aboutsummaryrefslogtreecommitdiff
path: root/net-mgmt/ettercap
diff options
context:
space:
mode:
authorSunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>2015-02-21 15:11:27 +0000
committerSunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>2015-02-21 15:11:27 +0000
commitd22b800e052206ff598b17a73cfb17e4e9b30ef1 (patch)
treee18c23038a21de0768cd66d252601b84769080e0 /net-mgmt/ettercap
parent85fd3a38314914767b84779ea59184e9f40ca4a9 (diff)
downloadports-d22b800e052206ff598b17a73cfb17e4e9b30ef1.tar.gz
ports-d22b800e052206ff598b17a73cfb17e4e9b30ef1.zip
- Import upstream patches:
- Fix when determine MTU on BSD system [1] - Reset logfile ownership upon dropping privileges [2] - Bump PORTREVISION for package change PR: 197509 [2] Submitted by: Rafal Grzeszczuk <rafi.root@gmail.com> [2] Obtained from: https://github.com/Ettercap/ettercap/commit/00f864d7dd2d82b640064db81aad065794b9b11b [1] https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863 [2]
Notes
Notes: svn path=/head/; revision=379520
Diffstat (limited to 'net-mgmt/ettercap')
-rw-r--r--net-mgmt/ettercap/Makefile1
-rw-r--r--net-mgmt/ettercap/files/patch-include-ec_log.h21
-rw-r--r--net-mgmt/ettercap/files/patch-src-ec_log.c143
-rw-r--r--net-mgmt/ettercap/files/patch-src-ec_utils.c28
-rw-r--r--net-mgmt/ettercap/files/patch-src-os-ec_bsd.c13
5 files changed, 206 insertions, 0 deletions
diff --git a/net-mgmt/ettercap/Makefile b/net-mgmt/ettercap/Makefile
index d047ff810f21..b081c11a9e34 100644
--- a/net-mgmt/ettercap/Makefile
+++ b/net-mgmt/ettercap/Makefile
@@ -3,6 +3,7 @@
PORTNAME= ettercap
PORTVERSION= 0.8.1
+PORTREVISION= 1
PORTEPOCH= 1
CATEGORIES= net-mgmt security
diff --git a/net-mgmt/ettercap/files/patch-include-ec_log.h b/net-mgmt/ettercap/files/patch-include-ec_log.h
new file mode 100644
index 000000000000..df78ce1bfbdc
--- /dev/null
+++ b/net-mgmt/ettercap/files/patch-include-ec_log.h
@@ -0,0 +1,21 @@
+Obtained from: https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863
+
+--- include/ec_log.h.orig 2014-10-17 01:29:44.000000000 +0800
++++ include/ec_log.h 2015-02-21 19:58:20.730805519 +0800
+@@ -8,6 +8,7 @@
+
+ #include <zlib.h>
+ #include <sys/time.h>
++#include <unistd.h>
+
+
+ struct log_fd {
+@@ -126,6 +127,8 @@
+ #define LOG_TRUE 1
+ #define LOG_FALSE 0
+
++EC_API_EXTERN void reset_logfile_owners(uid_t old_uid, gid_t old_gid, uid_t new_uid, gid_t new_gid);
++
+ EC_API_EXTERN int log_open(struct log_fd *fd, char *filename);
+ EC_API_EXTERN void log_close(struct log_fd *fd);
+ EC_API_EXTERN void log_stop(void);
diff --git a/net-mgmt/ettercap/files/patch-src-ec_log.c b/net-mgmt/ettercap/files/patch-src-ec_log.c
new file mode 100644
index 000000000000..83078a7beff5
--- /dev/null
+++ b/net-mgmt/ettercap/files/patch-src-ec_log.c
@@ -0,0 +1,143 @@
+Obtained from: https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863
+
+--- src/ec_log.c.orig 2014-10-17 01:29:44.000000000 +0800
++++ src/ec_log.c 2015-02-21 19:58:20.733803628 +0800
+@@ -37,8 +37,11 @@
+
+ /* globals */
+
+-static struct log_fd fdp;
+-static struct log_fd fdi;
++/* zero is formally a valid value for an opened file descriptor
++ * so we need a custom initializer
++ */
++static struct log_fd fdp = {0, NULL, -1};
++static struct log_fd fdi = {0, NULL, -1};
+
+ /* protos */
+
+@@ -79,7 +82,7 @@
+ /* all the host type will be unknown, warn the user */
+ if (GBL_OPTIONS->read) {
+ USER_MSG("*********************************************************\n");
+- USER_MSG("WARNING: while reading form file we cannot determine \n");
++ USER_MSG("WARNING: while reading form file we cannot determine \n");
+ USER_MSG("if an host is local or not because the ip address of \n");
+ USER_MSG("the NIC may have been changed from the time of the dump. \n");
+ USER_MSG("*********************************************************\n\n");
+@@ -168,23 +171,30 @@
+
+ /*
+ * open a file in the appropriate log_fd struct
++ *
++ * whether or not the log is compressed
++ * fd->fd becomes to always be a file descriptor of the opened file
++ * and fd->cfd is a non-NULL gzip stream descriptor when the log is to be compressed
++ *
++ * TODO: it is likely that we dont need 'type' field in 'log_fd' struct
++ * to mark a compressed log; non-NULL 'cfd' field becomes such a flag
+ */
+ int log_open(struct log_fd *fd, char *filename)
+ {
+- int zerr;
+
+- if (fd->type == LOG_COMPRESSED) {
+- fd->cfd = gzopen(filename, "wb9");
+- if (fd->cfd == NULL)
+- SEMIFATAL_ERROR("%s", gzerror(fd->cfd, &zerr));
+- } else {
+- fd->fd = open(filename, O_CREAT | O_TRUNC | O_RDWR | O_BINARY, S_IRUSR | S_IWUSR);
+- if (fd->fd == -1)
+- SEMIFATAL_ERROR("Can't create %s: %s", filename, strerror(errno));
+- }
+-
+- /* set the permissions */
+- chmod(filename, 0600);
++ fd->fd = open(filename, O_CREAT|O_TRUNC|O_RDWR|O_BINARY, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH);
++ if (fd->fd == -1)
++ SEMIFATAL_ERROR("Can't create %s: %s", filename, strerror(errno));
++ else
++ {
++ if (GBL_OPTIONS->compress)
++ {
++ int zerr;
++ fd->cfd = gzdopen(fd->fd, "wb9");
++ if (fd->cfd == NULL)
++ SEMIFATAL_ERROR("%s", gzerror(fd->cfd, &zerr));
++ };
++ };
+
+ return E_SUCCESS;
+ }
+@@ -195,14 +205,66 @@
+ void log_close(struct log_fd *fd)
+ {
+ DEBUG_MSG("log_close: type: %d [%p][%d]", fd->type, fd->cfd, fd->fd);
+-
+- if (fd->type == LOG_COMPRESSED && fd->cfd) {
++
++ if (fd->cfd)
++ {
++ /* gzclose() on the gzip stream descriptor (fd->cfd)
++ * will also close the file descriptor (fd->fd)
++ */
+ gzclose(fd->cfd);
+ fd->cfd = NULL;
+- } else if (fd->type == LOG_UNCOMPRESSED && fd->fd) {
++ fd->fd = -1; /* to prevent double closing the file descriptor */
++ };
++
++ if (fd->fd >= 0)
++ {
+ close(fd->fd);
+- fd->fd = 0;
+- }
++ fd->fd = -1;
++ };
++}
++
++/*
++ * set the owner:group of the packet and info logfiles to new_uid:new_gid
++ * if the current owners are old_uid:old_gid respectively
++ *
++ * prefer this way to unconditionally setting the new ownership as far as
++ * the file may be intentionally located in the set-group-ID directory
++ */
++void reset_logfile_owners(uid_t old_uid, gid_t old_gid, uid_t new_uid, gid_t new_gid)
++{
++ struct stat f;
++ uid_t uid;
++ gid_t gid;
++
++ /* packet logfile */
++ if (fdp.fd >= 0)
++ {
++ DEBUG_MSG("reset_logfile_owners: packet log file");
++ if (fstat(fdp.fd, &f) == 0)
++ {
++ uid = (f.st_uid == old_uid) ? new_uid : (uid_t)-1;
++ gid = (f.st_gid == old_gid) ? new_gid : (gid_t)-1;
++ if ( fchown(fdp.fd, uid, gid) != 0 )
++ ERROR_MSG("fchown()");
++ }
++ else
++ ERROR_MSG("fstat()");
++ };
++
++ /* info logfile */
++ if (fdi.fd >= 0)
++ {
++ DEBUG_MSG("reset_logfile_owners: info log file");
++ if (fstat(fdi.fd, &f) == 0)
++ {
++ uid = (f.st_uid == old_uid) ? new_uid : (uid_t)-1;
++ gid = (f.st_gid == old_gid) ? new_gid : (gid_t)-1;
++ if ( fchown(fdi.fd, uid, gid) != 0 )
++ ERROR_MSG("fchown()");
++ }
++ else
++ ERROR_MSG("fstat()");
++ };
+ }
+
+ /*
diff --git a/net-mgmt/ettercap/files/patch-src-ec_utils.c b/net-mgmt/ettercap/files/patch-src-ec_utils.c
new file mode 100644
index 000000000000..9f11daed75dd
--- /dev/null
+++ b/net-mgmt/ettercap/files/patch-src-ec_utils.c
@@ -0,0 +1,28 @@
+Obtained from: https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863
+
+--- src/ec_utils.c.orig 2014-10-17 01:29:44.000000000 +0800
++++ src/ec_utils.c 2015-02-21 19:58:20.735805931 +0800
+@@ -225,17 +225,19 @@
+ else
+ gid = GBL_CONF->ec_gid;
+
+- DEBUG_MSG("drop_privs: setuid(%d) setgid(%d)", uid, gid);
++ reset_logfile_owners(geteuid(), getegid(), uid, gid);
++
++ DEBUG_MSG("drop_privs: seteuid(%d) setegid(%d)", uid, gid);
+
+ /* drop to a good uid/gid ;) */
+- if ( setgid(gid) < 0 )
+- ERROR_MSG("setgid()");
++ if ( setegid(gid) < 0 )
++ ERROR_MSG("setegid()");
+
+ if ( seteuid(uid) < 0 )
+ ERROR_MSG("seteuid()");
+
+ DEBUG_MSG("privs: UID: %d %d GID: %d %d", (int)getuid(), (int)geteuid(), (int)getgid(), (int)getegid() );
+- USER_MSG("Privileges dropped to UID %d GID %d...\n\n", (int)getuid(), (int)getgid() );
++ USER_MSG("Privileges dropped to EUID %d EGID %d...\n\n", (int)geteuid(), (int)getegid() );
+ }
+
+ /* base64 stuff */
diff --git a/net-mgmt/ettercap/files/patch-src-os-ec_bsd.c b/net-mgmt/ettercap/files/patch-src-os-ec_bsd.c
new file mode 100644
index 000000000000..6f551f2eacc8
--- /dev/null
+++ b/net-mgmt/ettercap/files/patch-src-os-ec_bsd.c
@@ -0,0 +1,13 @@
+Obtained from: https://github.com/Ettercap/ettercap/commit/00f864d7dd2d82b640064db81aad065794b9b11b
+
+--- src/os/ec_bsd.c.orig 2014-10-17 01:29:44.000000000 +0800
++++ src/os/ec_bsd.c 2015-02-21 19:58:20.738805431 +0800
+@@ -136,7 +136,7 @@
+
+ /* open the socket to work on */
+ sock = socket(PF_INET, SOCK_DGRAM, 0);
+- if (sock = -1)
++ if (sock == -1)
+ FATAL_ERROR("Unable to open socket on interface for MTU query\n");
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name));