Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-analyzer
diff options
context:
space:
mode:
Diffstat (limited to 'net-analyzer')
-rw-r--r--net-analyzer/ettercap/Manifest1
-rw-r--r--net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild73
-rw-r--r--net-analyzer/ettercap/files/cve-2017-6430.patch68
-rw-r--r--net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch254
4 files changed, 0 insertions, 396 deletions
diff --git a/net-analyzer/ettercap/Manifest b/net-analyzer/ettercap/Manifest
index dccca758f865..fb40201464a6 100644
--- a/net-analyzer/ettercap/Manifest
+++ b/net-analyzer/ettercap/Manifest
@@ -1,2 +1 @@
-DIST ettercap-0.8.2.tar.gz 8082561 BLAKE2B 851df0a8700de45ce0e3427f7fdbdcd13feb2f75c0d1136563449db634b1f02276bade0d82a1a51bf8de726d6faddf05ff537e397c2e56cfc3e3181d25566fe9 SHA512 18137b1cc518c9db3c9650157a5cbf09dbb665b79876a24875d6c5125e8923ebde543464adb61cf1d1244101242f4d66b80d94ef3b36aa265cefca7646aa6415
DIST ettercap-0.8.3.tar.gz 8381943 BLAKE2B f49098d61f60877d3f979d7861f36dad6ec3fbfca7ed89d8f9826867145ea36daec65a1076c893f81391218688448515ef020a9cdf9a16ffddc830bacec8eb1c SHA512 1929c986d3a17ebc693ffe8531e01c66379c0ee6ea71305ea49b6a9eece84b6da1923135311db458bdb6035feb593e525786e6cf4c465ced5a7683384d4a4ae7
diff --git a/net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild b/net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild
deleted file mode 100644
index ae48afb1a7e9..000000000000
--- a/net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild
+++ /dev/null
@@ -1,73 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit cmake-utils
-
-DESCRIPTION="A suite for man in the middle attacks"
-HOMEPAGE="https://github.com/Ettercap/ettercap"
-
-LICENSE="GPL-2+"
-SLOT="0"
-
-if [[ ${PV} == "9999" ]] ; then
- inherit git-r3
- EGIT_REPO_URI="https://github.com/Ettercap/${PN}.git"
-else
- SRC_URI="https://github.com/Ettercap/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" #mirror does not work
- KEYWORDS="~alpha amd64 arm ppc ppc64 sparc x86"
-fi
-
-IUSE="doc gtk ipv6 libressl ncurses +plugins test"
-
-RDEPEND="dev-libs/libbsd
- dev-libs/libpcre
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:0= )
- net-libs/libnet:1.1
- >=net-libs/libpcap-0.8.1
- sys-libs/zlib
- gtk? (
- >=dev-libs/atk-1.2.4
- >=dev-libs/glib-2.2.2:2
- media-libs/freetype
- x11-libs/cairo
- x11-libs/gdk-pixbuf:2
- >=x11-libs/gtk+-2.2.2:2
- >=x11-libs/pango-1.2.3
- )
- ncurses? ( >=sys-libs/ncurses-5.3:= )
- plugins? ( >=net-misc/curl-7.26.0 )"
-DEPEND="${RDEPEND}
- doc? ( app-text/ghostscript-gpl
- sys-apps/groff )
- test? ( dev-libs/check )
- sys-devel/flex
- virtual/yacc"
-PATCHES=(
- "${FILESDIR}"/cve-2017-6430.patch
- "${FILESDIR}"/${P}-openssl-1.1.patch
-)
-
-src_prepare() {
- sed -i "s:Release:Release Gentoo:" CMakeLists.txt || die
- cmake-utils_src_prepare
-}
-
-src_configure() {
- local mycmakeargs=(
- -DENABLE_CURSES="$(usex ncurses)"
- -DENABLE_GTK="$(usex gtk)"
- -DENABLE_PLUGINS="$(usex plugins)"
- -DENABLE_IPV6="$(usex ipv6)"
- -DENABLE_TESTS="$(usex test)"
- -DENABLE_PDF_DOCS="$(usex doc)"
- -DBUNDLED_LIBS=OFF
- -DSYSTEM_LIBS=ON
- -DINSTALL_SYSCONFDIR="${EROOT}"etc
- )
- #right now we only support gtk2, but ettercap also supports gtk3
- #do we care? do we want to support both?
- cmake-utils_src_configure
-}
diff --git a/net-analyzer/ettercap/files/cve-2017-6430.patch b/net-analyzer/ettercap/files/cve-2017-6430.patch
deleted file mode 100644
index 67483dcc0249..000000000000
--- a/net-analyzer/ettercap/files/cve-2017-6430.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 4ad7f85dc01202e363659aa473c99470b3f4e1f4 Mon Sep 17 00:00:00 2001
-From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
-Date: Tue, 7 Mar 2017 22:05:31 +0100
-Subject: [PATCH] Fix issue #782
-
----
- utils/etterfilter/ef_compiler.c | 4 +++-
- utils/etterfilter/ef_main.c | 10 +++++++---
- utils/etterfilter/ef_output.c | 3 +++
- 3 files changed, 13 insertions(+), 4 deletions(-)
-
-diff --git a/utils/etterfilter/ef_compiler.c b/utils/etterfilter/ef_compiler.c
-index db876636e..ddb73bd30 100644
---- a/utils/etterfilter/ef_compiler.c
-+++ b/utils/etterfilter/ef_compiler.c
-@@ -239,7 +239,9 @@ size_t compile_tree(struct filter_op **fop)
- struct filter_op *array = NULL;
- struct unfold_elm *ue;
-
-- BUG_IF(tree_root == NULL);
-+ // invalid file
-+ if (tree_root == NULL)
-+ return 0;
-
- fprintf(stdout, " Unfolding the meta-tree ");
- fflush(stdout);
-diff --git a/utils/etterfilter/ef_main.c b/utils/etterfilter/ef_main.c
-index ae4591344..431084b91 100644
---- a/utils/etterfilter/ef_main.c
-+++ b/utils/etterfilter/ef_main.c
-@@ -39,7 +39,7 @@ struct globals *gbls;
-
- int main(int argc, char *argv[])
- {
--
-+ int ret_value = 0;
- globals_alloc();
- /* etterfilter copyright */
- fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n",
-@@ -84,8 +84,12 @@ int main(int argc, char *argv[])
- fprintf(stdout, "\n\nThe script contains errors...\n\n");
-
- /* write to file */
-- if (write_output() != E_SUCCESS)
-- FATAL_ERROR("Cannot write output file (%s)", GBL_OPTIONS->output_file);
-+ ret_value = write_output();
-+ if (ret_value == -E_NOTHANDLED)
-+ FATAL_ERROR("Cannot write output file (%s): the filter is not correctly handled.", GBL_OPTIONS->output_file);
-+ else if (ret_value == -E_INVALID)
-+ FATAL_ERROR("Cannot write output file (%s): the filter format is not correct. ", GBL_OPTIONS->output_file);
-+
- globals_free();
- return 0;
- }
-diff --git a/utils/etterfilter/ef_output.c b/utils/etterfilter/ef_output.c
-index 5ae591904..fcf19f010 100644
---- a/utils/etterfilter/ef_output.c
-+++ b/utils/etterfilter/ef_output.c
-@@ -51,6 +51,9 @@ int write_output(void)
- if (fop == NULL)
- return -E_NOTHANDLED;
-
-+ if (ninst == 0)
-+ return -E_INVALID;
-+
- /* create the file */
- fd = open(GBL_OPTIONS->output_file, O_CREAT | O_RDWR | O_TRUNC | O_BINARY, 0644);
- ON_ERROR(fd, -1, "Can't create file %s", GBL_OPTIONS->output_file);
diff --git a/net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch b/net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch
deleted file mode 100644
index b7703d3ef5ca..000000000000
--- a/net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch
+++ /dev/null
@@ -1,254 +0,0 @@
-From f0d63b27c82df2ad5f7ada6310727d841b43fbcc Mon Sep 17 00:00:00 2001
-From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
-Date: Mon, 27 Jun 2016 12:41:33 +0200
-Subject: [PATCH 1/2] First draft of openssl 1.1 compatibility layer (from
- https://github.com/curl/curl/commit/cfe16c22d7891a1f65ea8cd4c5352504a2afbddc)
- Closes: #739
-
----
- src/dissectors/ec_ssh.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++-
- src/ec_sslwrap.c | 14 ++++++++
- 2 files changed, 106 insertions(+), 1 deletion(-)
-
-Index: ettercap-0.8.2/src/dissectors/ec_ssh.c
-===================================================================
---- ettercap-0.8.2.orig/src/dissectors/ec_ssh.c
-+++ ettercap-0.8.2/src/dissectors/ec_ssh.c
-@@ -36,6 +36,10 @@
- #include <openssl/md5.h>
- #include <zlib.h>
-
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
-+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
-+#endif
-+
- #define SMSG_PUBLIC_KEY 2
- #define CMSG_SESSION_KEY 3
- #define CMSG_USER 4
-@@ -138,6 +142,11 @@
- char tmp[MAX_ASCII_ADDR_LEN];
- u_int32 ssh_len, ssh_mod;
- u_char ssh_packet_type, *ptr, *key_to_put;
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ BIGNUM *h_n, *s_n, *m_h_n, *m_s_n;
-+ BIGNUM *h_e, *s_e, *m_h_e, *m_s_e;
-+ BIGNUM *h_d, *s_d, *m_h_d, *m_s_d;
-+#endif
-
- /* don't complain about unused var */
- (void) DECODE_DATA;
-@@ -383,12 +392,25 @@
- if (session_data->ptrkey == NULL) {
- /* Initialize RSA key structures (other fileds are set to 0) */
- session_data->serverkey = RSA_new();
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ s_n = BN_new();
-+ s_e = BN_new();
-+ RSA_set0_key(session_data->serverkey, s_n, s_e, s_d);
-+#else
- session_data->serverkey->n = BN_new();
- session_data->serverkey->e = BN_new();
-+#endif
-
- session_data->hostkey = RSA_new();
-+
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ h_n = BN_new();
-+ h_e = BN_new();
-+ RSA_set0_key(session_data->hostkey, h_n, h_e, h_d);
-+#else
- session_data->hostkey->n = BN_new();
- session_data->hostkey->e = BN_new();
-+#endif
-
- /* Get the RSA Key from the packet */
- NS_GET32(server_mod,ptr);
-@@ -396,19 +418,37 @@
- DEBUG_MSG("Dissector_ssh Bougs Server_Mod");
- return NULL;
- }
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ RSA_get0_key(session_data->serverkey, &s_n, &s_e, &s_d);
-+ get_bn(s_e, &ptr);
-+ get_bn(s_n, &ptr);
-+#else
- get_bn(session_data->serverkey->e, &ptr);
- get_bn(session_data->serverkey->n, &ptr);
-+#endif
-
- NS_GET32(host_mod,ptr);
- if (ptr + (host_mod/8) > PACKET->DATA.data + PACKET->DATA.len) {
- DEBUG_MSG("Dissector_ssh Bougs Host_Mod");
- return NULL;
- }
-+
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ RSA_get0_key(session_data->hostkey, &h_n, &h_e, &h_d);
-+ get_bn(h_e, &ptr);
-+ get_bn(h_n, &ptr);
-+#else
- get_bn(session_data->hostkey->e, &ptr);
- get_bn(session_data->hostkey->n, &ptr);
-+#endif
-
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ server_exp = BN_get_word(s_e);
-+ host_exp = BN_get_word(h_e);
-+#else
- server_exp = *(session_data->serverkey->e->d);
- host_exp = *(session_data->hostkey->e->d);
-+#endif
-
- /* Check if we already have a suitable RSA key to substitute */
- index_ssl = &ssh_conn_key;
-@@ -424,7 +464,7 @@
- SAFE_CALLOC(*index_ssl, 1, sizeof(ssh_my_key));
-
- /* Generate the new key */
-- (*index_ssl)->myserverkey = (RSA *)RSA_generate_key(server_mod, server_exp, NULL, NULL);
-+ (*index_ssl)->myserverkey = (RSA *)RSA_generate_key_ex(server_mod, server_exp, NULL, NULL);
- (*index_ssl)->myhostkey = (RSA *)RSA_generate_key(host_mod, host_exp, NULL, NULL);
- (*index_ssl)->server_mod = server_mod;
- (*index_ssl)->host_mod = host_mod;
-@@ -443,11 +483,25 @@
-
- /* Put our RSA key in the packet */
- key_to_put+=4;
-+
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ RSA_get0_key(session_data->ptrkey->myserverkey, &m_s_n, &m_s_e, &m_s_d);
-+ put_bn(m_s_e, &key_to_put);
-+ put_bn(m_s_n, &key_to_put);
-+#else
- put_bn(session_data->ptrkey->myserverkey->e, &key_to_put);
- put_bn(session_data->ptrkey->myserverkey->n, &key_to_put);
-+#endif
- key_to_put+=4;
-+
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ RSA_get0_key(session_data->ptrkey->myhostkey, &m_h_n, &m_h_e, &m_h_d);
-+ put_bn(m_h_e, &key_to_put);
-+ put_bn(m_h_n, &key_to_put);
-+#else
- put_bn(session_data->ptrkey->myhostkey->e, &key_to_put);
- put_bn(session_data->ptrkey->myhostkey->n, &key_to_put);
-+#endif
-
- /* Recalculate SSH crc */
- *(u_int32 *)(PACKET->DATA.data + PACKET->DATA.len - 4) = htonl(CRC_checksum(PACKET->DATA.data+4, PACKET->DATA.len-8, CRC_INIT_ZERO));
-@@ -482,19 +536,34 @@
- key_to_put = ptr;
-
- /* Calculate real session id and our fake session id */
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ temp_session_id = ssh_session_id(cookie, h_n, s_n);
-+#else
- temp_session_id = ssh_session_id(cookie, session_data->hostkey->n, session_data->serverkey->n);
-+#endif
- if (temp_session_id)
- memcpy(session_id1, temp_session_id, 16);
-+
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ temp_session_id=ssh_session_id(cookie, m_h_n, m_s_n);
-+#else
- temp_session_id=ssh_session_id(cookie, session_data->ptrkey->myhostkey->n, session_data->ptrkey->myserverkey->n);
-+#endif
-+
- if (temp_session_id)
- memcpy(session_id2, temp_session_id, 16);
-
- /* Get the session key */
- enckey = BN_new();
-+
- get_bn(enckey, &ptr);
-
- /* Decrypt session key */
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ if (BN_cmp(m_s_n, m_h_n) > 0) {
-+#else
- if (BN_cmp(session_data->ptrkey->myserverkey->n, session_data->ptrkey->myhostkey->n) > 0) {
-+#endif
- rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myserverkey);
- rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myhostkey);
- } else {
-@@ -534,7 +603,11 @@
- BN_add_word(bn, sesskey[i]);
- }
-
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ if (BN_cmp(s_n, h_n) < 0) {
-+#else
- if (BN_cmp(session_data->serverkey->n, session_data->hostkey->n) < 0) {
-+#endif
- rsa_public_encrypt(bn, bn, session_data->serverkey);
- rsa_public_encrypt(bn, bn, session_data->hostkey);
- } else {
-@@ -716,7 +789,16 @@
- u_char *inbuf, *outbuf;
- int32 len, ilen, olen;
-
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ BIGNUM *n;
-+ BIGNUM *e;
-+ BIGNUM *d;
-+ RSA_get0_key(key, &n, &e, &d);
-+ olen = BN_num_bytes(n);
-+#else
- olen = BN_num_bytes(key->n);
-+#endif
-+
- outbuf = malloc(olen);
- if (outbuf == NULL) /* oops, couldn't allocate memory */
- return;
-@@ -744,7 +826,16 @@
- u_char *inbuf, *outbuf;
- int32 len, ilen, olen;
-
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ BIGNUM *n;
-+ BIGNUM *e;
-+ BIGNUM *d;
-+ RSA_get0_key(key, &n, &e, &d);
-+ olen = BN_num_bytes(n);
-+#else
- olen = BN_num_bytes(key->n);
-+#endif
-+
- outbuf = malloc(olen);
- if (outbuf == NULL) /* oops, couldn't allocate memory */
- return;
-Index: ettercap-0.8.2/src/ec_sslwrap.c
-===================================================================
---- ettercap-0.8.2.orig/src/ec_sslwrap.c
-+++ ettercap-0.8.2/src/ec_sslwrap.c
-@@ -53,6 +53,10 @@
- #define OPENSSL_NO_KRB5 1
- #include <openssl/ssl.h>
-
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
-+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
-+#endif
-+
- #define BREAK_ON_ERROR(x,y,z) do { \
- if (x == -E_INVALID) { \
- SAFE_FREE(z.DATA.disp_data); \
-@@ -974,9 +978,19 @@
- index = X509_get_ext_by_NID(server_cert, NID_authority_key_identifier, -1);
- if (index >=0) {
- ext = X509_get_ext(server_cert, index);
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ ASN1_OCTET_STRING* os;
-+ os = X509_EXTENSION_get_data (ext);
-+#endif
- if (ext) {
-+#ifdef HAVE_OPAQUE_RSA_DSA_DH
-+ os->data[7] = 0xe7;
-+ os->data[8] = 0x7e;
-+ X509_EXTENSION_set_data (ext, os);
-+#else
- ext->value->data[7] = 0xe7;
- ext->value->data[8] = 0x7e;
-+#endif
- X509_add_ext(out_cert, ext, -1);
- }
- }