* [PR PATCH] ettercap: update to 0.8.3.1
@ 2020-11-03 22:09 ndowens
2020-11-06 2:32 ` [PR PATCH] [Merged]: " abenson
0 siblings, 1 reply; 2+ messages in thread
From: ndowens @ 2020-11-03 22:09 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 313 bytes --]
There is a new pull request by ndowens against master on the void-packages repository
https://github.com/ndowens/void-packages ettercap
https://github.com/void-linux/void-packages/pull/26115
ettercap: update to 0.8.3.1
A patch file from https://github.com/void-linux/void-packages/pull/26115.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-ettercap-26115.patch --]
[-- Type: text/x-diff, Size: 15086 bytes --]
From b8cc7c7166728c7ccc0fa9ebd4d52be6bfc723db Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens@artixlinux.org>
Date: Tue, 3 Nov 2020 16:08:55 -0600
Subject: [PATCH] ettercap: update to 0.8.3.1
---
srcpkgs/ettercap/patches/CVE-2017-6430.patch | 57 ------
srcpkgs/ettercap/patches/CVE-2017-8366.patch | 201 -------------------
srcpkgs/ettercap/patches/libressl.patch | 31 +++
srcpkgs/ettercap/template | 9 +-
4 files changed, 36 insertions(+), 262 deletions(-)
delete mode 100644 srcpkgs/ettercap/patches/CVE-2017-6430.patch
delete mode 100644 srcpkgs/ettercap/patches/CVE-2017-8366.patch
create mode 100644 srcpkgs/ettercap/patches/libressl.patch
diff --git a/srcpkgs/ettercap/patches/CVE-2017-6430.patch b/srcpkgs/ettercap/patches/CVE-2017-6430.patch
deleted file mode 100644
index bc090f594ea..00000000000
--- a/srcpkgs/ettercap/patches/CVE-2017-6430.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-diff --git a/utils/etterfilter/ef_compiler.c b/utils/etterfilter/ef_compiler.c
-index db876636..ddb73bd3 100644
---- utils/etterfilter/ef_compiler.c
-+++ utils/etterfilter/ef_compiler.c
-@@ -239,7 +239,9 @@ size_t compile_tree(struct filter_op **fop)
- struct filter_op *array = NULL;
- struct unfold_elm *ue;
-
-- BUG_IF(tree_root == NULL);
-+ // invalid file
-+ if (tree_root == NULL)
-+ return 0;
-
- fprintf(stdout, " Unfolding the meta-tree ");
- fflush(stdout);
-diff --git a/utils/etterfilter/ef_main.c b/utils/etterfilter/ef_main.c
-index ae459134..431084b9 100644
---- utils/etterfilter/ef_main.c
-+++ utils/etterfilter/ef_main.c
-@@ -39,7 +39,7 @@ struct globals *gbls;
-
- int main(int argc, char *argv[])
- {
--
-+ int ret_value = 0;
- globals_alloc();
- /* etterfilter copyright */
- fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n",
-@@ -84,8 +84,12 @@ int main(int argc, char *argv[])
- fprintf(stdout, "\n\nThe script contains errors...\n\n");
-
- /* write to file */
-- if (write_output() != E_SUCCESS)
-- FATAL_ERROR("Cannot write output file (%s)", GBL_OPTIONS->output_file);
-+ ret_value = write_output();
-+ if (ret_value == -E_NOTHANDLED)
-+ FATAL_ERROR("Cannot write output file (%s): the filter is not correctly handled.", GBL_OPTIONS->output_file);
-+ else if (ret_value == -E_INVALID)
-+ FATAL_ERROR("Cannot write output file (%s): the filter format is not correct. ", GBL_OPTIONS->output_file);
-+
- globals_free();
- return 0;
- }
-diff --git a/utils/etterfilter/ef_output.c b/utils/etterfilter/ef_output.c
-index 5ae59190..fcf19f01 100644
---- utils/etterfilter/ef_output.c
-+++ utils/etterfilter/ef_output.c
-@@ -51,6 +51,9 @@ int write_output(void)
- if (fop == NULL)
- return -E_NOTHANDLED;
-
-+ if (ninst == 0)
-+ return -E_INVALID;
-+
- /* create the file */
- fd = open(GBL_OPTIONS->output_file, O_CREAT | O_RDWR | O_TRUNC | O_BINARY, 0644);
- ON_ERROR(fd, -1, "Can't create file %s", GBL_OPTIONS->output_file);
diff --git a/srcpkgs/ettercap/patches/CVE-2017-8366.patch b/srcpkgs/ettercap/patches/CVE-2017-8366.patch
deleted file mode 100644
index 4ffa09bc768..00000000000
--- a/srcpkgs/ettercap/patches/CVE-2017-8366.patch
+++ /dev/null
@@ -1,201 +0,0 @@
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 90050590..8f7c7c36 100644
---- CMakeLists.txt
-+++ CMakeLists.txt
-@@ -126,7 +126,27 @@ if(NOT DISABLE_RPATH)
- set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE)
- set(CMAKE_MACOSX_RPATH 1)
- endif(NOT DISABLE_RPATH)
-+
-+# set general build flags for debug build-type
- set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -DDEBUG -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls" CACHE STRING "" FORCE)
-+# append ASAN build flags if compiler version has support
-+if ("${CMAKE_C_COMPILER_ID}" STREQUAL "GNU")
-+ if (CMAKE_C_COMPILER_VERSION VERSION_GREATER 4.8)
-+ set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE)
-+ message("Building with ASAN support (GNU compiler)")
-+ else (CMAKE_C_COMPILER_VERSION VERSION_GREATER 4.8)
-+ message("Building without ASAN support (GNU compiler)")
-+ endif (CMAKE_C_COMPILER_VERSION VERSION_GREATER 4.8)
-+elseif ("${CMAKE_C_COMPILER_ID}" STREQUAL "Clang")
-+ if (CMAKE_C_COMPILER_VERSION VERSION_GREATER 3.1)
-+ set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE)
-+ message("Building with ASAN support (Clang compiler)")
-+ elseif (CMAKE_C_COMPILER_VERSION VERSION_GREATER 3.1)
-+ message("Building without ASAN support (Clang compiler)")
-+ endif (CMAKE_C_COMPILER_VERSION VERSION_GREATER 3.1)
-+endif ("${CMAKE_C_COMPILER_ID}" STREQUAL "GNU")
-+
-+# set build flags for release build-type
- set(CMAKE_C_FLAGS_RELEASE "-O2 -w -D_FORTIFY_SOURCE=2" CACHE STRING "" FORCE)
-
- if(OS_DARWIN)
-diff --git a/include/ec_strings.h b/include/ec_strings.h
-index f791739d..9ad245ef 100644
---- include/ec_strings.h
-+++ include/ec_strings.h
-@@ -43,7 +43,7 @@
-
- EC_API_EXTERN int match_pattern(const char *s, const char *pattern);
- EC_API_EXTERN int base64_decode(char *bufplain, const char *bufcoded);
--EC_API_EXTERN int strescape(char *dst, char *src);
-+EC_API_EXTERN int strescape(char *dst, char *src, size_t len);
- EC_API_EXTERN int str_replace(char **text, const char *s, const char *d);
- EC_API_EXTERN size_t strlen_utf8(const char *s);
- EC_API_EXTERN char * ec_strtok(char *s, const char *delim, char **ptrptr);
-diff --git a/src/ec_encryption.c b/src/ec_encryption.c
-index 6c02529c..3d505603 100644
---- src/ec_encryption.c
-+++ src/ec_encryption.c
-@@ -218,7 +218,7 @@ int set_wep_key(char *string)
-
- if (type == 's') {
- /* escape the string and check its length */
-- if (strescape((char *)tmp_wkey, p) != (int)tmp_wkey_len)
-+ if (strescape((char *)tmp_wkey, p, strlen(tmp_wkey)+1) != (int)tmp_wkey_len)
- SEMIFATAL_ERROR("Specified WEP key length does not match the given string");
- } else if (type == 'p') {
- /* create the key from the passphrase */
-diff --git a/src/ec_strings.c b/src/ec_strings.c
-index 53583851..21b71926 100644
---- src/ec_strings.c
-+++ src/ec_strings.c
-@@ -167,13 +167,14 @@ static int hextoint(int c)
- /*
- * convert the escaped string into a binary one
- */
--int strescape(char *dst, char *src)
-+int strescape(char *dst, char *src, size_t len)
- {
- char *olddst = dst;
-+ char *oldsrc = src;
- int c;
- int val;
-
-- while ((c = *src++) != '\0') {
-+ while ((c = *src++) != '\0' && (size_t)(src - oldsrc) <= len) {
- if (c == '\\') {
- switch ((c = *src++)) {
- case '\0':
-@@ -218,9 +219,11 @@ int strescape(char *dst, char *src)
- if (c >= '0' && c <= '7')
- val = (val << 3) | (c - '0');
- else
-- --src;
-+ if (src > oldsrc) /* protect against buffer underflow */
-+ --src;
- } else
-- --src;
-+ if (src > oldsrc) /* protect against buffer underflow */
-+ --src;
- *dst++ = (char) val;
- break;
-
-@@ -232,15 +235,17 @@ int strescape(char *dst, char *src)
- c = hextoint(*src++);
- if (c >= 0)
- val = (val << 4) + c;
-- else
-- --src;
-- } else
-- --src;
-+ else if (src > oldsrc) /* protect against buffer underflow */
-+ --src;
-+ } else if (src > oldsrc) /* protect against buffer underflow */
-+ --src;
- *dst++ = (char) val;
- break;
- }
-- } else if (c == 8 || c == 263) /* the backspace */
-- dst--;
-+ } else if (c == 8 || c == 263) { /* the backspace */
-+ if (dst > oldsrc) /* protect against buffer underflow */
-+ dst--;
-+ }
- else
- *dst++ = (char) c;
- }
-diff --git a/src/interfaces/curses/ec_curses_view_connections.c b/src/interfaces/curses/ec_curses_view_connections.c
-index fb52331c..011c0edf 100644
---- src/interfaces/curses/ec_curses_view_connections.c
-+++ src/interfaces/curses/ec_curses_view_connections.c
-@@ -614,7 +614,7 @@ static void inject_user(void)
- size_t len;
-
- /* escape the sequnces in the buffer */
-- len = strescape((char*)injectbuf, (char*)injectbuf);
-+ len = strescape((char*)injectbuf, (char*)injectbuf, strlen(injectbuf)+1);
-
- /* check where to inject */
- if (wdg_c1->flags & WDG_OBJ_FOCUSED) {
-diff --git a/src/interfaces/gtk/ec_gtk_view_connections.c b/src/interfaces/gtk/ec_gtk_view_connections.c
-index fa7dfdc5..b55e1755 100644
---- src/interfaces/gtk/ec_gtk_view_connections.c
-+++ src/interfaces/gtk/ec_gtk_view_connections.c
-@@ -1627,7 +1627,7 @@ static void gtkui_inject_user(int side)
- size_t len;
-
- /* escape the sequnces in the buffer */
-- len = strescape(injectbuf, injectbuf);
-+ len = strescape(injectbuf, injectbuf, strlen(injectbuf)+1);
-
- /* check where to inject */
- if (side == 1 || side == 2) {
-diff --git a/utils/etterfilter/ef_encode.c b/utils/etterfilter/ef_encode.c
-index d4b9110c..7e359e06 100644
---- utils/etterfilter/ef_encode.c
-+++ utils/etterfilter/ef_encode.c
-@@ -136,7 +136,8 @@ int encode_const(char *string, struct filter_op *fop)
- fop->op.test.string = (u_char*)strdup(string + 1);
-
- /* escape it in the structure */
-- fop->op.test.slen = strescape((char*)fop->op.test.string, (char*)fop->op.test.string);
-+ fop->op.test.slen = strescape((char*)fop->op.test.string,
-+ (char*)fop->op.test.string, strlen(fop->op.test.string)+1);
-
- return E_SUCCESS;
-
-@@ -184,7 +185,8 @@ int encode_function(char *string, struct filter_op *fop)
- fop->opcode = FOP_FUNC;
- fop->op.func.op = FFUNC_SEARCH;
- fop->op.func.string = (u_char*)strdup(dec_args[1]);
-- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string);
-+ fop->op.func.slen = strescape((char*)fop->op.func.string,
-+ (char*)fop->op.func.string, strlen(fop->op.func.string)+1);
- ret = E_SUCCESS;
- } else
- SCRIPT_ERROR("Unknown offset %s ", dec_args[0]);
-@@ -202,7 +204,8 @@ int encode_function(char *string, struct filter_op *fop)
- fop->opcode = FOP_FUNC;
- fop->op.func.op = FFUNC_REGEX;
- fop->op.func.string = (u_char*)strdup(dec_args[1]);
-- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string);
-+ fop->op.func.slen = strescape((char*)fop->op.func.string,
-+ (char*)fop->op.func.string, strlen(fop->op.func.string)+1);
- ret = E_SUCCESS;
- } else
- SCRIPT_ERROR("Unknown offset %s ", dec_args[0]);
-@@ -272,9 +275,11 @@ int encode_function(char *string, struct filter_op *fop)
- /* replace always operate at DATA level */
- fop->op.func.level = 5;
- fop->op.func.string = (u_char*)strdup(dec_args[0]);
-- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string);
-+ fop->op.func.slen = strescape((char*)fop->op.func.string,
-+ (char*)fop->op.func.string, strlen(fop->op.func.string)+1);
- fop->op.func.replace = (u_char*)strdup(dec_args[1]);
-- fop->op.func.rlen = strescape((char*)fop->op.func.replace, (char*)fop->op.func.replace);
-+ fop->op.func.rlen = strescape((char*)fop->op.func.replace,
-+ (char*)fop->op.func.replace, strlen(fop->op.func.replace)+1);
- ret = E_SUCCESS;
- } else
- SCRIPT_ERROR("Wrong number of arguments for function \"%s\" ", name);
-@@ -328,7 +333,8 @@ int encode_function(char *string, struct filter_op *fop)
- if (nargs == 1) {
- fop->op.func.op = FFUNC_MSG;
- fop->op.func.string = (u_char*)strdup(dec_args[0]);
-- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string);
-+ fop->op.func.slen = strescape((char*)fop->op.func.string,
-+ (char*)fop->op.func.string, strlen(fop->op.func.string)+1);
- ret = E_SUCCESS;
- } else
- SCRIPT_ERROR("Wrong number of arguments for function \"%s\" ", name);
diff --git a/srcpkgs/ettercap/patches/libressl.patch b/srcpkgs/ettercap/patches/libressl.patch
new file mode 100644
index 00000000000..15e0d3c1c9e
--- /dev/null
+++ b/srcpkgs/ettercap/patches/libressl.patch
@@ -0,0 +1,31 @@
+From b2f7634c9dbc0ef68640f0571787d92300e9f9f9 Mon Sep 17 00:00:00 2001
+From: Stefan Strogin <stefan@steils.org>
+Date: Sat, 15 Aug 2020 07:18:31 +0300
+Subject: [PATCH] ec_sslwrap: fix compilation with LibreSSL
+
+Disable taking over SNI extension from ClientHello and SSL configuration
+operations until LibreSSL supports the required API.
+
+Fixes: https://github.com/Ettercap/ettercap/issues/1068
+---
+ src/ec_sslwrap.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git src/ec_sslwrap.c src/ec_sslwrap.c
+index b9f26a142..1e4c24fc1 100644
+--- src/ec_sslwrap.c
++++ src/ec_sslwrap.c
+@@ -71,11 +71,11 @@
+ #define TLS_server_method SSLv23_server_method
+ #endif
+
+-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
+ #define HAVE_OPENSSL_1_1_0
+ #endif
+
+-#if (OPENSSL_VERSION_NUMBER >= 0x10101000L)
++#if (OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(LIBRESSL_VERSION_NUMBER)
+ #define HAVE_OPENSSL_1_1_1
+ #endif
+
diff --git a/srcpkgs/ettercap/template b/srcpkgs/ettercap/template
index 772c073b6d2..0a096f4ad57 100644
--- a/srcpkgs/ettercap/template
+++ b/srcpkgs/ettercap/template
@@ -1,18 +1,19 @@
# Template file for 'ettercap'
pkgname=ettercap
-version=0.8.2
-revision=14
+version=0.8.3.1
+revision=1
build_style=cmake
configure_args="-DENABLE_GTK=OFF"
hostmakedepends="flex"
-makedepends="ncurses-devel libressl-devel libcurl-devel libltdl-devel libnet-devel libpcap-devel pcre-devel"
+makedepends="geoip-devel ncurses-devel libressl-devel libcurl-devel
+ libltdl-devel libnet-devel libpcap-devel pcre-devel"
conf_files="/etc/${pkgname}/etter.conf"
short_desc="Network sniffer/interceptor/logger for ethernet LANs"
maintainer="Orphaned <orphan@voidlinux.org>"
license="GPL-2.0-only"
homepage="http://ettercap.github.com/ettercap/"
distfiles="https://github.com/Ettercap/ettercap/archive/v${version}.tar.gz"
-checksum=f38514f35bea58bfe6ef1902bfd4761de0379942a9aa3e175fc9348f4eef2c81
+checksum=d0c3ef88dfc284b61d3d5b64d946c1160fd04276b448519c1ae4438a9cdffaf3
lib32disabled=yes
CFLAGS="-fcommon"
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PR PATCH] [Merged]: ettercap: update to 0.8.3.1
2020-11-03 22:09 [PR PATCH] ettercap: update to 0.8.3.1 ndowens
@ 2020-11-06 2:32 ` abenson
0 siblings, 0 replies; 2+ messages in thread
From: abenson @ 2020-11-06 2:32 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 161 bytes --]
There's a merged pull request on the void-packages repository
ettercap: update to 0.8.3.1
https://github.com/void-linux/void-packages/pull/26115
Description:
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-11-06 2:32 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-03 22:09 [PR PATCH] ettercap: update to 0.8.3.1 ndowens
2020-11-06 2:32 ` [PR PATCH] [Merged]: " abenson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).