/dsniff/files/2.4_beta1-sharedir.patch b/net-analyzer/dsniff/files/2.4_beta1-sharedir.patch new file mode 100644 index 000000000..37a80a754 --- /dev/null +++ b/net-analyzer/dsniff/files/2.4_beta1-sharedir.patch @@ -0,0 +1,32 @@ +diff -urP dsniff-2.4.orig/Makefile.in dsniff-2.4/Makefile.in +--- dsniff-2.4.orig/Makefile.in 2019-01-17 16:11:25.546048937 -0700 ++++ dsniff-2.4/Makefile.in 2019-01-17 16:56:37.218243360 -0700 +@@ -11,12 +11,12 @@ + install_prefix = + prefix = @prefix@ + exec_prefix = @exec_prefix@ +-libdir = @libdir@ ++sharedir = $(prefix)/share/dsniff + sbindir = @sbindir@ + mandir = @mandir@ + + CC = @CC@ +-CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" ++CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(sharedir)/\" + CPPFLAGS = @CPPFLAGS@ + LDFLAGS = @LDFLAGS@ + +@@ -157,10 +157,10 @@ + for file in $(PROGS); do \ + $(INSTALL_PROGRAM) -m 755 $$file $(install_prefix)$(sbindir); \ + done +- test -d $(install_prefix)$(libdir) || \ +- $(INSTALL) -d $(install_prefix)$(libdir) ++ test -d $(install_prefix)$(sharedir) || \ ++ $(INSTALL) -d $(install_prefix)$(sharedir) + for file in $(CONFIGS); do \ +- $(INSTALL_DATA) $$file $(install_prefix)$(libdir); \ ++ $(INSTALL_DATA) $$file $(install_prefix)$(sharedir); \ + done + test -d $(install_prefix)$(mandir)/man8 || \ + $(INSTALL) -d $(install_prefix)$(mandir)/man8 diff --git a/net-analyzer/dsniff/files/24_Fix-OpenSSL1.1.0-Build.patch b/net-analyzer/dsniff/files/24_Fix-OpenSSL1.1.0-Build.patch deleted file mode 100644 index db7739ee3..000000000 --- a/net-analyzer/dsniff/files/24_Fix-OpenSSL1.1.0-Build.patch +++ /dev/null @@ -1,202 +0,0 @@ -Description: Fix build with OpenSSL 1.1.0 -Author: Christoph Biedl ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ - - ---- a/ssh.c -+++ b/ssh.c -@@ -234,7 +234,10 @@ - u_char *p, cipher, cookie[8], msg[1024]; - u_int32_t num; - int i; -- -+ -+ const BIGNUM *servkey_e, *servkey_n; -+ const BIGNUM *hostkey_e, *hostkey_n; -+ - /* Generate anti-spoofing cookie. */ - RAND_bytes(cookie, sizeof(cookie)); - -@@ -243,11 +246,13 @@ - *p++ = SSH_SMSG_PUBLIC_KEY; /* type */ - memcpy(p, cookie, 8); p += 8; /* cookie */ - num = 768; PUTLONG(num, p); /* servkey bits */ -- put_bn(ssh->ctx->servkey->e, &p); /* servkey exponent */ -- put_bn(ssh->ctx->servkey->n, &p); /* servkey modulus */ -+ RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL); -+ put_bn(servkey_e, &p); /* servkey exponent */ -+ put_bn(servkey_n, &p); /* servkey modulus */ - num = 1024; PUTLONG(num, p); /* hostkey bits */ -- put_bn(ssh->ctx->hostkey->e, &p); /* hostkey exponent */ -- put_bn(ssh->ctx->hostkey->n, &p); /* hostkey modulus */ -+ RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL); -+ put_bn(hostkey_e, &p); /* hostkey exponent */ -+ put_bn(hostkey_n, &p); /* hostkey modulus */ - num = 0; PUTLONG(num, p); /* protocol flags */ - num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */ - num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */ -@@ -298,7 +303,7 @@ - SKIP(p, i, 4); - - /* Decrypt session key. */ -- if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) { -+ if (BN_cmp(servkey_n, hostkey_n) > 0) { - rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); - rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); - } -@@ -318,8 +323,8 @@ - BN_clear_free(enckey); - - /* Derive real session key using session id. */ -- if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, -- ssh->ctx->servkey->n)) == NULL) { -+ if ((p = ssh_session_id(cookie, hostkey_n, -+ servkey_n)) == NULL) { - warn("ssh_session_id"); - return (-1); - } -@@ -328,10 +333,8 @@ - } - /* Set cipher. */ - if (cipher == SSH_CIPHER_3DES) { -- ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); -- ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); -- ssh->encrypt = des3_encrypt; -- ssh->decrypt = des3_decrypt; -+ warnx("cipher 3des no longer supported"); -+ return (-1); - } - else if (cipher == SSH_CIPHER_BLOWFISH) { - ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); -@@ -357,7 +360,10 @@ - u_char *p, cipher, cookie[8], msg[1024]; - u_int32_t num; - int i; -- -+ -+ BIGNUM *servkey_n, *servkey_e; -+ BIGNUM *hostkey_n, *hostkey_e; -+ - /* Get public key. */ - if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { - warn("SSH_recv"); -@@ -379,21 +385,23 @@ - - /* Get servkey. */ - ssh->ctx->servkey = RSA_new(); -- ssh->ctx->servkey->n = BN_new(); -- ssh->ctx->servkey->e = BN_new(); -+ servkey_n = BN_new(); -+ servkey_e = BN_new(); -+ RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL); - - SKIP(p, i, 4); -- get_bn(ssh->ctx->servkey->e, &p, &i); -- get_bn(ssh->ctx->servkey->n, &p, &i); -+ get_bn(servkey_e, &p, &i); -+ get_bn(servkey_n, &p, &i); - - /* Get hostkey. */ - ssh->ctx->hostkey = RSA_new(); -- ssh->ctx->hostkey->n = BN_new(); -- ssh->ctx->hostkey->e = BN_new(); -+ hostkey_n = BN_new(); -+ hostkey_e = BN_new(); -+ RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL); - - SKIP(p, i, 4); -- get_bn(ssh->ctx->hostkey->e, &p, &i); -- get_bn(ssh->ctx->hostkey->n, &p, &i); -+ get_bn(hostkey_e, &p, &i); -+ get_bn(hostkey_n, &p, &i); - - /* Get cipher, auth masks. */ - SKIP(p, i, 4); -@@ -405,8 +413,8 @@ - RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey)); - - /* Obfuscate with session id. */ -- if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, -- ssh->ctx->servkey->n)) == NULL) { -+ if ((p = ssh_session_id(cookie, hostkey_n, -+ servkey_n)) == NULL) { - warn("ssh_session_id"); - return (-1); - } -@@ -422,7 +430,7 @@ - else BN_add_word(bn, ssh->sesskey[i]); - } - /* Encrypt session key. */ -- if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) { -+ if (BN_cmp(servkey_n, hostkey_n) < 0) { - rsa_public_encrypt(bn, bn, ssh->ctx->servkey); - rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); - } -@@ -470,10 +478,8 @@ - ssh->decrypt = blowfish_decrypt; - } - else if (cipher == SSH_CIPHER_3DES) { -- ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); -- ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); -- ssh->encrypt = des3_encrypt; -- ssh->decrypt = des3_decrypt; -+ warnx("cipher 3des no longer supported"); -+ return (-1); - } - /* Get server response. */ - if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { ---- a/sshcrypto.c -+++ b/sshcrypto.c -@@ -28,10 +28,12 @@ - u_char iv[8]; - }; - -+#if 0 - struct des3_state { - des_key_schedule k1, k2, k3; - des_cblock iv1, iv2, iv3; - }; -+#endif - - void - rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) -@@ -39,10 +41,12 @@ - u_char *inbuf, *outbuf; - int len, ilen, olen; - -- if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) -+ const BIGNUM *n, *e; -+ RSA_get0_key(key, &n, &e, NULL); -+ if (BN_num_bits(e) < 2 || !BN_is_odd(e)) - errx(1, "rsa_public_encrypt() exponent too small or not odd"); - -- olen = BN_num_bytes(key->n); -+ olen = BN_num_bytes(n); - outbuf = malloc(olen); - - ilen = BN_num_bytes(in); -@@ -71,7 +75,9 @@ - u_char *inbuf, *outbuf; - int len, ilen, olen; - -- olen = BN_num_bytes(key->n); -+ const BIGNUM *n; -+ RSA_get0_key(key, &n, NULL, NULL); -+ olen = BN_num_bytes(n); - outbuf = malloc(olen); - - ilen = BN_num_bytes(in); -@@ -146,6 +152,7 @@ - swap_bytes(dst, dst, len); - } - -+#if 0 - /* XXX - SSH1's weirdo 3DES... */ - void * - des3_init(u_char *sesskey, int len) -@@ -194,3 +201,4 @@ - des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT); - des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT); - } -+#endif