Date: Saturday, April 25, 2020 @ 10:59:11 Author: anthraxx Revision: 620637
upgpkg: ettercap 0.8.3-2: cleanup, cppflags, docs Added: ettercap/trunk/cmake-harfbuzz.patch Modified: ettercap/trunk/PKGBUILD Deleted: ettercap/trunk/0001-First-draft-of-openssl-1.1-compatibility-layer-from-.patch ettercap/trunk/CVE-2017-6430.patch ettercap/trunk/CVE-2017-8366.patch ettercap/trunk/build.patch -----------------------------------------------------------------+ 0001-First-draft-of-openssl-1.1-compatibility-layer-from-.patch | 257 --------- CVE-2017-6430.patch | 68 -- CVE-2017-8366.patch | 258 ---------- PKGBUILD | 91 ++- build.patch | 13 cmake-harfbuzz.patch | 13 6 files changed, 69 insertions(+), 631 deletions(-) Deleted: 0001-First-draft-of-openssl-1.1-compatibility-layer-from-.patch =================================================================== --- 0001-First-draft-of-openssl-1.1-compatibility-layer-from-.patch 2020-04-25 10:58:10 UTC (rev 620636) +++ 0001-First-draft-of-openssl-1.1-compatibility-layer-from-.patch 2020-04-25 10:59:11 UTC (rev 620637) @@ -1,257 +0,0 @@ -From f0d63b27c82df2ad5f7ada6310727d841b43fbcc Mon Sep 17 00:00:00 2001 -From: Gianfranco Costamagna <costamagnagianfra...@yahoo.it> -Date: Mon, 27 Jun 2016 12:41:33 +0200 -Subject: [PATCH] First draft of openssl 1.1 compatibility layer (from - https://github.com/curl/curl/commit/cfe16c22d7891a1f65ea8cd4c5352504a2afbddc) - Closes: #739 - ---- - src/dissectors/ec_ssh.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++- - src/ec_sslwrap.c | 14 ++++++++ - 2 files changed, 106 insertions(+), 1 deletion(-) - -diff --git a/src/dissectors/ec_ssh.c b/src/dissectors/ec_ssh.c -index f89200dc..26c86491 100644 ---- a/src/dissectors/ec_ssh.c -+++ b/src/dissectors/ec_ssh.c -@@ -36,6 +36,10 @@ - #include <openssl/md5.h> - #include <zlib.h> - -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ -+#endif -+ - #define SMSG_PUBLIC_KEY 2 - #define CMSG_SESSION_KEY 3 - #define CMSG_USER 4 -@@ -138,6 +142,11 @@ FUNC_DECODER(dissector_ssh) - char tmp[MAX_ASCII_ADDR_LEN]; - u_int32 ssh_len, ssh_mod; - u_char ssh_packet_type, *ptr, *key_to_put; -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ BIGNUM *h_n, *s_n, *m_h_n, *m_s_n; -+ BIGNUM *h_e, *s_e, *m_h_e, *m_s_e; -+ BIGNUM *h_d, *s_d, *m_h_d, *m_s_d; -+#endif - - /* don't complain about unused var */ - (void) DECODE_DATA; -@@ -383,12 +392,25 @@ FUNC_DECODER(dissector_ssh) - if (session_data->ptrkey == NULL) { - /* Initialize RSA key structures (other fileds are set to 0) */ - session_data->serverkey = RSA_new(); -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ s_n = BN_new(); -+ s_e = BN_new(); -+ RSA_set0_key(session_data->serverkey, s_n, s_e, s_d); -+#else - session_data->serverkey->n = BN_new(); - session_data->serverkey->e = BN_new(); -+#endif - - session_data->hostkey = RSA_new(); -+ -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ h_n = BN_new(); -+ h_e = BN_new(); -+ RSA_set0_key(session_data->hostkey, h_n, h_e, h_d); -+#else - session_data->hostkey->n = BN_new(); - session_data->hostkey->e = BN_new(); -+#endif - - /* Get the RSA Key from the packet */ - NS_GET32(server_mod,ptr); -@@ -396,19 +418,37 @@ FUNC_DECODER(dissector_ssh) - DEBUG_MSG("Dissector_ssh Bougs Server_Mod"); - return NULL; - } -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ RSA_get0_key(session_data->serverkey, &s_n, &s_e, &s_d); -+ get_bn(s_e, &ptr); -+ get_bn(s_n, &ptr); -+#else - get_bn(session_data->serverkey->e, &ptr); - get_bn(session_data->serverkey->n, &ptr); -+#endif - - NS_GET32(host_mod,ptr); - if (ptr + (host_mod/8) > PACKET->DATA.data + PACKET->DATA.len) { - DEBUG_MSG("Dissector_ssh Bougs Host_Mod"); - return NULL; - } -+ -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ RSA_get0_key(session_data->hostkey, &h_n, &h_e, &h_d); -+ get_bn(h_e, &ptr); -+ get_bn(h_n, &ptr); -+#else - get_bn(session_data->hostkey->e, &ptr); - get_bn(session_data->hostkey->n, &ptr); -+#endif - -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ server_exp = BN_get_word(s_e); -+ host_exp = BN_get_word(h_e); -+#else - server_exp = *(session_data->serverkey->e->d); - host_exp = *(session_data->hostkey->e->d); -+#endif - - /* Check if we already have a suitable RSA key to substitute */ - index_ssl = &ssh_conn_key; -@@ -424,7 +464,7 @@ FUNC_DECODER(dissector_ssh) - SAFE_CALLOC(*index_ssl, 1, sizeof(ssh_my_key)); - - /* Generate the new key */ -- (*index_ssl)->myserverkey = (RSA *)RSA_generate_key(server_mod, server_exp, NULL, NULL); -+ (*index_ssl)->myserverkey = (RSA *)RSA_generate_key_ex(server_mod, server_exp, NULL, NULL); - (*index_ssl)->myhostkey = (RSA *)RSA_generate_key(host_mod, host_exp, NULL, NULL); - (*index_ssl)->server_mod = server_mod; - (*index_ssl)->host_mod = host_mod; -@@ -443,11 +483,25 @@ FUNC_DECODER(dissector_ssh) - - /* Put our RSA key in the packet */ - key_to_put+=4; -+ -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ RSA_get0_key(session_data->ptrkey->myserverkey, &m_s_n, &m_s_e, &m_s_d); -+ put_bn(m_s_e, &key_to_put); -+ put_bn(m_s_n, &key_to_put); -+#else - put_bn(session_data->ptrkey->myserverkey->e, &key_to_put); - put_bn(session_data->ptrkey->myserverkey->n, &key_to_put); -+#endif - key_to_put+=4; -+ -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ RSA_get0_key(session_data->ptrkey->myhostkey, &m_h_n, &m_h_e, &m_h_d); -+ put_bn(m_h_e, &key_to_put); -+ put_bn(m_h_n, &key_to_put); -+#else - put_bn(session_data->ptrkey->myhostkey->e, &key_to_put); - put_bn(session_data->ptrkey->myhostkey->n, &key_to_put); -+#endif - - /* Recalculate SSH crc */ - *(u_int32 *)(PACKET->DATA.data + PACKET->DATA.len - 4) = htonl(CRC_checksum(PACKET->DATA.data+4, PACKET->DATA.len-8, CRC_INIT_ZERO)); -@@ -482,19 +536,34 @@ FUNC_DECODER(dissector_ssh) - key_to_put = ptr; - - /* Calculate real session id and our fake session id */ -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ temp_session_id = ssh_session_id(cookie, h_n, s_n); -+#else - temp_session_id = ssh_session_id(cookie, session_data->hostkey->n, session_data->serverkey->n); -+#endif - if (temp_session_id) - memcpy(session_id1, temp_session_id, 16); -+ -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ temp_session_id=ssh_session_id(cookie, m_h_n, m_s_n); -+#else - temp_session_id=ssh_session_id(cookie, session_data->ptrkey->myhostkey->n, session_data->ptrkey->myserverkey->n); -+#endif -+ - if (temp_session_id) - memcpy(session_id2, temp_session_id, 16); - - /* Get the session key */ - enckey = BN_new(); -+ - get_bn(enckey, &ptr); - - /* Decrypt session key */ -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ if (BN_cmp(m_s_n, m_h_n) > 0) { -+#else - if (BN_cmp(session_data->ptrkey->myserverkey->n, session_data->ptrkey->myhostkey->n) > 0) { -+#endif - rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myserverkey); - rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myhostkey); - } else { -@@ -534,7 +603,11 @@ FUNC_DECODER(dissector_ssh) - BN_add_word(bn, sesskey[i]); - } - -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ if (BN_cmp(s_n, h_n) < 0) { -+#else - if (BN_cmp(session_data->serverkey->n, session_data->hostkey->n) < 0) { -+#endif - rsa_public_encrypt(bn, bn, session_data->serverkey); - rsa_public_encrypt(bn, bn, session_data->hostkey); - } else { -@@ -716,7 +789,16 @@ static void rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) - u_char *inbuf, *outbuf; - int32 len, ilen, olen; - -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ BIGNUM *n; -+ BIGNUM *e; -+ BIGNUM *d; -+ RSA_get0_key(key, &n, &e, &d); -+ olen = BN_num_bytes(n); -+#else - olen = BN_num_bytes(key->n); -+#endif -+ - outbuf = malloc(olen); - if (outbuf == NULL) /* oops, couldn't allocate memory */ - return; -@@ -744,7 +826,16 @@ static void rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) - u_char *inbuf, *outbuf; - int32 len, ilen, olen; - -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ BIGNUM *n; -+ BIGNUM *e; -+ BIGNUM *d; -+ RSA_get0_key(key, &n, &e, &d); -+ olen = BN_num_bytes(n); -+#else - olen = BN_num_bytes(key->n); -+#endif -+ - outbuf = malloc(olen); - if (outbuf == NULL) /* oops, couldn't allocate memory */ - return; -diff --git a/src/ec_sslwrap.c b/src/ec_sslwrap.c -index c6c74421..6369d251 100644 ---- a/src/ec_sslwrap.c -+++ b/src/ec_sslwrap.c -@@ -56,6 +56,10 @@ - #define OPENSSL_NO_KRB5 1 - #include <openssl/ssl.h> - -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ -+#endif -+ - #define BREAK_ON_ERROR(x,y,z) do { \ - if (x == -E_INVALID) { \ - SAFE_FREE(z.DATA.disp_data); \ -@@ -1102,9 +1106,19 @@ static X509 *sslw_create_selfsigned(X509 *server_cert) - index = X509_get_ext_by_NID(server_cert, NID_authority_key_identifier, -1); - if (index >=0) { - ext = X509_get_ext(server_cert, index); -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ ASN1_OCTET_STRING* data; -+ data = X509_EXTENSION_get_data (ext); -+#endif - if (ext) { -+#ifdef HAVE_OPAQUE_RSA_DSA_DH -+ data->data[7] = 0xe7; -+ data->data[8] = 0x7e; -+ X509_EXTENSION_set_data (ext, data); -+#else - ext->value->data[7] = 0xe7; - ext->value->data[8] = 0x7e; -+#endif - X509_add_ext(out_cert, ext, -1); - } - } --- -2.11.1 - Deleted: CVE-2017-6430.patch =================================================================== --- CVE-2017-6430.patch 2020-04-25 10:58:10 UTC (rev 620636) +++ CVE-2017-6430.patch 2020-04-25 10:59:11 UTC (rev 620637) @@ -1,68 +0,0 @@ -From 4ad7f85dc01202e363659aa473c99470b3f4e1f4 Mon Sep 17 00:00:00 2001 -From: Gianfranco Costamagna <costamagnagianfra...@yahoo.it> -Date: Tue, 7 Mar 2017 22:05:31 +0100 -Subject: [PATCH] Fix issue #782 - ---- - utils/etterfilter/ef_compiler.c | 4 +++- - utils/etterfilter/ef_main.c | 10 +++++++--- - utils/etterfilter/ef_output.c | 3 +++ - 3 files changed, 13 insertions(+), 4 deletions(-) - -diff --git a/utils/etterfilter/ef_compiler.c b/utils/etterfilter/ef_compiler.c -index db876636e..ddb73bd30 100644 ---- a/utils/etterfilter/ef_compiler.c -+++ b/utils/etterfilter/ef_compiler.c -@@ -239,7 +239,9 @@ size_t compile_tree(struct filter_op **fop) - struct filter_op *array = NULL; - struct unfold_elm *ue; - -- BUG_IF(tree_root == NULL); -+ // invalid file -+ if (tree_root == NULL) -+ return 0; - - fprintf(stdout, " Unfolding the meta-tree "); - fflush(stdout); -diff --git a/utils/etterfilter/ef_main.c b/utils/etterfilter/ef_main.c -index ae4591344..431084b91 100644 ---- a/utils/etterfilter/ef_main.c -+++ b/utils/etterfilter/ef_main.c -@@ -39,7 +39,7 @@ struct globals *gbls; - - int main(int argc, char *argv[]) - { -- -+ int ret_value = 0; - globals_alloc(); - /* etterfilter copyright */ - fprintf(stdout, "\n" EC_COLOR_BOLD "%s %s" EC_COLOR_END " copyright %s %s\n\n", -@@ -84,8 +84,12 @@ int main(int argc, char *argv[]) - fprintf(stdout, "\n\nThe script contains errors...\n\n"); - - /* write to file */ -- if (write_output() != E_SUCCESS) -- FATAL_ERROR("Cannot write output file (%s)", GBL_OPTIONS->output_file); -+ ret_value = write_output(); -+ if (ret_value == -E_NOTHANDLED) -+ FATAL_ERROR("Cannot write output file (%s): the filter is not correctly handled.", GBL_OPTIONS->output_file); -+ else if (ret_value == -E_INVALID) -+ FATAL_ERROR("Cannot write output file (%s): the filter format is not correct. ", GBL_OPTIONS->output_file); -+ - globals_free(); - return 0; - } -diff --git a/utils/etterfilter/ef_output.c b/utils/etterfilter/ef_output.c -index 5ae591904..fcf19f010 100644 ---- a/utils/etterfilter/ef_output.c -+++ b/utils/etterfilter/ef_output.c -@@ -51,6 +51,9 @@ int write_output(void) - if (fop == NULL) - return -E_NOTHANDLED; - -+ if (ninst == 0) -+ return -E_INVALID; -+ - /* create the file */ - fd = open(GBL_OPTIONS->output_file, O_CREAT | O_RDWR | O_TRUNC | O_BINARY, 0644); - ON_ERROR(fd, -1, "Can't create file %s", GBL_OPTIONS->output_file); Deleted: CVE-2017-8366.patch =================================================================== --- CVE-2017-8366.patch 2020-04-25 10:58:10 UTC (rev 620636) +++ CVE-2017-8366.patch 2020-04-25 10:59:11 UTC (rev 620637) @@ -1,258 +0,0 @@ -From d14d2558da14a33abf7baab28957488a75d16af1 Mon Sep 17 00:00:00 2001 -From: Alexander Koeppe <forma...@online.de> -Date: Thu, 1 Jun 2017 08:56:23 +0200 -Subject: [PATCH 1/4] Add ASAN compiler flags in DEBUG build type - ---- - CMakeLists.txt | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 90050590f..8e823669c 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -126,7 +126,7 @@ if(NOT DISABLE_RPATH) - set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE) - set(CMAKE_MACOSX_RPATH 1) - endif(NOT DISABLE_RPATH) --set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -DDEBUG -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls" CACHE STRING "" FORCE) -+set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -DDEBUG -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE) - set(CMAKE_C_FLAGS_RELEASE "-O2 -w -D_FORTIFY_SOURCE=2" CACHE STRING "" FORCE) - - if(OS_DARWIN) - -From 044051d302da73e16b0577eb797cd42affba27e5 Mon Sep 17 00:00:00 2001 -From: Alexander Koeppe <forma...@online.de> -Date: Thu, 1 Jun 2017 08:56:57 +0200 -Subject: [PATCH 2/4] fix buffer over- / underflow conditions - ---- - include/ec_strings.h | 2 +- - src/ec_strings.c | 25 +++++++++++++++---------- - 2 files changed, 16 insertions(+), 11 deletions(-) - -diff --git a/include/ec_strings.h b/include/ec_strings.h -index f791739da..9ad245ef3 100644 ---- a/include/ec_strings.h -+++ b/include/ec_strings.h -@@ -43,7 +43,7 @@ - - EC_API_EXTERN int match_pattern(const char *s, const char *pattern); - EC_API_EXTERN int base64_decode(char *bufplain, const char *bufcoded); --EC_API_EXTERN int strescape(char *dst, char *src); -+EC_API_EXTERN int strescape(char *dst, char *src, size_t len); - EC_API_EXTERN int str_replace(char **text, const char *s, const char *d); - EC_API_EXTERN size_t strlen_utf8(const char *s); - EC_API_EXTERN char * ec_strtok(char *s, const char *delim, char **ptrptr); -diff --git a/src/ec_strings.c b/src/ec_strings.c -index 53583851a..21b71926c 100644 ---- a/src/ec_strings.c -+++ b/src/ec_strings.c -@@ -167,13 +167,14 @@ static int hextoint(int c) - /* - * convert the escaped string into a binary one - */ --int strescape(char *dst, char *src) -+int strescape(char *dst, char *src, size_t len) - { - char *olddst = dst; -+ char *oldsrc = src; - int c; - int val; - -- while ((c = *src++) != '\0') { -+ while ((c = *src++) != '\0' && (size_t)(src - oldsrc) <= len) { - if (c == '\\') { - switch ((c = *src++)) { - case '\0': -@@ -218,9 +219,11 @@ int strescape(char *dst, char *src) - if (c >= '0' && c <= '7') - val = (val << 3) | (c - '0'); - else -- --src; -+ if (src > oldsrc) /* protect against buffer underflow */ -+ --src; - } else -- --src; -+ if (src > oldsrc) /* protect against buffer underflow */ -+ --src; - *dst++ = (char) val; - break; - -@@ -232,15 +235,17 @@ int strescape(char *dst, char *src) - c = hextoint(*src++); - if (c >= 0) - val = (val << 4) + c; -- else -- --src; -- } else -- --src; -+ else if (src > oldsrc) /* protect against buffer underflow */ -+ --src; -+ } else if (src > oldsrc) /* protect against buffer underflow */ -+ --src; - *dst++ = (char) val; - break; - } -- } else if (c == 8 || c == 263) /* the backspace */ -- dst--; -+ } else if (c == 8 || c == 263) { /* the backspace */ -+ if (dst > oldsrc) /* protect against buffer underflow */ -+ dst--; -+ } - else - *dst++ = (char) c; - } - -From 19706cf53b189fbc996791cdb4b0d9a1f0feae5f Mon Sep 17 00:00:00 2001 -From: Alexander Koeppe <forma...@online.de> -Date: Thu, 1 Jun 2017 08:57:54 +0200 -Subject: [PATCH 3/4] adapt calls of strescape() adding strlen - ---- - src/ec_encryption.c | 2 +- - src/interfaces/curses/ec_curses_view_connections.c | 2 +- - src/interfaces/gtk/ec_gtk_view_connections.c | 2 +- - utils/etterfilter/ef_encode.c | 18 ++++++++++++------ - 4 files changed, 15 insertions(+), 9 deletions(-) - -diff --git a/src/ec_encryption.c b/src/ec_encryption.c -index 6c02529c1..3d5056030 100644 ---- a/src/ec_encryption.c -+++ b/src/ec_encryption.c -@@ -218,7 +218,7 @@ int set_wep_key(char *string) - - if (type == 's') { - /* escape the string and check its length */ -- if (strescape((char *)tmp_wkey, p) != (int)tmp_wkey_len) -+ if (strescape((char *)tmp_wkey, p, strlen(tmp_wkey)+1) != (int)tmp_wkey_len) - SEMIFATAL_ERROR("Specified WEP key length does not match the given string"); - } else if (type == 'p') { - /* create the key from the passphrase */ -diff --git a/src/interfaces/curses/ec_curses_view_connections.c b/src/interfaces/curses/ec_curses_view_connections.c -index fb52331cf..011c0edf7 100644 ---- a/src/interfaces/curses/ec_curses_view_connections.c -+++ b/src/interfaces/curses/ec_curses_view_connections.c -@@ -614,7 +614,7 @@ static void inject_user(void) - size_t len; - - /* escape the sequnces in the buffer */ -- len = strescape((char*)injectbuf, (char*)injectbuf); -+ len = strescape((char*)injectbuf, (char*)injectbuf, strlen(injectbuf)+1); - - /* check where to inject */ - if (wdg_c1->flags & WDG_OBJ_FOCUSED) { -diff --git a/src/interfaces/gtk/ec_gtk_view_connections.c b/src/interfaces/gtk/ec_gtk_view_connections.c -index fa7dfdc58..b55e1755a 100644 ---- a/src/interfaces/gtk/ec_gtk_view_connections.c -+++ b/src/interfaces/gtk/ec_gtk_view_connections.c -@@ -1627,7 +1627,7 @@ static void gtkui_inject_user(int side) - size_t len; - - /* escape the sequnces in the buffer */ -- len = strescape(injectbuf, injectbuf); -+ len = strescape(injectbuf, injectbuf, strlen(injectbuf)+1); - - /* check where to inject */ - if (side == 1 || side == 2) { -diff --git a/utils/etterfilter/ef_encode.c b/utils/etterfilter/ef_encode.c -index d4b9110cd..7e359e062 100644 ---- a/utils/etterfilter/ef_encode.c -+++ b/utils/etterfilter/ef_encode.c -@@ -136,7 +136,8 @@ int encode_const(char *string, struct filter_op *fop) - fop->op.test.string = (u_char*)strdup(string + 1); - - /* escape it in the structure */ -- fop->op.test.slen = strescape((char*)fop->op.test.string, (char*)fop->op.test.string); -+ fop->op.test.slen = strescape((char*)fop->op.test.string, -+ (char*)fop->op.test.string, strlen(fop->op.test.string)+1); - - return E_SUCCESS; - -@@ -184,7 +185,8 @@ int encode_function(char *string, struct filter_op *fop) - fop->opcode = FOP_FUNC; - fop->op.func.op = FFUNC_SEARCH; - fop->op.func.string = (u_char*)strdup(dec_args[1]); -- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string); -+ fop->op.func.slen = strescape((char*)fop->op.func.string, -+ (char*)fop->op.func.string, strlen(fop->op.func.string)+1); - ret = E_SUCCESS; - } else - SCRIPT_ERROR("Unknown offset %s ", dec_args[0]); -@@ -202,7 +204,8 @@ int encode_function(char *string, struct filter_op *fop) - fop->opcode = FOP_FUNC; - fop->op.func.op = FFUNC_REGEX; - fop->op.func.string = (u_char*)strdup(dec_args[1]); -- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string); -+ fop->op.func.slen = strescape((char*)fop->op.func.string, -+ (char*)fop->op.func.string, strlen(fop->op.func.string)+1); - ret = E_SUCCESS; - } else - SCRIPT_ERROR("Unknown offset %s ", dec_args[0]); -@@ -272,9 +275,11 @@ int encode_function(char *string, struct filter_op *fop) - /* replace always operate at DATA level */ - fop->op.func.level = 5; - fop->op.func.string = (u_char*)strdup(dec_args[0]); -- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string); -+ fop->op.func.slen = strescape((char*)fop->op.func.string, -+ (char*)fop->op.func.string, strlen(fop->op.func.string)+1); - fop->op.func.replace = (u_char*)strdup(dec_args[1]); -- fop->op.func.rlen = strescape((char*)fop->op.func.replace, (char*)fop->op.func.replace); -+ fop->op.func.rlen = strescape((char*)fop->op.func.replace, -+ (char*)fop->op.func.replace, strlen(fop->op.func.replace)+1); - ret = E_SUCCESS; - } else - SCRIPT_ERROR("Wrong number of arguments for function \"%s\" ", name); -@@ -328,7 +333,8 @@ int encode_function(char *string, struct filter_op *fop) - if (nargs == 1) { - fop->op.func.op = FFUNC_MSG; - fop->op.func.string = (u_char*)strdup(dec_args[0]); -- fop->op.func.slen = strescape((char*)fop->op.func.string, (char*)fop->op.func.string); -+ fop->op.func.slen = strescape((char*)fop->op.func.string, -+ (char*)fop->op.func.string, strlen(fop->op.func.string)+1); - ret = E_SUCCESS; - } else - SCRIPT_ERROR("Wrong number of arguments for function \"%s\" ", name); - -From b005d55d4eae444c5be14eb792b50657a14c7b1d Mon Sep 17 00:00:00 2001 -From: Alexander Koeppe <forma...@online.de> -Date: Sun, 4 Jun 2017 08:09:04 +0200 -Subject: [PATCH 4/4] Only add ASAN flags depeding on compiler version - ---- - CMakeLists.txt | 22 +++++++++++++++++++++- - 1 file changed, 21 insertions(+), 1 deletion(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 8e823669c..8f7c7c368 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -126,7 +126,27 @@ if(NOT DISABLE_RPATH) - set(CMAKE_INSTALL_RPATH_USE_LINK_PATH TRUE) - set(CMAKE_MACOSX_RPATH 1) - endif(NOT DISABLE_RPATH) --set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -DDEBUG -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE) -+ -+# set general build flags for debug build-type -+set(CMAKE_C_FLAGS_DEBUG "-O0 -ggdb3 -DDEBUG -Wall -Wno-pointer-sign -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wextra -Wredundant-decls" CACHE STRING "" FORCE) -+# append ASAN build flags if compiler version has support -+if ("${CMAKE_C_COMPILER_ID}" STREQUAL "GNU") -+ if (CMAKE_C_COMPILER_VERSION VERSION_GREATER 4.8) -+ set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE) -+ message("Building with ASAN support (GNU compiler)") -+ else (CMAKE_C_COMPILER_VERSION VERSION_GREATER 4.8) -+ message("Building without ASAN support (GNU compiler)") -+ endif (CMAKE_C_COMPILER_VERSION VERSION_GREATER 4.8) -+elseif ("${CMAKE_C_COMPILER_ID}" STREQUAL "Clang") -+ if (CMAKE_C_COMPILER_VERSION VERSION_GREATER 3.1) -+ set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -fsanitize=address -fno-omit-frame-pointer" CACHE STRING "" FORCE) -+ message("Building with ASAN support (Clang compiler)") -+ elseif (CMAKE_C_COMPILER_VERSION VERSION_GREATER 3.1) -+ message("Building without ASAN support (Clang compiler)") -+ endif (CMAKE_C_COMPILER_VERSION VERSION_GREATER 3.1) -+endif ("${CMAKE_C_COMPILER_ID}" STREQUAL "GNU") -+ -+# set build flags for release build-type - set(CMAKE_C_FLAGS_RELEASE "-O2 -w -D_FORTIFY_SOURCE=2" CACHE STRING "" FORCE) - - if(OS_DARWIN) Modified: PKGBUILD =================================================================== --- PKGBUILD 2020-04-25 10:58:10 UTC (rev 620636) +++ PKGBUILD 2020-04-25 10:59:11 UTC (rev 620637) @@ -1,60 +1,81 @@ -# Maintainer: +# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> +# Maintainer: Santiago Torres-Arias <santi...@archlinux.org> # Contributor: Tom Newsom <jeeps...@gmx.co.uk> pkgbase=ettercap -pkgname=('ettercap' 'ettercap-gtk') +pkgname=(ettercap ettercap-gtk) pkgver=0.8.3 -pkgrel=1 +pkgrel=2 +pkgdesc='Network sniffer/interceptor/logger for ethernet LANs' +url='https://ettercap.github.com/ettercap/' arch=('x86_64') -url="https://ettercap.github.com/ettercap/" license=('GPL') -depends=('openssl' 'libpcap' 'pcre' 'libltdl' 'libnet' 'ethtool' 'curl' 'geoip') -makedepends=('ghostscript' 'cmake' 'libpcap' 'libltdl' 'libnet' 'gtk3' 'harfbuzz') -options=('!makeflags' '!emptydirs') -source=("$pkgbase-$pkgver.tar.gz::https://github.com/Ettercap/ettercap/archive/v$pkgver.tar.gz" build.patch) -sha1sums=('1db39315b2b2b574dc1eb3f7ae72871ad2391e2f' - '6d01c9517dc8b2981dccf9bd92c592ff8a7f90ba') +depends=('glibc' 'openssl' 'zlib' 'libpcap' 'pcre' 'libltdl' 'libnet' 'ethtool' 'curl' 'geoip' + 'ncurses' 'libncursesw.so' 'libformw.so' 'libpanelw.so' 'libmenuw.so' 'libcurl.so') +makedepends=('ghostscript' 'cmake' 'gtk3' 'harfbuzz' 'check') +options=('!emptydirs') +backup=(etc/ettercap/etter.{conf,dns,mdns,nbns}) +source=(https://github.com/Ettercap/ettercap/archive/v${pkgver}/${pkgbase}-${pkgver}.tar.gz + cmake-harfbuzz.patch) +sha512sums=('1929c986d3a17ebc693ffe8531e01c66379c0ee6ea71305ea49b6a9eece84b6da1923135311db458bdb6035feb593e525786e6cf4c465ced5a7683384d4a4ae7' + '248dc70641370f8161a796d090d52f2881ede5dbc834f1aa183583cd3bc64a60f28ad197556289b33f217766eb12de55ab1a96209ff70beb4d67c352debde526') +b2sums=('f49098d61f60877d3f979d7861f36dad6ec3fbfca7ed89d8f9826867145ea36daec65a1076c893f81391218688448515ef020a9cdf9a16ffddc830bacec8eb1c' + '59e9982abe88684dac46045ab91330a908421386f30ca4df6cc37d2d73413018b37185325e759c3eb88d98e6860a9d3574ffd257c9c12a2b69b57320a0aa10d5') prepare() { - cd "${pkgbase}-${pkgver}" - patch -Np1 -i $srcdir/build.patch + cd ${pkgbase}-${pkgver} + patch -Np1 < "${srcdir}/cmake-harfbuzz.patch" } build() { - cd "${srcdir}" + export CFLAGS+=" ${CPPFLAGS}" + export CXXLAGS+=" ${CPPFLAGS}" - cp -r ${pkgbase}-${pkgver} ${pkgbase}-${pkgver}-gtk - cd ${pkgbase}-${pkgver} - mkdir build - cd build - cmake -D ENABLE_GTK=OFF -D CMAKE_INSTALL_PREFIX=/usr -D INSTALL_PREFIX=/usr -D CMAKE_BUILD_TYPE=Release ../ - make + cmake -B build \ + -D CMAKE_BUILD_TYPE=Release \ + -D CMAKE_INSTALL_PREFIX=/usr \ + -D INSTALL_PREFIX=/usr \ + -D ENABLE_GTK=OFF \ + -D ENABLE_TESTS=ON \ + -D ENABLE_IPV6=ON + make -C build VERBOSE=1 - cd "$srcdir"/${pkgbase}-${pkgver}-gtk - mkdir build - cd build - cmake -D ENABLE_GTK=ON -D CMAKE_INSTALL_PREFIX=/usr -D INSTALL_PREFIX=/usr -D CMAKE_BUILD_TYPE=Release ../ - make + cmake -B build-gtk \ + -D CMAKE_BUILD_TYPE=Release \ + -D CMAKE_INSTALL_PREFIX=/usr \ + -D INSTALL_PREFIX=/usr \ + -D ENABLE_GTK=ON \ + -D ENABLE_TESTS=ON \ + -D ENABLE_IPV6=ON + make -C build-gtk VERBOSE=1 } +check() { + cd ${pkgbase}-${pkgver} + make -C build test + make -C build-gtk test +} + package_ettercap() { - pkgdesc="A network sniffer/interceptor/logger for ethernet LANs - console" - backup=('etc/ettercap/etter.conf') - conflicts=('ettercap-gtk') + pkgdesc+=" - console" + provides=('libettercap.so') - cd "${srcdir}"/${pkgbase}-${pkgver}/build - make DESTDIR="${pkgdir}" install + cd ${pkgbase}-${pkgver} + make -C build DESTDIR="${pkgdir}" install + install -Dm 644 CHANGELOG README* -t "${pkgdir}/usr/share/doc/${pkgname}" } package_ettercap-gtk() { - pkgdesc="A network sniffer/interceptor/logger for ethernet LANs - GTK frontend" + pkgdesc+=" - GTK frontend" depends+=('gtk3' 'harfbuzz') - backup=('etc/ettercap/etter.conf') + optdepends=('polkit: run ettercap directly from menu') + provides=('ettercap' 'libettercap.so') conflicts=('ettercap') - provides=('ettercap') - optdepends=('polkit: to run ettercap directly from menu') - cd "${srcdir}"/${pkgbase}-${pkgver}-gtk/build - make DESTDIR="${pkgdir}" install + cd ${pkgbase}-${pkgver} + make -C build-gtk DESTDIR="${pkgdir}" install + install -Dm 644 CHANGELOG README* -t "${pkgdir}/usr/share/doc/${pkgname}" } + +# vim: ts=2 sw=2 et: Deleted: build.patch =================================================================== --- build.patch 2020-04-25 10:58:10 UTC (rev 620636) +++ build.patch 2020-04-25 10:59:11 UTC (rev 620637) @@ -1,13 +0,0 @@ -diff --git a/cmake/Modules/FindGTK3.cmake b/cmake/Modules/FindGTK3.cmake -index ebbf0400..245fde13 100644 ---- a/cmake/Modules/FindGTK3.cmake -+++ b/cmake/Modules/FindGTK3.cmake -@@ -388,7 +388,7 @@ endif() - # - - find_package(Freetype) --list(APPEND GTK3_INCLUDE_DIRS ${FREETYPE_INCLUDE_DIRS}) -+list(APPEND GTK3_INCLUDE_DIRS ${FREETYPE_INCLUDE_DIRS} /usr/include/harfbuzz) - list(APPEND GTK3_LIBRARIES ${FREETYPE_LIBRARIES}) - - foreach(_GTK3_component ${GTK3_FIND_COMPONENTS}) Added: cmake-harfbuzz.patch =================================================================== --- cmake-harfbuzz.patch (rev 0) +++ cmake-harfbuzz.patch 2020-04-25 10:59:11 UTC (rev 620637) @@ -0,0 +1,13 @@ +diff --git a/cmake/Modules/FindGTK3.cmake b/cmake/Modules/FindGTK3.cmake +index ebbf0400..245fde13 100644 +--- a/cmake/Modules/FindGTK3.cmake ++++ b/cmake/Modules/FindGTK3.cmake +@@ -388,7 +388,7 @@ endif() + # + + find_package(Freetype) +-list(APPEND GTK3_INCLUDE_DIRS ${FREETYPE_INCLUDE_DIRS}) ++list(APPEND GTK3_INCLUDE_DIRS ${FREETYPE_INCLUDE_DIRS} /usr/include/harfbuzz) + list(APPEND GTK3_LIBRARIES ${FREETYPE_LIBRARIES}) + + foreach(_GTK3_component ${GTK3_FIND_COMPONENTS})