honeyd/honeyd.patch@c10fb90893b9
honeyd/honeyd.patch
Thu, 04 Oct 2012 20:30:05 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 04 Oct 2012 20:30:05 +0200
- changeset 715
- c10fb90893b9
- parent 575
- 6e491d7671a4
- permissions
- -rw-r--r--
Correct out of date build configuration, porting to Solaris 11 network
link infrastructure and new libpcap logic. This additionally allows for
device drivers in subdirectories of /dev. Correct packaged nmap
personalities and signatures to work out of the box. Finally, hack
arpd logic to properly close sockets and quit on TERM by repeating
signaling in the run command script. Sadly, all this fails to correct
the run time behaviour of honeyd which fails to bind to the IP layer.
1 Index: command.c
2 --- command.c.orig 2006-08-19 09:10:40 +0200
3 +++ command.c 2006-08-24 12:14:21 +0200
4 @@ -72,6 +72,9 @@
5 #include "pyextend.h"
6 #include "honeyd_overload.h"
7 #include "util.h"
8 +#ifndef HAVE_SETENV
9 +#include "setenv.h"
10 +#endif
12 ssize_t atomicio(ssize_t (*)(), int, void *, size_t);
14 Index: compat/getopt.h
15 --- compat/getopt.h.orig 2006-08-19 09:10:40 +0200
16 +++ compat/getopt.h 2006-08-24 12:14:21 +0200
17 @@ -40,7 +40,11 @@
18 #ifndef _GETOPT_H_
19 #define _GETOPT_H_
21 +#ifdef HAVE_SYS_CDEFS_H
22 #include <sys/cdefs.h>
23 +#else
24 +#include "cdefs.h"
25 +#endif
27 /*
28 * GNU-like getopt_long() and 4.4BSD getsubopt()/optreset extensions
29 Index: compat/sha1.h
30 --- compat/sha1.h.orig 2006-08-19 09:10:40 +0200
31 +++ compat/sha1.h 2006-08-24 12:14:21 +0200
32 @@ -15,7 +15,11 @@
33 unsigned char buffer[64];
34 } SHA1_CTX;
36 +#ifdef HAVE_SYS_CDEFS_H
37 #include <sys/cdefs.h>
38 +#else
39 +#include "cdefs.h"
40 +#endif
42 __BEGIN_DECLS
43 void SHA1Transform(u_int32_t [5], const unsigned char [64])
44 Index: config.h.in
45 --- config.h.in.orig 2006-01-17 18:11:44 +0100
46 +++ config.h.in 2006-08-24 12:14:21 +0200
47 @@ -222,6 +222,9 @@
48 /* Define to 1 if you have the `strtoul' function. */
49 #undef HAVE_STRTOUL
51 +/* Define to 1 if you have the `setenv' function. */
52 +#undef HAVE_SETENV
53 +
54 /* Define if your system defines struct sockaddr_storage */
55 #undef HAVE_STRUCT_SOCKADDR_STORAGE
57 @@ -255,6 +258,9 @@
58 /* Define to 1 if you have the <sys/types.h> header file. */
59 #undef HAVE_SYS_TYPES_H
61 +/* Define to 1 if you have the <sys/cdefs.h> header file. */
62 +#undef HAVE_SYS_CDEFS_H
63 +
64 /* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
65 #undef HAVE_SYS_WAIT_H
67 Index: dhcpclient.c
68 --- dhcpclient.c.orig 2006-08-19 09:10:41 +0200
69 +++ dhcpclient.c 2006-08-24 12:14:21 +0200
70 @@ -94,6 +94,13 @@
72 #define NTRIES 10
74 +#ifndef MIN
75 +# define MIN(a,b) (((a) < (b)) ? (a) : (b))
76 +#endif /* MIN */
77 +#ifndef MAX
78 +# define MAX(a,b) (((a) > (b)) ? (a) : (b))
79 +#endif /* MAX */
80 +
81 static int _pack_request(struct dhcpclient_req *, void *, size_t *);
82 static int _pack_release(struct dhcpclient_req *, void *, size_t *);
83 static int _bcast(struct template *,
84 Index: honeyd.c
85 --- honeyd.c.orig 2006-08-19 09:14:36 +0200
86 +++ honeyd.c 2006-08-24 12:14:21 +0200
87 @@ -101,6 +101,9 @@
88 #include "histogram.h"
89 #include "update.h"
90 #include "util.h"
91 +#ifndef HAVE_SETENV
92 +#include "setenv.h"
93 +#endif
95 #ifdef HAVE_PYTHON
96 #include <Python.h>
97 Index: honeyd_overload.c
98 --- honeyd_overload.c.orig 2006-08-19 09:10:41 +0200
99 +++ honeyd_overload.c 2006-08-24 12:14:21 +0200
100 @@ -295,7 +295,7 @@
101 struct fd *nfd;
102 int pair[2];
104 - if (socketpair(AF_LOCAL, type, 0, pair) == -1) {
105 + if (socketpair(AF_UNIX, type, 0, pair) == -1) {
106 warn("%s: socketpair", __func__);
107 return (NULL);
108 }
109 @@ -625,7 +625,7 @@
110 }
112 /* Get another socketpair */
113 - if (socketpair(AF_LOCAL, SOCK_STREAM, 0, pair) == -1) {
114 + if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) {
115 DPRINTF((stderr, "%s: socketpair failed", __func__));
116 errno = ETIMEDOUT; /* XXX */
117 return (-1);
118 @@ -732,6 +732,7 @@
119 }
120 #endif /* !__FreeBSD__ */
122 +#ifndef sun
123 ssize_t
124 recvfrom(int sock, void *buf, size_t len, int flags, struct sockaddr *from,
125 socklen_t *fromlen)
126 @@ -759,6 +760,7 @@
127 out:
128 return (ret);
129 }
130 +#endif /* !sun */
132 ssize_t
133 sendto(int sock, const void *buf, size_t len, int flags,
134 @@ -795,6 +797,7 @@
135 return (ret);
136 }
138 +#ifndef sun
139 int
140 getsockname(int sock, struct sockaddr *to, socklen_t *tolen)
141 {
142 @@ -832,6 +835,7 @@
144 return (0);
145 }
146 +#endif /* !sun */
148 ssize_t
149 recvmsg(int sock, struct msghdr *msg, int flags)
150 @@ -1120,6 +1124,7 @@
151 return (ret);
152 }
154 +#ifndef sun
155 int
156 accept(int sock, struct sockaddr *addr, socklen_t *addrlen)
157 {
158 @@ -1169,6 +1174,7 @@
160 return (fd);
161 }
162 +#endif /* !sun */
164 #if 0
166 Index: personality.c
167 --- personality.c.orig 2006-08-19 09:10:40 +0200
168 +++ personality.c 2006-08-24 12:14:21 +0200
169 @@ -32,6 +32,9 @@
171 #include <sys/param.h>
172 #include <sys/types.h>
173 +#ifndef UINT_MAX
174 +#define UINT_MAX 4294967295U
175 +#endif
177 #include "config.h"
179 Index: pf_osfp.c
180 --- pf_osfp.c.orig 2006-08-19 09:10:40 +0200
181 +++ pf_osfp.c 2006-08-24 12:14:21 +0200
182 @@ -50,6 +50,10 @@
183 # define DPFPRINTF(format, x...) ((void)0)
184 # endif /* PFDEBUG */
186 +#ifndef MAX
187 +# define MAX(a,b) (((a) > (b)) ? (a) : (b))
188 +#endif
189 +
190 SLIST_HEAD(pf_osfp_list, pf_os_fingerprint) pf_osfp_list;
191 pool_t pf_osfp_entry_pl;
192 pool_t pf_osfp_pl;
193 Index: nmap.prints
194 --- nmap.prints.orig 2007-05-28 08:05:05.000000000 +0200
195 +++ nmap.prints 2012-10-02 20:41:53.110772932 +0200
196 @@ -662,18 +662,6 @@
197 T7(DF=N%W=0%ACK=S%Flags=AR%Ops=)
198 PU(DF=N%TOS=0%IPLEN=38%RIPTL=15C%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E)
200 -Fingerprint IBM OS/400 V4R2M0
201 -Class IBM | OS/400 | V4 | general purpose
202 -TSeq(Class=TD|RI%gcd=<6%SI=<285DC&>206%IPID=I%TS=U)
203 -T1(DF=N%W=8000%ACK=S++%Flags=AS%Ops=M)
204 -T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
205 -T3(Resp=Y%DF=N%W=8000%ACK=S++%Flags=AS%Ops=M)
206 -T4(DF=N%W=0%ACK=S%Flags=R%Ops=)
207 -T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
208 -T6(DF=N%W=0%ACK=S%Flags=R%Ops=)
209 -T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
210 -PU(DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
211 -
212 Fingerprint IBM OS/400 V4R5M0
213 Class IBM | OS/400 | V4 | general purpose
214 T1(DF=N%W=2000%ACK=S++%Flags=AS%Ops=MNWNNT)
215 @@ -11085,18 +11073,6 @@
217 Fingerprint Microsoft Windows NT 4.0 SP3
218 Class Microsoft | Windows | NT/2K/XP | general purpose
219 -TSeq(Class=TD|RI%gcd=<18%SI=<2A00DA&>6B73)
220 -T1(DF=Y%W=7FFF|2017%ACK=S++%Flags=AS%Ops=M|MNWNNT)
221 -T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
222 -T3(Resp=Y%DF=Y%W=7FFF|2017%ACK=S++|O%Flags=AS|A%Ops=M|NNT)
223 -T4(DF=N%W=0%ACK=O|S%Flags=R%Ops=)
224 -T5(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
225 -T6(DF=N%W=0%ACK=O|S++%Flags=R%Ops=)
226 -T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=)
227 -PU(TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
228 -
229 -Fingerprint Microsoft Windows NT 4.0 SP3
230 -Class Microsoft | Windows | NT/2K/XP | general purpose
231 TSeq(Class=TD%gcd=<F4%SI=<3C%IPID=BI%TS=U)
232 T1(DF=Y%W=2017%ACK=S++%Flags=AS%Ops=M)
233 T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
234 Index: interface.c
235 --- interface.c.orig 2007-05-28 08:12:52.000000000 +0200
236 +++ interface.c 2012-10-02 21:16:53.229492754 +0200
237 @@ -114,6 +114,7 @@
238 {
239 char ebuf[PCAP_ERRBUF_SIZE];
240 struct interface *inter;
241 + char *iface = 0;
243 if ((inter = calloc(1, sizeof(struct interface))) == NULL)
244 err(1, "%s: calloc", __func__);
245 @@ -126,14 +127,23 @@
246 TAILQ_INSERT_TAIL(&interfaces, inter, next);
248 inter->if_ent.intf_len = sizeof(struct intf_entry);
249 - strlcpy(inter->if_ent.intf_name, dev, sizeof(inter->if_ent.intf_name));
250 +
251 + /* mitigate slash paths in OS that provide */
252 + /* network devices in subdirectories of /dev */
253 + iface = strrchr(dev, '/');
254 + if (iface)
255 + iface += sizeof(char);
256 + else
257 + iface = dev;
258 +
259 + strlcpy(inter->if_ent.intf_name, iface, sizeof(inter->if_ent.intf_name));
261 if (intf_get(intf, &inter->if_ent) < 0)
262 err(1, "%s: intf_get", __func__);
264 if (inter->if_ent.intf_addr.addr_type != ADDR_TYPE_IP)
265 errx(1, "%s: bad interface configuration: %s is not IP",
266 - __func__, dev);
267 + __func__, iface);
269 return (inter);
270 }
271 @@ -244,7 +254,7 @@
272 }
274 void
275 -interface_ether_filter(struct interface *inter,
276 +interface_ether_filter(char *dev, struct interface *inter,
277 int naddresses, char **addresses)
278 {
279 char line[48];
280 @@ -259,7 +269,7 @@
281 sizeof(inter->if_filter))
282 errx(1, "%s: pcap filter exceeds maximum length", __func__);
284 - inter->if_eth = eth_open(inter->if_ent.intf_name);
285 + inter->if_eth = eth_open(dev);
286 if (inter->if_eth == NULL)
287 errx(1, "%s: eth_open: %s", inter->if_ent.intf_name);
289 @@ -307,7 +317,7 @@
290 * ignore our own packets.
291 */
292 if (inter->if_ent.intf_link_addr.addr_type == ADDR_TYPE_ETH) {
293 - interface_ether_filter(inter, naddresses, addresses);
294 + interface_ether_filter(dev, inter, naddresses, addresses);
296 /*
297 * We open all interfaces before parsing the
