• file
• revisions
• annotate
• diff
• comparison
• raw

arpd/arpd.patch@c10fb90893b9 (annotated)

arpd/arpd.patch

Thu, 04 Oct 2012 20:30:05 +0200

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Thu, 04 Oct 2012 20:30:05 +0200

changeset 715

c10fb90893b9

parent 714

119553d296d2

permissions

-rw-r--r--

Correct out of date build configuration, porting to Solaris 11 network
link infrastructure and new libpcap logic. This additionally allows for
device drivers in subdirectories of /dev. Correct packaged nmap
personalities and signatures to work out of the box. Finally, hack
arpd logic to properly close sockets and quit on TERM by repeating
signaling in the run command script. Sadly, all this fails to correct
the run time behaviour of honeyd which fails to bind to the IP layer.

michael@715	1	Index: arpd.c
michael@714	2	--- arpd.c.dist 2003-07-02 16:49:31.000000000 +0200
michael@714	3	+++ arpd.c 2003-07-02 16:53:25.000000000 +0200
michael@715	4	@@ -33,7 +33,7 @@
michael@715	5	#define ARPD_MAX_ACTIVE 600
michael@715	6	#define ARPD_MAX_INACTIVE 300
michael@715	7
michael@715	8	-#define PIDFILE "/var/run/arpd.pid"
michael@715	9	+#define PIDFILE "/opsw/var/arpd/arpd.pid"
michael@715	10
michael@715	11	struct arp_req {
michael@715	12	struct addr pa;
michael@714	13	@@ -111,9 +111,11 @@
michael@714	14	struct in_addr in;
michael@714	15	ip_addr_t istart, iend;
michael@714	16
michael@714	17	- second = p;
michael@714	18	+ first = p;
michael@714	19	+ second = strchr(p, '-');
michael@714	20	+ if (second != NULL)
michael@714	21	+ *second++ = '\0';
michael@714	22
michael@714	23	- first = strsep(&second, "-");
michael@714	24	if (second == NULL)
michael@714	25	errx(1, "%s: Invalid network range: %s",
michael@714	26	__func__, p);
michael@715	27	@@ -185,7 +187,7 @@
michael@715	28	arpd_init(char *dev, int naddresses, char **addresses)
michael@715	29	{
michael@715	30	struct bpf_program fcode;
michael@715	31	- char filter[1024], ebuf[PCAP_ERRBUF_SIZE], *dst;
michael@715	32	+ char filter[1024], ebuf[PCAP_ERRBUF_SIZE], *dst, *iface;
michael@715	33	intf_t *intf;
michael@715	34
michael@715	35	dst = arpd_expandips(naddresses, addresses);
michael@715	36	@@ -203,7 +205,16 @@
michael@715	37	errx(1, "pcap_lookupdev: %s", ebuf);
michael@715	38	}
michael@715	39	arpd_ifent.intf_len = sizeof(arpd_ifent);
michael@715	40	- strncpy(arpd_ifent.intf_name, dev, sizeof(arpd_ifent.intf_name) - 1);
michael@715	41	+
michael@715	42	+ /* mitigate slash paths in OS that provide */
michael@715	43	+ /* network devices in subdirectories of /dev */
michael@715	44	+ iface = strrchr(dev, '/');
michael@715	45	+ if (iface)
michael@715	46	+ iface += sizeof(char);
michael@715	47	+ else
michael@715	48	+ iface = dev;
michael@715	49	+
michael@715	50	+ strncpy(arpd_ifent.intf_name, iface, sizeof(arpd_ifent.intf_name) - 1);
michael@715	51	arpd_ifent.intf_name[sizeof(arpd_ifent.intf_name) - 1] = '\0';
michael@715	52
michael@715	53	if (intf_get(intf, &arpd_ifent) < 0)
michael@715	54	@@ -218,7 +229,7 @@
michael@715	55	dst ? "and (" : "", dst ? dst : "", dst ? ")" : "",
michael@715	56	addr_ntoa(&arpd_ifent.intf_link_addr));
michael@715	57
michael@715	58	- if ((arpd_pcap = pcap_open_live(dev, 128, 0, 500, ebuf)) == NULL)
michael@715	59	+ if ((arpd_pcap = pcap_open_live(iface, 128, 0, 500, ebuf)) == NULL)
michael@715	60	errx(1, "pcap_open_live: %s", ebuf);
michael@715	61
michael@715	62	if (pcap_compile(arpd_pcap, &fcode, filter, 1, 0) < 0 ||
michael@715	63	@@ -265,7 +276,7 @@
michael@714	64	spa->addr_ip, tha->addr_eth, tpa->addr_ip);
michael@714	65
michael@714	66	if (op == ARP_OP_REQUEST) {
michael@714	67	- syslog(LOG_DEBUG, __FUNCTION__ ": who-has %s tell %s",
michael@714	68	+ syslog(LOG_DEBUG, "%s: who-has %s tell %s", __FUNCTION__,
michael@714	69	addr_ntoa(tpa), addr_ntoa(spa));
michael@714	70	} else if (op == ARP_OP_REPLY) {
michael@714	71	syslog(LOG_INFO, "arp reply %s is-at %s",
michael@715	72	@@ -282,7 +293,7 @@
michael@714	73	int error;
michael@714	74
michael@714	75	if (addr_cmp(addr, &arpd_ifent.intf_addr) == 0) {
michael@714	76	- syslog(LOG_DEBUG, __FUNCTION__ ": %s at %s",
michael@714	77	+ syslog(LOG_DEBUG, "%s: %s at %s", __FUNCTION__,
michael@714	78	addr_ntoa(addr), addr_ntoa(&arpd_ifent.intf_link_addr));
michael@714	79	return (0);
michael@714	80	}
michael@715	81	@@ -291,10 +302,10 @@
michael@714	82	error = arp_get(arpd_arp, &arpent);
michael@714	83
michael@714	84	if (error == -1) {
michael@714	85	- syslog(LOG_DEBUG, __FUNCTION__ ": no entry for %s",
michael@714	86	+ syslog(LOG_DEBUG, "%s: no entry for %s", __FUNCTION__,
michael@714	87	addr_ntoa(addr));
michael@714	88	} else {
michael@714	89	- syslog(LOG_DEBUG, __FUNCTION__ ": %s at %s",
michael@714	90	+ syslog(LOG_DEBUG, "%s: %s at %s", __FUNCTION__,
michael@714	91	addr_ntoa(addr), addr_ntoa(&arpent.arp_ha));
michael@714	92	}
michael@714	93	return (error);
michael@715	94	@@ -423,7 +434,7 @@
michael@714	95	if ((req = SPLAY_FIND(tree, &arpd_reqs, &tmp)) != NULL) {
michael@714	96	addr_pack(&src.arp_ha, ADDR_TYPE_ETH, ETH_ADDR_BITS,
michael@714	97	ethip->ar_sha, ETH_ADDR_LEN);
michael@714	98	- syslog(LOG_DEBUG, __FUNCTION__ ": %s at %s",
michael@714	99	+ syslog(LOG_DEBUG, "%s: %s at %s", __FUNCTION__,
michael@714	100	addr_ntoa(&req->pa), addr_ntoa(&src.arp_ha));
michael@714	101
michael@714	102	/* This address is claimed */
michael@715	103	@@ -445,9 +456,6 @@
michael@715	104	void
michael@715	105	terminate_handler(int sig)
michael@715	106	{
michael@715	107	- extern int event_gotsig;
michael@715	108	-
michael@715	109	- event_gotsig = 1;
michael@715	110	arpd_sig = sig;
michael@715	111	}
michael@715	112
michael@715	113	@@ -464,7 +472,6 @@
michael@715	114	main(int argc, char *argv[])
michael@715	115	{
michael@715	116	struct event recv_ev;
michael@715	117	- extern int (*event_sigcb)(void);
michael@715	118	char *dev;
michael@715	119	int c, debug;
michael@715	120	FILE *fp;
michael@715	121	@@ -524,7 +531,6 @@
michael@715	122	perror("signal");
michael@715	123	return (-1);
michael@715	124	}
michael@715	125	- event_sigcb = arpd_signal;
michael@715	126
michael@715	127	event_dispatch();
michael@715	128