diff options
author | Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> | 2015-02-21 15:11:27 +0000 |
---|---|---|
committer | Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> | 2015-02-21 15:11:27 +0000 |
commit | d22b800e052206ff598b17a73cfb17e4e9b30ef1 (patch) | |
tree | e18c23038a21de0768cd66d252601b84769080e0 /net-mgmt/ettercap | |
parent | 85fd3a38314914767b84779ea59184e9f40ca4a9 (diff) | |
download | ports-d22b800e052206ff598b17a73cfb17e4e9b30ef1.tar.gz ports-d22b800e052206ff598b17a73cfb17e4e9b30ef1.zip |
- Import upstream patches:
- Fix when determine MTU on BSD system [1]
- Reset logfile ownership upon dropping privileges [2]
- Bump PORTREVISION for package change
PR: 197509 [2]
Submitted by: Rafal Grzeszczuk <rafi.root@gmail.com> [2]
Obtained from: https://github.com/Ettercap/ettercap/commit/00f864d7dd2d82b640064db81aad065794b9b11b [1]
https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863 [2]
Notes
Notes:
svn path=/head/; revision=379520
Diffstat (limited to 'net-mgmt/ettercap')
-rw-r--r-- | net-mgmt/ettercap/Makefile | 1 | ||||
-rw-r--r-- | net-mgmt/ettercap/files/patch-include-ec_log.h | 21 | ||||
-rw-r--r-- | net-mgmt/ettercap/files/patch-src-ec_log.c | 143 | ||||
-rw-r--r-- | net-mgmt/ettercap/files/patch-src-ec_utils.c | 28 | ||||
-rw-r--r-- | net-mgmt/ettercap/files/patch-src-os-ec_bsd.c | 13 |
5 files changed, 206 insertions, 0 deletions
diff --git a/net-mgmt/ettercap/Makefile b/net-mgmt/ettercap/Makefile index d047ff810f21..b081c11a9e34 100644 --- a/net-mgmt/ettercap/Makefile +++ b/net-mgmt/ettercap/Makefile @@ -3,6 +3,7 @@ PORTNAME= ettercap PORTVERSION= 0.8.1 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= net-mgmt security diff --git a/net-mgmt/ettercap/files/patch-include-ec_log.h b/net-mgmt/ettercap/files/patch-include-ec_log.h new file mode 100644 index 000000000000..df78ce1bfbdc --- /dev/null +++ b/net-mgmt/ettercap/files/patch-include-ec_log.h @@ -0,0 +1,21 @@ +Obtained from: https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863 + +--- include/ec_log.h.orig 2014-10-17 01:29:44.000000000 +0800 ++++ include/ec_log.h 2015-02-21 19:58:20.730805519 +0800 +@@ -8,6 +8,7 @@ + + #include <zlib.h> + #include <sys/time.h> ++#include <unistd.h> + + + struct log_fd { +@@ -126,6 +127,8 @@ + #define LOG_TRUE 1 + #define LOG_FALSE 0 + ++EC_API_EXTERN void reset_logfile_owners(uid_t old_uid, gid_t old_gid, uid_t new_uid, gid_t new_gid); ++ + EC_API_EXTERN int log_open(struct log_fd *fd, char *filename); + EC_API_EXTERN void log_close(struct log_fd *fd); + EC_API_EXTERN void log_stop(void); diff --git a/net-mgmt/ettercap/files/patch-src-ec_log.c b/net-mgmt/ettercap/files/patch-src-ec_log.c new file mode 100644 index 000000000000..83078a7beff5 --- /dev/null +++ b/net-mgmt/ettercap/files/patch-src-ec_log.c @@ -0,0 +1,143 @@ +Obtained from: https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863 + +--- src/ec_log.c.orig 2014-10-17 01:29:44.000000000 +0800 ++++ src/ec_log.c 2015-02-21 19:58:20.733803628 +0800 +@@ -37,8 +37,11 @@ + + /* globals */ + +-static struct log_fd fdp; +-static struct log_fd fdi; ++/* zero is formally a valid value for an opened file descriptor ++ * so we need a custom initializer ++ */ ++static struct log_fd fdp = {0, NULL, -1}; ++static struct log_fd fdi = {0, NULL, -1}; + + /* protos */ + +@@ -79,7 +82,7 @@ + /* all the host type will be unknown, warn the user */ + if (GBL_OPTIONS->read) { + USER_MSG("*********************************************************\n"); +- USER_MSG("WARNING: while reading form file we cannot determine \n"); ++ USER_MSG("WARNING: while reading form file we cannot determine \n"); + USER_MSG("if an host is local or not because the ip address of \n"); + USER_MSG("the NIC may have been changed from the time of the dump. \n"); + USER_MSG("*********************************************************\n\n"); +@@ -168,23 +171,30 @@ + + /* + * open a file in the appropriate log_fd struct ++ * ++ * whether or not the log is compressed ++ * fd->fd becomes to always be a file descriptor of the opened file ++ * and fd->cfd is a non-NULL gzip stream descriptor when the log is to be compressed ++ * ++ * TODO: it is likely that we dont need 'type' field in 'log_fd' struct ++ * to mark a compressed log; non-NULL 'cfd' field becomes such a flag + */ + int log_open(struct log_fd *fd, char *filename) + { +- int zerr; + +- if (fd->type == LOG_COMPRESSED) { +- fd->cfd = gzopen(filename, "wb9"); +- if (fd->cfd == NULL) +- SEMIFATAL_ERROR("%s", gzerror(fd->cfd, &zerr)); +- } else { +- fd->fd = open(filename, O_CREAT | O_TRUNC | O_RDWR | O_BINARY, S_IRUSR | S_IWUSR); +- if (fd->fd == -1) +- SEMIFATAL_ERROR("Can't create %s: %s", filename, strerror(errno)); +- } +- +- /* set the permissions */ +- chmod(filename, 0600); ++ fd->fd = open(filename, O_CREAT|O_TRUNC|O_RDWR|O_BINARY, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH); ++ if (fd->fd == -1) ++ SEMIFATAL_ERROR("Can't create %s: %s", filename, strerror(errno)); ++ else ++ { ++ if (GBL_OPTIONS->compress) ++ { ++ int zerr; ++ fd->cfd = gzdopen(fd->fd, "wb9"); ++ if (fd->cfd == NULL) ++ SEMIFATAL_ERROR("%s", gzerror(fd->cfd, &zerr)); ++ }; ++ }; + + return E_SUCCESS; + } +@@ -195,14 +205,66 @@ + void log_close(struct log_fd *fd) + { + DEBUG_MSG("log_close: type: %d [%p][%d]", fd->type, fd->cfd, fd->fd); +- +- if (fd->type == LOG_COMPRESSED && fd->cfd) { ++ ++ if (fd->cfd) ++ { ++ /* gzclose() on the gzip stream descriptor (fd->cfd) ++ * will also close the file descriptor (fd->fd) ++ */ + gzclose(fd->cfd); + fd->cfd = NULL; +- } else if (fd->type == LOG_UNCOMPRESSED && fd->fd) { ++ fd->fd = -1; /* to prevent double closing the file descriptor */ ++ }; ++ ++ if (fd->fd >= 0) ++ { + close(fd->fd); +- fd->fd = 0; +- } ++ fd->fd = -1; ++ }; ++} ++ ++/* ++ * set the owner:group of the packet and info logfiles to new_uid:new_gid ++ * if the current owners are old_uid:old_gid respectively ++ * ++ * prefer this way to unconditionally setting the new ownership as far as ++ * the file may be intentionally located in the set-group-ID directory ++ */ ++void reset_logfile_owners(uid_t old_uid, gid_t old_gid, uid_t new_uid, gid_t new_gid) ++{ ++ struct stat f; ++ uid_t uid; ++ gid_t gid; ++ ++ /* packet logfile */ ++ if (fdp.fd >= 0) ++ { ++ DEBUG_MSG("reset_logfile_owners: packet log file"); ++ if (fstat(fdp.fd, &f) == 0) ++ { ++ uid = (f.st_uid == old_uid) ? new_uid : (uid_t)-1; ++ gid = (f.st_gid == old_gid) ? new_gid : (gid_t)-1; ++ if ( fchown(fdp.fd, uid, gid) != 0 ) ++ ERROR_MSG("fchown()"); ++ } ++ else ++ ERROR_MSG("fstat()"); ++ }; ++ ++ /* info logfile */ ++ if (fdi.fd >= 0) ++ { ++ DEBUG_MSG("reset_logfile_owners: info log file"); ++ if (fstat(fdi.fd, &f) == 0) ++ { ++ uid = (f.st_uid == old_uid) ? new_uid : (uid_t)-1; ++ gid = (f.st_gid == old_gid) ? new_gid : (gid_t)-1; ++ if ( fchown(fdi.fd, uid, gid) != 0 ) ++ ERROR_MSG("fchown()"); ++ } ++ else ++ ERROR_MSG("fstat()"); ++ }; + } + + /* diff --git a/net-mgmt/ettercap/files/patch-src-ec_utils.c b/net-mgmt/ettercap/files/patch-src-ec_utils.c new file mode 100644 index 000000000000..9f11daed75dd --- /dev/null +++ b/net-mgmt/ettercap/files/patch-src-ec_utils.c @@ -0,0 +1,28 @@ +Obtained from: https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863 + +--- src/ec_utils.c.orig 2014-10-17 01:29:44.000000000 +0800 ++++ src/ec_utils.c 2015-02-21 19:58:20.735805931 +0800 +@@ -225,17 +225,19 @@ + else + gid = GBL_CONF->ec_gid; + +- DEBUG_MSG("drop_privs: setuid(%d) setgid(%d)", uid, gid); ++ reset_logfile_owners(geteuid(), getegid(), uid, gid); ++ ++ DEBUG_MSG("drop_privs: seteuid(%d) setegid(%d)", uid, gid); + + /* drop to a good uid/gid ;) */ +- if ( setgid(gid) < 0 ) +- ERROR_MSG("setgid()"); ++ if ( setegid(gid) < 0 ) ++ ERROR_MSG("setegid()"); + + if ( seteuid(uid) < 0 ) + ERROR_MSG("seteuid()"); + + DEBUG_MSG("privs: UID: %d %d GID: %d %d", (int)getuid(), (int)geteuid(), (int)getgid(), (int)getegid() ); +- USER_MSG("Privileges dropped to UID %d GID %d...\n\n", (int)getuid(), (int)getgid() ); ++ USER_MSG("Privileges dropped to EUID %d EGID %d...\n\n", (int)geteuid(), (int)getegid() ); + } + + /* base64 stuff */ diff --git a/net-mgmt/ettercap/files/patch-src-os-ec_bsd.c b/net-mgmt/ettercap/files/patch-src-os-ec_bsd.c new file mode 100644 index 000000000000..6f551f2eacc8 --- /dev/null +++ b/net-mgmt/ettercap/files/patch-src-os-ec_bsd.c @@ -0,0 +1,13 @@ +Obtained from: https://github.com/Ettercap/ettercap/commit/00f864d7dd2d82b640064db81aad065794b9b11b + +--- src/os/ec_bsd.c.orig 2014-10-17 01:29:44.000000000 +0800 ++++ src/os/ec_bsd.c 2015-02-21 19:58:20.738805431 +0800 +@@ -136,7 +136,7 @@ + + /* open the socket to work on */ + sock = socket(PF_INET, SOCK_DGRAM, 0); +- if (sock = -1) ++ if (sock == -1) + FATAL_ERROR("Unable to open socket on interface for MTU query\n"); + memset(&ifr, 0, sizeof(ifr)); + strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name)); |