Bug#616311: marked as done (Consider adapting Knocker to IPv6.)

Debian Bug Tracking System Tue, 06 Mar 2012 21:36:19 -0800

Your message dated Wed, 07 Mar 2012 05:33:20 +0000
with message-id <[email protected]>
and subject line Bug#616311: fixed in knocker 0.7.1-4
has caused the Debian Bug report #616311,
regarding Consider adapting Knocker to IPv6.
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
616311: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616311
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: knocker
Version: 0.7.1-3.1
Severity: normal
Tags: patch ipv6

I can offer a patch to implement support for IPv6 probing.
Successfully tested for GNU/Linux and GNU/kFreeBSD.

Best regards,
  Mats Erik Andersson, DM

Description: Adapt code and manpage to IPv6.
 Standard changes are implemented to make the
 knocker service able to probe also IPv6 hosts.
 .
 New command line options "-4/--ipv4" and "-6/--ipv6"
 restrict to a predetermined address domain.
 .
 A misconceived test for the root user is corrected
 in passing.
Author: Mats Erik Andersson <[email protected]>
Forwarded: no
Last-Update: 2011-03-03

diff -Naur knocker-0.7.1.debian/debian/knocker.1 knocker-0.7.1/debian/knocker.1
--- knocker-0.7.1.debian/debian/knocker.1	2011-03-03 09:48:59.000000000 +0100
+++ knocker-0.7.1/debian/knocker.1	2011-03-03 12:25:00.000000000 +0100
@@ -26,6 +26,12 @@
 \fB\-EP\fr, \fB\-\-end-port\fR
 port number to end the scan at
 .TP
+\fB\-4\fr, \fB\-\-ipv4\fR
+only IPv4 addressing (default is first address available)
+.TP
+\fB\-6\fr, \fB\-\-ipv6\fR
+use only IPv6 addressing
+.TP
 \fB\-\-last-host\fR
 uses the last scanned host as target
 .TP
diff -Naur knocker-0.7.1.debian/src/knocker_args.c knocker-0.7.1/src/knocker_args.c
--- knocker-0.7.1.debian/src/knocker_args.c	2002-05-24 01:58:33.000000000 +0200
+++ knocker-0.7.1/src/knocker_args.c	2011-03-03 12:19:12.000000000 +0100
@@ -80,9 +80,11 @@
   fprintf (stdout, "      %s              performs again the last port scan\n", LAST_SCAN_LONG_OPT);
   fprintf (stdout, "\n");
   fprintf (stdout, "Extra options:\n");
+  fprintf (stdout, "      %s,  %s              only IPv4 host addressing\n", HOST_IPV4_SHORT_OPT, HOST_IPV4_LONG_OPT);
+  fprintf (stdout, "      %s,  %s              only IPv6 host addressing\n", HOST_IPV6_SHORT_OPT, HOST_IPV6_LONG_OPT);
   fprintf (stdout, "      %s,  %s             quiet mode (no console output, logs to file)\n", QUIET_MODE_SHORT_OPT, QUIET_MODE_LONG_OPT);
   fprintf (stdout, "      %s, %s <logfile> log scan results to the specified file\n", ENABLE_LOGFILE_SHORT_OPT, ENABLE_LOGFILE_LONG_OPT);
-  fprintf (stdout, "      %s, %s          disable fency output\n", NO_FENCY_SHORT_OPT, NO_FENCY_LONG_OPT);
+  fprintf (stdout, "      %s, %s          disable fancy output\n", NO_FENCY_SHORT_OPT, NO_FENCY_LONG_OPT);
   fprintf (stdout, "      %s, %s         disable colored output\n", NO_COLORS_SHORT_OPT, NO_COLORS_LONG_OPT);
   fprintf (stdout, "\n");
   fprintf (stdout, "      %s              let you configure %s\n", CONFIGURE_LONG_OPT, PACKAGE);
@@ -105,6 +107,7 @@
   args->hname = NULL;
   args->hip = NULL;
   args->lfname = NULL;
+  args->hfamily = AF_UNSPEC;
   args->port = 0;
   args->sport = 0;
   args->eport = 0;
@@ -189,6 +192,16 @@
             }
           return (0);           /* we should have all arguments here */
         }
+      else if ((!strcmp (argv[i], HOST_IPV4_SHORT_OPT)) || (!strcmp (argv[i], HOST_IPV4_LONG_OPT)))
+        {
+          /* Accept only IPv4 addressing. */
+          args->hfamily = AF_INET;
+        }
+      else if ((!strcmp (argv[i], HOST_IPV6_SHORT_OPT)) || (!strcmp (argv[i], HOST_IPV6_LONG_OPT)))
+        {
+          /* Accept only IPv6 addressing. */
+          args->hfamily = AF_INET6;
+        }
       else if ((!strcmp (argv[i], NO_FENCY_SHORT_OPT)) || (!strcmp (argv[i], NO_FENCY_LONG_OPT)))
         {
           /* Disable fency output */
diff -Naur knocker-0.7.1.debian/src/knocker_args.h knocker-0.7.1/src/knocker_args.h
--- knocker-0.7.1.debian/src/knocker_args.h	2002-05-24 01:58:35.000000000 +0200
+++ knocker-0.7.1/src/knocker_args.h	2011-03-03 12:18:00.000000000 +0100
@@ -33,6 +33,12 @@
   /* host to scan, got with lasthost  */
 #define LAST_HOST_LONG_OPT  "--last-host"
 
+  /* preferred address family for hosts */
+#define HOST_IPV4_SHORT_OPT "-4"
+#define HOST_IPV4_LONG_OPT "--ipv4"
+#define HOST_IPV6_SHORT_OPT "-6"
+#define HOST_IPV6_LONG_OPT "--ipv6"
+
   /* single port number */
 #define SINGLE_PORT_SHORT_OPT "-P"
 #define SINGLE_PORT_LONG_OPT  "--port"
@@ -82,6 +88,7 @@
   char           *hname;      /* hostname string */
   char           *hip;        /* host IP string  */
   char           *lfname;     /* logfile name */
+  int            hfamily;     /* desired address domain */
   unsigned int   port;        /* Single port number, -P */
   unsigned int   sport;       /* Start port number, -SP */
   unsigned int   eport;       /* End port number, -EP   */
diff -Naur knocker-0.7.1.debian/src/knocker_core.c knocker-0.7.1/src/knocker_core.c
--- knocker-0.7.1.debian/src/knocker_core.c	2002-05-24 01:58:51.000000000 +0200
+++ knocker-0.7.1/src/knocker_core.c	2011-03-03 11:58:35.000000000 +0100
@@ -33,13 +33,13 @@
 
 static int knocker_core_init_socket_data (knocker_core_socket_t * sock);
 static void knocker_core_free_socket_data (knocker_core_socket_t * sock);
-static int knocker_core_open_socket (knocker_core_socket_t * sock, int protocol);
+static int knocker_core_open_socket (knocker_core_socket_t * sock, int family, int protocol);
 static void knocker_core_close_socket (knocker_core_socket_t * sock);
 
 static int knocker_core_init_host_data (knocker_core_host_t * host);
 static void knocker_core_free_host_data (knocker_core_host_t * host);
 
-static int knocker_core_gethostbyname (knocker_core_host_t * hinfo, const char *hostname);
+static int knocker_core_gethostbyname (knocker_core_host_t * hinfo, const char *hostname, int family);
 static int knocker_core_getservbyport (char *service, unsigned int port, int protocol);
 
 static char *knocker_core_get_host_name_string (knocker_core_host_t * hinfo);
@@ -364,7 +364,7 @@
   fprintf (stderr, "debug: connecting to port: %d\n", port);
 #endif
 
-  if (knocker_core_open_socket (&data->socket, PROTO_TCP) == KNOCKER_SOCKET_ERROR)
+  if (knocker_core_open_socket (&data->socket, data->host.hostaddr.ss_family, PROTO_TCP) == KNOCKER_SOCKET_ERROR)
     {
 #ifdef DEBUG
       fprintf (stderr, "debug: socket error, couldn't connect.\n");
@@ -372,12 +372,16 @@
       return -1;
     }
 
-  data->host.sockaddr_in.sin_family = AF_INET;
-  data->host.sockaddr_in.sin_port = htons (port);
-  data->host.sockaddr_in.sin_addr = *((struct in_addr *) data->host.info->h_addr);
-  memset (&(data->host.sockaddr_in.sin_zero), 0, 8);
+  memcpy (&(data->host.sockaddr_st), &(data->host.hostaddr), data->host.addrlen);
+  switch (data->host.hostaddr.ss_family) {
+    case AF_INET6:
+      ((struct sockaddr_in6 *) &(data->host.sockaddr_st))->sin6_port = htons (port);
+    case AF_INET:
+    default:
+      ((struct sockaddr_in *) &(data->host.sockaddr_st))->sin_port = htons (port);
+  }
 
-  if (!connect (data->socket.fd, (struct sockaddr *) &data->host.sockaddr_in, sizeof (struct sockaddr)))
+  if (!connect (data->socket.fd, (struct sockaddr *) &data->host.sockaddr_st, data->host.addrlen))
     /* here the port is open */
     {
       knocker_core_close_socket (&data->socket);
@@ -401,9 +405,9 @@
    ============================================================================
    ============================================================================
 */
-char *knocker_core_resolve_host (knocker_core_portscan_data_t * data, const char *hostname)
+char *knocker_core_resolve_host (knocker_core_portscan_data_t * data, const char *hostname, int family)
 {
-  if (knocker_core_gethostbyname (&data->host, hostname) == -1)
+  if (knocker_core_gethostbyname (&data->host, hostname, family) == -1)
     return NULL;
   else
     return (data->host.ip);
@@ -506,14 +510,14 @@
    ============================================================================
    ============================================================================
 */
-static int knocker_core_open_socket (knocker_core_socket_t * sock, int protocol)
+static int knocker_core_open_socket (knocker_core_socket_t * sock, int family, int protocol)
 {
 #ifdef DEBUG
   fprintf (stderr, "debug: function knocker_core_open_socket (...) called.\n");
 #endif
   if (protocol == PROTO_TCP)
     {
-      if ((sock->fd = socket (AF_INET, SOCK_STREAM, 0)) == KNOCKER_SOCKET_ERROR)
+      if ((sock->fd = socket (family, SOCK_STREAM, 0)) == KNOCKER_SOCKET_ERROR)
         {
 #ifdef DEBUG
           fprintf (stderr, "debug: couldn't open the socket: ");
@@ -524,7 +528,7 @@
     }
   else if (protocol == PROTO_UDP)
     {
-      if ((sock->fd = socket (AF_INET, SOCK_DGRAM, 0)) == KNOCKER_SOCKET_ERROR)
+      if ((sock->fd = socket (family, SOCK_DGRAM, 0)) == KNOCKER_SOCKET_ERROR)
         {
 #ifdef DEBUG
           fprintf (stderr, "debug: couldn't open the socket: ");
@@ -579,13 +583,47 @@
    ============================================================================
    ============================================================================
 */
-static int knocker_core_gethostbyname (knocker_core_host_t * hinfo, const char *hostname)
+static int knocker_core_gethostbyname (knocker_core_host_t * hinfo, const char *hostname, int family)
 {
-  if ((hinfo->info = gethostbyname (hostname)) == NULL)
+  struct addrinfo hints, *res, *ai;
+  char hostip[INET6_ADDRSTRLEN];
+  int err, fd;
+
+  memset (&hints, 0, sizeof (hints));
+  hints.ai_family = family;
+  hints.ai_flags = AI_ADDRCONFIG;
+
+  if ( (err = getaddrinfo (hostname, NULL, &hints, &res)) ) {
+#ifdef DEBUG
+    fprintf (stderr, "debug: knocker_core_gethostbyname(): %s", gai_strerror(err));
+#endif
+    return -1;
+  }
+
+  for (ai = res; ai; ai = ai->ai_next) {
+    if ( (ai->ai_family != AF_INET) && (ai->ai_family != AF_INET6) )
+      continue;
+
+    fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+    if (fd < 0)
+      continue;
+    /* Valid socket indicates a functional address; accept it. */
+    close (fd);
+    hinfo->addrlen = ai->ai_addrlen;
+    memcpy(&(hinfo->hostaddr), ai->ai_addr, ai->ai_addrlen);
+    break;
+  }
+
+  if (res)
+    freeaddrinfo(res);
+
+  if (ai == NULL)
     return -1;
 
   knocker_core_set_host_name_string (hinfo, hostname);
-  knocker_core_set_host_ip_string (hinfo, inet_ntoa (*(struct in_addr *) *hinfo->info->h_addr_list));
+  getnameinfo ((struct sockaddr *) &(hinfo->hostaddr), hinfo->addrlen,
+      hostip, sizeof (hostip), NULL, 0, NI_NUMERICHOST);
+  knocker_core_set_host_ip_string (hinfo, hostip);
 
   return 0;
 }
diff -Naur knocker-0.7.1.debian/src/knocker_core.h knocker-0.7.1/src/knocker_core.h
--- knocker-0.7.1.debian/src/knocker_core.h	2002-05-24 01:58:53.000000000 +0200
+++ knocker-0.7.1/src/knocker_core.h	2011-03-03 11:59:27.000000000 +0100
@@ -135,8 +135,9 @@
 */
 
 typedef struct {
-  struct hostent                   *info;        /* hostent structure */
-  struct sockaddr_in               sockaddr_in;  /* sockaddr_in structure */
+  struct sockaddr_storage          hostaddr;     /* template address */
+  socklen_t                        addrlen;      /* active length */
+  struct sockaddr_storage          sockaddr_st;  /* working address */
   char                             *name;        /* hostname string   */
   char                             *ip;          /* host IP address string */
 } knocker_core_host_t;
@@ -185,7 +186,7 @@
 int   knocker_core_validate_port_number (unsigned int port);
 
 /* returns host ip address on success, NULL on failure */
-char *knocker_core_resolve_host (knocker_core_portscan_data_t *data, const char *hostname);
+char *knocker_core_resolve_host (knocker_core_portscan_data_t *data, const char *hostname, int family);
 
 /* return the hostname string from the structure */
 char *knocker_core_get_hostname (knocker_core_portscan_data_t *data);
@@ -203,13 +204,13 @@
 
 static int  knocker_core_init_socket_data   (knocker_core_socket_t *sock);
 static void knocker_core_free_socket_data   (knocker_core_socket_t *sock);
-static int  knocker_core_open_socket   (knocker_core_socket_t *sock, int protocol);
+static int  knocker_core_open_socket   (knocker_core_socket_t *sock, int family, int protocol);
 static void knocker_core_close_socket  (knocker_core_socket_t *sock);
 
 static int  knocker_core_init_host_data   (knocker_core_host_t *host);
 static void knocker_core_free_host_data   (knocker_core_host_t *host);
 
-static int   knocker_core_gethostbyname    (knocker_core_host_t *hinfo, const char *hostname);
+static int   knocker_core_gethostbyname    (knocker_core_host_t *hinfo, const char *hostname, int family);
 static int   knocker_core_getservbyport    (char *service, unsigned int port, int protocol);
 
 static char *knocker_core_get_host_name_string (knocker_core_host_t *hinfo);
diff -Naur knocker-0.7.1.debian/src/knocker_main.c knocker-0.7.1/src/knocker_main.c
--- knocker-0.7.1.debian/src/knocker_main.c	2011-03-03 09:48:59.000000000 +0100
+++ knocker-0.7.1/src/knocker_main.c	2011-03-03 12:00:20.000000000 +0100
@@ -132,7 +132,7 @@
 */
 static void resolve (void)
 {
-  if (knocker_core_resolve_host (&pscan_data, knocker_args.hname) == NULL)
+  if (knocker_core_resolve_host (&pscan_data, knocker_args.hname, knocker_args.hfamily) == NULL)
     {
       knocker_output_resolve_error (knocker_args.hname);
       knocker_log_resolve_error (knocker_args.hname);
diff -Naur knocker-0.7.1.debian/src/knocker_user.c knocker-0.7.1/src/knocker_user.c
--- knocker-0.7.1.debian/src/knocker_user.c	2002-05-24 02:00:03.000000000 +0200
+++ knocker-0.7.1/src/knocker_user.c	2011-03-03 11:48:06.000000000 +0100
@@ -82,7 +82,7 @@
       _dir_create (user->dir);
     }
 
-  if (knocker_user_is_root)
+  if (knocker_user_is_root())
     user->super = 1;
   else
     user->super = 0;

signature.asc
Description: Digital signature

--- End Message ---

--- Begin Message ---

Source: knocker
Source-Version: 0.7.1-4

We believe that the bug you reported is fixed in the latest version of
knocker, which is due to be installed in the Debian FTP archive:

knocker_0.7.1-4.diff.gz
  to main/k/knocker/knocker_0.7.1-4.diff.gz
knocker_0.7.1-4.dsc
  to main/k/knocker/knocker_0.7.1-4.dsc
knocker_0.7.1-4_amd64.deb
  to main/k/knocker/knocker_0.7.1-4_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Khalid El Fathi <[email protected]> (supplier of updated knocker package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 23 Feb 2012 18:55:00 +0100
Source: knocker
Binary: knocker
Architecture: source amd64
Version: 0.7.1-4
Distribution: unstable
Urgency: low
Maintainer: Khalid El Fathi <[email protected]>
Changed-By: Khalid El Fathi <[email protected]>
Description: 
 knocker    - Simple and easy to use TCP security port scanner
Closes: 616311 654324
Changes: 
 knocker (0.7.1-4) unstable; urgency=low
 .
   * New maintainer (Closes: #654324).
   * Update copyright file.
   * Add Vcs-{Browser,Git} pointing to collab-maint/knocker.git
   * Apply patch by Mats Erik Andersson <[email protected]> to
     implement support for IPv6 probing (Closes: #616311).
   * Fixed lintian warnings:
     - W: knocker source: debhelper-but-no-misc-depends knocker
     - W: knocker source: package-uses-deprecated-debhelper-compat-version 4
     - W: knocker source: changelog-should-mention-nmu
     - W: knocker source: ancient-standards-version 3.8.0 (current is 3.9.3)
     - W: knocker: description-synopsis-starts-with-article
Checksums-Sha1: 
 5f2cab2d47be11f1de78929f0cbb857fbe56fba9 1809 knocker_0.7.1-4.dsc
 b87c1848ff768a1f8e4e99145567c7b8e87734be 10168 knocker_0.7.1-4.diff.gz
 11586975ecacb3ac420042bb55eba3f261ff163e 32882 knocker_0.7.1-4_amd64.deb
Checksums-Sha256: 
 0b10e60e734d9f09aa3f63cfb796301fc4299bace11d4f0088ff2b30188566e6 1809 
knocker_0.7.1-4.dsc
 a8a8cd5de6e5c5e0d698286e535a815bc46345ac60ff4696ef4c15116a7367c6 10168 
knocker_0.7.1-4.diff.gz
 cf0f755a4378a579c0b2c8d2f89259d7eff827d2422d65fc7e630303ed2a5bd5 32882 
knocker_0.7.1-4_amd64.deb
Files: 
 fac5b860bfae61669e4e89ad6192c54d 1809 net optional knocker_0.7.1-4.dsc
 98a9b238bdb6642dde415350739b0083 10168 net optional knocker_0.7.1-4.diff.gz
 46a0d0872566fad52f972d6ef258fbdf 32882 net optional knocker_0.7.1-4_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJPU/foAAoJEBYoHy4AfJjRrJoP+weI3k6ncZwJum46SHaEcNhZ
JQg7HIwcjQmLUNVnykXIZW5d2p1GmiHXeGU7fY+vnI64gqr8iSnu7yeFror6lblf
QVCv0b++ASZWq7jYdlhaGZDCvqbTQdx9cq5fXt6A2xCJQGPQY0nj8GBB11Gn2Wys
0+H1ZNHoFGbU/PWe4FgeZWqABav86/jE8XfxAToN5A9KVqPW/Giweo6FUnLoGVhz
RHe7dycuBqhp3/V5ZVSGhfkAEjTKixYRKUQsvWH4ZT+/BZGOVRvAEZnzYcT0NHDz
cvJHSJRPsEmoBTTQQdU0NLCw3iH5fC5J8Xw6Rz4jBuoRlgvRI0bDw396cBpgZbn0
7Shy8zP21rSJVVzdYT+teI9ec9ztWJO8K2b1NWxRAmp4Y3z6WvwXw+rzF1uOpknZ
bSQ9e6Z3BeRqm6CxaeaiFTF8E1DNJazok9EOxe/Rvpi+jIuwOtdsOmgbs3dUgofv
cnx/EQXy5GYQ/9qT4+8EgW5Eoogo4js/EFfr8DeVz+hCfqhITZCfbf846yjP5WMZ
XpADvUyw17jwJX5LQtVPMRr/+OlDUUazdcDRgPhSrvHkPGEnD9yIim/wcNg2XwDh
NmIiALFfGARiN9jFxqXxOjNXBEwSZH1vabVn2khYSkUl4NnF99RxZ/TchMs1x8xg
axU7bU6GVSdVObvSyOAW
=8fA8
-----END PGP SIGNATURE-----

--- End Message ---

Bug#616311: marked as done (Consider adapting Knocker to IPv6.)

Reply via email to