Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Agostino Sarubbo <ago@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-analyzer/ettercap/files/, net-analyzer/ettercap/
Date: Fri, 01 Nov 2019 19:57:42
Message-Id: 1572638252.b03eb00c0d027efc945c09fdf73dca25477a7cf8.ago@gentoo
1 commit: b03eb00c0d027efc945c09fdf73dca25477a7cf8
2 Author: Agostino Sarubbo <ago <AT> gentoo <DOT> org>
3 AuthorDate: Fri Nov 1 19:57:32 2019 +0000
4 Commit: Agostino Sarubbo <ago <AT> gentoo <DOT> org>
5 CommitDate: Fri Nov 1 19:57:32 2019 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b03eb00c
7
8 net-analyzer/ettercap: remove old
9
10 Package-Manager: Portage-2.3.76, Repoman-2.3.16
11 Signed-off-by: Agostino Sarubbo <ago <AT> gentoo.org>
12
13 net-analyzer/ettercap/Manifest | 1 -
14 net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild | 73 ------
15 net-analyzer/ettercap/files/cve-2017-6430.patch | 68 ------
16 .../files/ettercap-0.8.2-openssl-1.1.patch | 254 ---------------------
17 4 files changed, 396 deletions(-)
18
19 diff --git a/net-analyzer/ettercap/Manifest b/net-analyzer/ettercap/Manifest
20 index dccca758f86..fb40201464a 100644
21 --- a/net-analyzer/ettercap/Manifest
22 +++ b/net-analyzer/ettercap/Manifest
23 @@ -1,2 +1 @@
24 -DIST ettercap-0.8.2.tar.gz 8082561 BLAKE2B 851df0a8700de45ce0e3427f7fdbdcd13feb2f75c0d1136563449db634b1f02276bade0d82a1a51bf8de726d6faddf05ff537e397c2e56cfc3e3181d25566fe9 SHA512 18137b1cc518c9db3c9650157a5cbf09dbb665b79876a24875d6c5125e8923ebde543464adb61cf1d1244101242f4d66b80d94ef3b36aa265cefca7646aa6415
25 DIST ettercap-0.8.3.tar.gz 8381943 BLAKE2B f49098d61f60877d3f979d7861f36dad6ec3fbfca7ed89d8f9826867145ea36daec65a1076c893f81391218688448515ef020a9cdf9a16ffddc830bacec8eb1c SHA512 1929c986d3a17ebc693ffe8531e01c66379c0ee6ea71305ea49b6a9eece84b6da1923135311db458bdb6035feb593e525786e6cf4c465ced5a7683384d4a4ae7
26
27 diff --git a/net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild b/net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild
28 deleted file mode 100644
29 index ae48afb1a7e..00000000000
30 --- a/net-analyzer/ettercap/ettercap-0.8.2-r2.ebuild
31 +++ /dev/null
32 @@ -1,73 +0,0 @@
33 -# Copyright 1999-2019 Gentoo Authors
34 -# Distributed under the terms of the GNU General Public License v2
35 -
36 -EAPI=6
37 -
38 -inherit cmake-utils
39 -
40 -DESCRIPTION="A suite for man in the middle attacks"
41 -HOMEPAGE="https://github.com/Ettercap/ettercap"
42 -
43 -LICENSE="GPL-2+"
44 -SLOT="0"
45 -
46 -if [[ ${PV} == "9999" ]] ; then
47 - inherit git-r3
48 - EGIT_REPO_URI="https://github.com/Ettercap/${PN}.git"
49 -else
50 - SRC_URI="https://github.com/Ettercap/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" #mirror does not work
51 - KEYWORDS="~alpha amd64 arm ppc ppc64 sparc x86"
52 -fi
53 -
54 -IUSE="doc gtk ipv6 libressl ncurses +plugins test"
55 -
56 -RDEPEND="dev-libs/libbsd
57 - dev-libs/libpcre
58 - !libressl? ( dev-libs/openssl:0= )
59 - libressl? ( dev-libs/libressl:0= )
60 - net-libs/libnet:1.1
61 - >=net-libs/libpcap-0.8.1
62 - sys-libs/zlib
63 - gtk? (
64 - >=dev-libs/atk-1.2.4
65 - >=dev-libs/glib-2.2.2:2
66 - media-libs/freetype
67 - x11-libs/cairo
68 - x11-libs/gdk-pixbuf:2
69 - >=x11-libs/gtk+-2.2.2:2
70 - >=x11-libs/pango-1.2.3
71 - )
72 - ncurses? ( >=sys-libs/ncurses-5.3:= )
73 - plugins? ( >=net-misc/curl-7.26.0 )"
74 -DEPEND="${RDEPEND}
75 - doc? ( app-text/ghostscript-gpl
76 - sys-apps/groff )
77 - test? ( dev-libs/check )
78 - sys-devel/flex
79 - virtual/yacc"
80 -PATCHES=(
81 - "${FILESDIR}"/cve-2017-6430.patch
82 - "${FILESDIR}"/${P}-openssl-1.1.patch
83 -)
84 -
85 -src_prepare() {
86 - sed -i "s:Release:Release Gentoo:" CMakeLists.txt || die
87 - cmake-utils_src_prepare
88 -}
89 -
90 -src_configure() {
91 - local mycmakeargs=(
92 - -DENABLE_CURSES="$(usex ncurses)"
93 - -DENABLE_GTK="$(usex gtk)"
94 - -DENABLE_PLUGINS="$(usex plugins)"
95 - -DENABLE_IPV6="$(usex ipv6)"
96 - -DENABLE_TESTS="$(usex test)"
97 - -DENABLE_PDF_DOCS="$(usex doc)"
98 - -DBUNDLED_LIBS=OFF
99 - -DSYSTEM_LIBS=ON
100 - -DINSTALL_SYSCONFDIR="${EROOT}"etc
101 - )
102 - #right now we only support gtk2, but ettercap also supports gtk3
103 - #do we care? do we want to support both?
104 - cmake-utils_src_configure
105 -}
106
107 diff --git a/net-analyzer/ettercap/files/cve-2017-6430.patch b/net-analyzer/ettercap/files/cve-2017-6430.patch
108 deleted file mode 100644
109 index 67483dcc024..00000000000
110 --- a/net-analyzer/ettercap/files/cve-2017-6430.patch
111 +++ /dev/null
112 @@ -1,68 +0,0 @@
113 -From 4ad7f85dc01202e363659aa473c99470b3f4e1f4 Mon Sep 17 00:00:00 2001
114 -From: Gianfranco Costamagna <costamagnagianfranco@×××××.it>
115 -Date: Tue, 7 Mar 2017 22:05:31 +0100
116 -Subject: [PATCH] Fix issue #782
117 -
118 ----
119 - utils/etterfilter/ef_compiler.c | 4 +++-
120 - utils/etterfilter/ef_main.c | 10 +++++++---
121 - utils/etterfilter/ef_output.c | 3 +++
122 - 3 files changed, 13 insertions(+), 4 deletions(-)
123 -
124 -diff --git a/utils/etterfilter/ef_compiler.c b/utils/etterfilter/ef_compiler.c
125 -index db876636e..ddb73bd30 100644
126 ---- a/utils/etterfilter/ef_compiler.c
127 -+++ b/utils/etterfilter/ef_compiler.c
128 -@@ -239,7 +239,9 @@ size_t compile_tree(struct filter_op **fop)
129 - struct filter_op *array = NULL;
130 - struct unfold_elm *ue;
131 -
132 -- BUG_IF(tree_root == NULL);
133 -+ // invalid file
134 -+ if (tree_root == NULL)
135 -+ return 0;
136 -
137 - fprintf(stdout, " Unfolding the meta-tree ");
138 - fflush(stdout);
139 -diff --git a/utils/etterfilter/ef_main.c b/utils/etterfilter/ef_main.c
140 -index ae4591344..431084b91 100644
141 ---- a/utils/etterfilter/ef_main.c
142 -+++ b/utils/etterfilter/ef_main.c
143 -@@ -39,7 +39,7 @@ struct globals *gbls;
144 -
145 - int main(int argc, char *argv[])
146 - {
147 --
148 -+ int ret_value = 0;
149 - globals_alloc();
150 - /* etterfilter copyright */
151 - fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n",
152 -@@ -84,8 +84,12 @@ int main(int argc, char *argv[])
153 - fprintf(stdout, "\n\nThe script contains errors...\n\n");
154 -
155 - /* write to file */
156 -- if (write_output() != E_SUCCESS)
157 -- FATAL_ERROR("Cannot write output file (%s)", GBL_OPTIONS->output_file);
158 -+ ret_value = write_output();
159 -+ if (ret_value == -E_NOTHANDLED)
160 -+ FATAL_ERROR("Cannot write output file (%s): the filter is not correctly handled.", GBL_OPTIONS->output_file);
161 -+ else if (ret_value == -E_INVALID)
162 -+ FATAL_ERROR("Cannot write output file (%s): the filter format is not correct. ", GBL_OPTIONS->output_file);
163 -+
164 - globals_free();
165 - return 0;
166 - }
167 -diff --git a/utils/etterfilter/ef_output.c b/utils/etterfilter/ef_output.c
168 -index 5ae591904..fcf19f010 100644
169 ---- a/utils/etterfilter/ef_output.c
170 -+++ b/utils/etterfilter/ef_output.c
171 -@@ -51,6 +51,9 @@ int write_output(void)
172 - if (fop == NULL)
173 - return -E_NOTHANDLED;
174 -
175 -+ if (ninst == 0)
176 -+ return -E_INVALID;
177 -+
178 - /* create the file */
179 - fd = open(GBL_OPTIONS->output_file, O_CREAT | O_RDWR | O_TRUNC | O_BINARY, 0644);
180 - ON_ERROR(fd, -1, "Can't create file %s", GBL_OPTIONS->output_file);
181
182 diff --git a/net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch b/net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch
183 deleted file mode 100644
184 index b7703d3ef5c..00000000000
185 --- a/net-analyzer/ettercap/files/ettercap-0.8.2-openssl-1.1.patch
186 +++ /dev/null
187 @@ -1,254 +0,0 @@
188 -From f0d63b27c82df2ad5f7ada6310727d841b43fbcc Mon Sep 17 00:00:00 2001
189 -From: Gianfranco Costamagna <costamagnagianfranco@×××××.it>
190 -Date: Mon, 27 Jun 2016 12:41:33 +0200
191 -Subject: [PATCH 1/2] First draft of openssl 1.1 compatibility layer (from
192 - https://github.com/curl/curl/commit/cfe16c22d7891a1f65ea8cd4c5352504a2afbddc)
193 - Closes: #739
194 -
195 ----
196 - src/dissectors/ec_ssh.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++-
197 - src/ec_sslwrap.c | 14 ++++++++
198 - 2 files changed, 106 insertions(+), 1 deletion(-)
199 -
200 -Index: ettercap-0.8.2/src/dissectors/ec_ssh.c
201 -===================================================================
202 ---- ettercap-0.8.2.orig/src/dissectors/ec_ssh.c
203 -+++ ettercap-0.8.2/src/dissectors/ec_ssh.c
204 -@@ -36,6 +36,10 @@
205 - #include <openssl/md5.h>
206 - #include <zlib.h>
207 -
208 -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
209 -+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
210 -+#endif
211 -+
212 - #define SMSG_PUBLIC_KEY 2
213 - #define CMSG_SESSION_KEY 3
214 - #define CMSG_USER 4
215 -@@ -138,6 +142,11 @@
216 - char tmp[MAX_ASCII_ADDR_LEN];
217 - u_int32 ssh_len, ssh_mod;
218 - u_char ssh_packet_type, *ptr, *key_to_put;
219 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
220 -+ BIGNUM *h_n, *s_n, *m_h_n, *m_s_n;
221 -+ BIGNUM *h_e, *s_e, *m_h_e, *m_s_e;
222 -+ BIGNUM *h_d, *s_d, *m_h_d, *m_s_d;
223 -+#endif
224 -
225 - /* don't complain about unused var */
226 - (void) DECODE_DATA;
227 -@@ -383,12 +392,25 @@
228 - if (session_data->ptrkey == NULL) {
229 - /* Initialize RSA key structures (other fileds are set to 0) */
230 - session_data->serverkey = RSA_new();
231 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
232 -+ s_n = BN_new();
233 -+ s_e = BN_new();
234 -+ RSA_set0_key(session_data->serverkey, s_n, s_e, s_d);
235 -+#else
236 - session_data->serverkey->n = BN_new();
237 - session_data->serverkey->e = BN_new();
238 -+#endif
239 -
240 - session_data->hostkey = RSA_new();
241 -+
242 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
243 -+ h_n = BN_new();
244 -+ h_e = BN_new();
245 -+ RSA_set0_key(session_data->hostkey, h_n, h_e, h_d);
246 -+#else
247 - session_data->hostkey->n = BN_new();
248 - session_data->hostkey->e = BN_new();
249 -+#endif
250 -
251 - /* Get the RSA Key from the packet */
252 - NS_GET32(server_mod,ptr);
253 -@@ -396,19 +418,37 @@
254 - DEBUG_MSG("Dissector_ssh Bougs Server_Mod");
255 - return NULL;
256 - }
257 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
258 -+ RSA_get0_key(session_data->serverkey, &s_n, &s_e, &s_d);
259 -+ get_bn(s_e, &ptr);
260 -+ get_bn(s_n, &ptr);
261 -+#else
262 - get_bn(session_data->serverkey->e, &ptr);
263 - get_bn(session_data->serverkey->n, &ptr);
264 -+#endif
265 -
266 - NS_GET32(host_mod,ptr);
267 - if (ptr + (host_mod/8) > PACKET->DATA.data + PACKET->DATA.len) {
268 - DEBUG_MSG("Dissector_ssh Bougs Host_Mod");
269 - return NULL;
270 - }
271 -+
272 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
273 -+ RSA_get0_key(session_data->hostkey, &h_n, &h_e, &h_d);
274 -+ get_bn(h_e, &ptr);
275 -+ get_bn(h_n, &ptr);
276 -+#else
277 - get_bn(session_data->hostkey->e, &ptr);
278 - get_bn(session_data->hostkey->n, &ptr);
279 -+#endif
280 -
281 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
282 -+ server_exp = BN_get_word(s_e);
283 -+ host_exp = BN_get_word(h_e);
284 -+#else
285 - server_exp = *(session_data->serverkey->e->d);
286 - host_exp = *(session_data->hostkey->e->d);
287 -+#endif
288 -
289 - /* Check if we already have a suitable RSA key to substitute */
290 - index_ssl = &ssh_conn_key;
291 -@@ -424,7 +464,7 @@
292 - SAFE_CALLOC(*index_ssl, 1, sizeof(ssh_my_key));
293 -
294 - /* Generate the new key */
295 -- (*index_ssl)->myserverkey = (RSA *)RSA_generate_key(server_mod, server_exp, NULL, NULL);
296 -+ (*index_ssl)->myserverkey = (RSA *)RSA_generate_key_ex(server_mod, server_exp, NULL, NULL);
297 - (*index_ssl)->myhostkey = (RSA *)RSA_generate_key(host_mod, host_exp, NULL, NULL);
298 - (*index_ssl)->server_mod = server_mod;
299 - (*index_ssl)->host_mod = host_mod;
300 -@@ -443,11 +483,25 @@
301 -
302 - /* Put our RSA key in the packet */
303 - key_to_put+=4;
304 -+
305 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
306 -+ RSA_get0_key(session_data->ptrkey->myserverkey, &m_s_n, &m_s_e, &m_s_d);
307 -+ put_bn(m_s_e, &key_to_put);
308 -+ put_bn(m_s_n, &key_to_put);
309 -+#else
310 - put_bn(session_data->ptrkey->myserverkey->e, &key_to_put);
311 - put_bn(session_data->ptrkey->myserverkey->n, &key_to_put);
312 -+#endif
313 - key_to_put+=4;
314 -+
315 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
316 -+ RSA_get0_key(session_data->ptrkey->myhostkey, &m_h_n, &m_h_e, &m_h_d);
317 -+ put_bn(m_h_e, &key_to_put);
318 -+ put_bn(m_h_n, &key_to_put);
319 -+#else
320 - put_bn(session_data->ptrkey->myhostkey->e, &key_to_put);
321 - put_bn(session_data->ptrkey->myhostkey->n, &key_to_put);
322 -+#endif
323 -
324 - /* Recalculate SSH crc */
325 - *(u_int32 *)(PACKET->DATA.data + PACKET->DATA.len - 4) = htonl(CRC_checksum(PACKET->DATA.data+4, PACKET->DATA.len-8, CRC_INIT_ZERO));
326 -@@ -482,19 +536,34 @@
327 - key_to_put = ptr;
328 -
329 - /* Calculate real session id and our fake session id */
330 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
331 -+ temp_session_id = ssh_session_id(cookie, h_n, s_n);
332 -+#else
333 - temp_session_id = ssh_session_id(cookie, session_data->hostkey->n, session_data->serverkey->n);
334 -+#endif
335 - if (temp_session_id)
336 - memcpy(session_id1, temp_session_id, 16);
337 -+
338 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
339 -+ temp_session_id=ssh_session_id(cookie, m_h_n, m_s_n);
340 -+#else
341 - temp_session_id=ssh_session_id(cookie, session_data->ptrkey->myhostkey->n, session_data->ptrkey->myserverkey->n);
342 -+#endif
343 -+
344 - if (temp_session_id)
345 - memcpy(session_id2, temp_session_id, 16);
346 -
347 - /* Get the session key */
348 - enckey = BN_new();
349 -+
350 - get_bn(enckey, &ptr);
351 -
352 - /* Decrypt session key */
353 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
354 -+ if (BN_cmp(m_s_n, m_h_n) > 0) {
355 -+#else
356 - if (BN_cmp(session_data->ptrkey->myserverkey->n, session_data->ptrkey->myhostkey->n) > 0) {
357 -+#endif
358 - rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myserverkey);
359 - rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myhostkey);
360 - } else {
361 -@@ -534,7 +603,11 @@
362 - BN_add_word(bn, sesskey[i]);
363 - }
364 -
365 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
366 -+ if (BN_cmp(s_n, h_n) < 0) {
367 -+#else
368 - if (BN_cmp(session_data->serverkey->n, session_data->hostkey->n) < 0) {
369 -+#endif
370 - rsa_public_encrypt(bn, bn, session_data->serverkey);
371 - rsa_public_encrypt(bn, bn, session_data->hostkey);
372 - } else {
373 -@@ -716,7 +789,16 @@
374 - u_char *inbuf, *outbuf;
375 - int32 len, ilen, olen;
376 -
377 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
378 -+ BIGNUM *n;
379 -+ BIGNUM *e;
380 -+ BIGNUM *d;
381 -+ RSA_get0_key(key, &n, &e, &d);
382 -+ olen = BN_num_bytes(n);
383 -+#else
384 - olen = BN_num_bytes(key->n);
385 -+#endif
386 -+
387 - outbuf = malloc(olen);
388 - if (outbuf == NULL) /* oops, couldn't allocate memory */
389 - return;
390 -@@ -744,7 +826,16 @@
391 - u_char *inbuf, *outbuf;
392 - int32 len, ilen, olen;
393 -
394 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
395 -+ BIGNUM *n;
396 -+ BIGNUM *e;
397 -+ BIGNUM *d;
398 -+ RSA_get0_key(key, &n, &e, &d);
399 -+ olen = BN_num_bytes(n);
400 -+#else
401 - olen = BN_num_bytes(key->n);
402 -+#endif
403 -+
404 - outbuf = malloc(olen);
405 - if (outbuf == NULL) /* oops, couldn't allocate memory */
406 - return;
407 -Index: ettercap-0.8.2/src/ec_sslwrap.c
408 -===================================================================
409 ---- ettercap-0.8.2.orig/src/ec_sslwrap.c
410 -+++ ettercap-0.8.2/src/ec_sslwrap.c
411 -@@ -53,6 +53,10 @@
412 - #define OPENSSL_NO_KRB5 1
413 - #include <openssl/ssl.h>
414 -
415 -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
416 -+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
417 -+#endif
418 -+
419 - #define BREAK_ON_ERROR(x,y,z) do { \
420 - if (x == -E_INVALID) { \
421 - SAFE_FREE(z.DATA.disp_data); \
422 -@@ -974,9 +978,19 @@
423 - index = X509_get_ext_by_NID(server_cert, NID_authority_key_identifier, -1);
424 - if (index >=0) {
425 - ext = X509_get_ext(server_cert, index);
426 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
427 -+ ASN1_OCTET_STRING* os;
428 -+ os = X509_EXTENSION_get_data (ext);
429 -+#endif
430 - if (ext) {
431 -+#ifdef HAVE_OPAQUE_RSA_DSA_DH
432 -+ os->data[7] = 0xe7;
433 -+ os->data[8] = 0x7e;
434 -+ X509_EXTENSION_set_data (ext, os);
435 -+#else
436 - ext->value->data[7] = 0xe7;
437 - ext->value->data[8] = 0x7e;
438 -+#endif
439 - X509_add_ext(out_cert, ext, -1);
440 - }
441 - }
Report Message
Find on MARC Find on Google Groups