Bug#857577: unblock: dsniff/2.4b1+debian-24

[Niels Thykier]

Hilko Bengen:
> * Niels Thykier:
> 
>>>  * Add 33_sshcrypto_DES.patch
>>> Replacing all des_ methods and structs with DES_ equivalents.
>>> Already implemented in OpenBSD
>>
>> Why is this done? The patch does not explain why this is a good idea (I
>> assume it is, but I am missing the "why").
> 
> Functions and types prefixed with "des_" are deprecated (defined in
> openssl/des_old.h as of OpenSSL 1.0) and have been removed in OpenSSL
> 1.1. The patch description should document this.
> 
> Cheers,
> -Hilko
> 

Hi,

Thanks for the explanation.  I assumed it was something related to an
OpenSSL change, but I wasn't sure.  I am ok with that change as well.

As for the patch description - It says what it does, but it does not
explain why AFAICT:

> diff -Nru dsniff-2.4b1+debian/debian/patches/33_sshcrypto_DES.patch 
> dsniff-2.4b1+debian/debian/patches/33_sshcrypto_DES.patch
> --- dsniff-2.4b1+debian/debian/patches/33_sshcrypto_DES.patch 1970-01-01 
> 01:00:00.0 +0100
> +++ dsniff-2.4b1+debian/debian/patches/33_sshcrypto_DES.patch 2017-02-15 
> 23:42:16.0 +0100
> @@ -0,0 +1,62 @@
> +Description: improves 18_sshcrypto.patch replacing all des_ methods and 
> structs with DES_ equivalents.
> +Author: jca
> +Origin: OpenBSD
> +---
> +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
> +

Thanks,
~Niels

Bug#857577: unblock: dsniff/2.4b1+debian-24

[Hilko Bengen]

* Niels Thykier:

>>  * Add 33_sshcrypto_DES.patch
>>  Replacing all des_ methods and structs with DES_ equivalents.
>>  Already implemented in OpenBSD
>
> Why is this done? The patch does not explain why this is a good idea (I
> assume it is, but I am missing the "why").

Functions and types prefixed with "des_" are deprecated (defined in
openssl/des_old.h as of OpenSSL 1.0) and have been removed in OpenSSL
1.1. The patch description should document this.

Cheers,
-Hilko

Bug#857577: unblock: dsniff/2.4b1+debian-24

[Niels Thykier]

Control: tags -1 moreinfo

On Sun, 12 Mar 2017 21:35:39 +0100 Marcos Fouces  wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package dsniff in order to fix its five grave bugs
> 
> Dear release team,
> 

Hi,

> dsniff is to be removed from testing due to five grave bugs
> affecting several of its tools:
> 
> [...]
> 

These are fine.

> Also i would like to implement some minor changes:
> 
>  * Add -g compiler flag
>   Avoid creating an empty dbgsym package.

I do not understand why "export CFLAGS += -g" solves this.  AFAICT, the
package is using dh in compat 10, so dh_auto_configure should set the
relevant flags before calling ./configure.



> [...]

>  * Add 33_sshcrypto_DES.patch
>   Replacing all des_ methods and structs with DES_ equivalents.
>   Already implemented in OpenBSD

Why is this done? The patch does not explain why this is a good idea (I
assume it is, but I am missing the "why").

>  * Polish, reorder and refresh patches.
>   Just a cosmetic change.
> 
> Thanks for your time and effort to get release stretch!
> 
> You can see the full changes in the diff file attached.
> 
> Cheers, 
> Marcos
> 
> unblock dsniff/2.4b1+debian-24
> 
> [...]

Thanks,
~Niels

Bug#857577: unblock: dsniff/2.4b1+debian-24

[Marcos Fouces]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package dsniff in order to fix its five grave bugs

Dear release team,

dsniff is to be removed from testing due to five grave bugs
affecting several of its tools:

#715646 [G|P|  ]  arpspoof crashes with exit status 139
#716355 [G|P|  ]  sshmitm crashes with exit status 139
#716457 [G|P|  ]  webmitm crashes with exit status 139
#716458 [G|P|  ]  webspy crashes with exit status 139
#855869 [G|P|  ]  segfaults on portmapper messages

All of them would get fixed with these patches

+ 29_libnet_name2addr4.patch
+ 30_pntohl_shift.patch  
+ 31_sysconf_clocks.patch 
+ 32_rpc_segfault.patch

They are already implemented time ago in Fedora. 

Also i would like to implement some minor changes:

 * Add -g compiler flag
Avoid creating an empty dbgsym package.
 * Pass triplet-prefixed CC to configure.
Closes a minor bug avoiding FTBFS in some archs.
 * Add 33_sshcrypto_DES.patch
Replacing all des_ methods and structs with DES_ equivalents.
Already implemented in OpenBSD
 * Polish, reorder and refresh patches.
Just a cosmetic change.

Thanks for your time and effort to get release stretch!

You can see the full changes in the diff file attached.

Cheers, 
Marcos

unblock dsniff/2.4b1+debian-24

-- System Information:
Debian Release: 9.0
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru dsniff-2.4b1+debian/debian/changelog 
dsniff-2.4b1+debian/debian/changelog
--- dsniff-2.4b1+debian/debian/changelog2016-12-20 22:40:25.0 
+0100
+++ dsniff-2.4b1+debian/debian/changelog2017-02-15 23:42:16.0 
+0100
@@ -1,3 +1,19 @@
+dsniff (2.4b1+debian-24) UNRELEASED; urgency=medium
+
+  * Add -g compiler flag.
+  * Fix FTCBFS: Pass triplet-prefixed CC to configure.
+Thanks to Helmut Grohne (Closes: #852360).
+  * Add four patches from Fedora:
+(Closes: #715646, #716355, #716457, #716458)
++ 29_libnet_name2addr4.patch
++ 30_pntohl_shift.patch
++ 31_sysconf_clocks.patch
++ 32_rpc_segfault.patch (Closes: #855869)
+  * Polish, reorder and refresh patches.
+  * Add 33_sshcrypto_DES.patch
+
+ -- Marcos Fouces   Wed, 15 Feb 2017 23:42:16 +0100
+
 dsniff (2.4b1+debian-23) unstable; urgency=medium
 
   * Assign to pkg-security team (Closes: #847505)
diff -Nru dsniff-2.4b1+debian/debian/copyright 
dsniff-2.4b1+debian/debian/copyright
--- dsniff-2.4b1+debian/debian/copyright2016-12-20 22:39:02.0 
+0100
+++ dsniff-2.4b1+debian/debian/copyright2017-02-15 23:42:16.0 
+0100
@@ -7,7 +7,7 @@
 License: BSD-3-Clause
   
 Files: debian/*
-Copyright: 2016 Marcos Fouces 
+Copyright: 2016-2017 Marcos Fouces 
2013 Andrew Shadura 
2011-2012 William Vera 
2011 Ondřej Surý 
diff -Nru 
dsniff-2.4b1+debian/debian/patches/0001-arpspoof-add-r-switch-to-poison-both-directions.patch
 
dsniff-2.4b1+debian/debian/patches/0001-arpspoof-add-r-switch-to-poison-both-directions.patch
--- 
dsniff-2.4b1+debian/debian/patches/0001-arpspoof-add-r-switch-to-poison-both-directions.patch
   2016-12-20 22:39:02.0 +0100
+++ 
dsniff-2.4b1+debian/debian/patches/0001-arpspoof-add-r-switch-to-poison-both-directions.patch
   1970-01-01 01:00:00.0 +0100
@@ -1,174 +0,0 @@
->From 8fbf0ac15e5fe2df427e3e028f9aa8d96788986a Mon Sep 17 00:00:00 2001
-From: Stefan Tomanek 
-Date: Sun, 6 Nov 2011 22:44:54 +0100
-Subject: [PATCH 1/3] arpspoof: add -r switch to poison both directions
-
-
-Signed-off-by: Stefan Tomanek 

- arpspoof.8 |5 -
- arpspoof.c |   59 +++
- 2 files changed, 51 insertions(+), 13 deletions(-)
-
-diff --git a/arpspoof.8 b/arpspoof.8
-index a05b5d3..544e06c 100644
 a/arpspoof.8
-+++ b/arpspoof.8
-@@ -9,7 +9,7 @@ intercept packets on a switched LAN
- .na
- .nf
- .fi
--\fBarpspoof\fR [\fB-i \fIinterface\fR] [\fB-t \fItarget\fR] \fIhost\fR
-+\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] 
\fIhost\fR
- .SH DESCRIPTION
- .ad
- .fi
-@@ -26,6 +26,9 @@ Specify the interface to use.
- .IP "\fB-t \fItarget\fR"
- Specify a particular host to ARP poison (if not specified, all hosts
- on the LAN).
-+.IP "\fB\-r\fR"
-+Poison both hosts (host and target) to capture traffic in both directions.
-+(only valid in conjuntion with \-t)
- .IP \fIhost\fR
- Specify the host you wish to intercept packets for (usually the local
-