michael@574: ##
michael@574: ## honeyd.spec -- OpenPKG RPM Package Specification
michael@574: ## Copyright (c) 2000-2008 OpenPKG Foundation e.V.
michael@574: ##
michael@574: ## Permission to use, copy, modify, and distribute this software for
michael@574: ## any purpose with or without fee is hereby granted, provided that
michael@574: ## the above copyright notice and this permission notice appear in all
michael@574: ## copies.
michael@574: ##
michael@574: ## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
michael@574: ## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
michael@574: ## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
michael@574: ## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
michael@574: ## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
michael@574: ## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
michael@574: ## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
michael@574: ## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
michael@574: ## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
michael@574: ## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
michael@574: ## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
michael@574: ## SUCH DAMAGE.
michael@574: ##
michael@574:
michael@574: # package version
michael@575: %define V_honeyd 1.5c
michael@574: %define V_libdnsres 0.1a
michael@574:
michael@574: # package information
michael@574: Name: honeyd
michael@574: Summary: Creates a Virtual Host on Network
michael@574: URL: http://www.honeyd.org/
michael@574: Vendor: Niels Provos
michael@574: Packager: OpenPKG Foundation e.V.
michael@574: Distribution: OpenPKG Community
michael@574: Class: EVAL
michael@574: Group: Security
michael@574: License: BSD
michael@574: Version: %{V_honeyd}
michael@575: Release: 20120800
michael@574:
michael@574: # package options
michael@574: %option with_fsl yes
michael@574: %option with_gui no
michael@574:
michael@574: # list of sources
michael@574: Source0: http://www.citi.umich.edu/u/provos/honeyd/honeyd-%{V_honeyd}.tar.gz
michael@574: Source1: http://www.citi.umich.edu/u/provos/honeyd/contrib/mael/ftp.sh
michael@574: Source2: http://www.citi.umich.edu/u/provos/honeyd/contrib/mael/pop3.sh
michael@574: Source3: http://www.citi.umich.edu/u/provos/honeyd/contrib/mael/smtp.sh
michael@574: Source4: http://www.citi.umich.edu/u/provos/papers/honeyd-eabstract.pdf
michael@574: Source5: http://www.citi.umich.edu/u/provos/papers/honeyd-eabstract.ps
michael@574: Source6: http://www.citi.umich.edu/u/provos/honeyd/ch01-results/1/honeydGUI.tar.gz
michael@574: Source7: honey
michael@574: Source8: svcs.sh
michael@574: Source9: rc.honeyd
michael@574: Source10: fsl.honeyd
michael@574: Source11: honeyd.conf
michael@574: Source12: cdefs.h
michael@574: Source13: setenv.h
michael@574: Source14: setenv.c
michael@574: Source15: vasprintf.c
michael@574: Source16: vasprintf.h
michael@575: Source17: evbuffer.h
michael@575: Source18: http://www.monkey.org/~provos/libdnsres-%{V_libdnsres}.tar.gz
michael@574: Patch0: honeyd.patch
michael@574:
michael@574: # build information
michael@671: BuildPreReq: OpenPKG, openpkg >= 20100101, make
michael@671: PreReq: OpenPKG, openpkg >= 20100101
michael@574: BuildPreReq: libdnet, libpcap, libevent, libedit, zlib, pcre
michael@574: PreReq: libdnet, libpcap, libevent, libedit, zlib, pcre
michael@574: %if "%{with_fsl}" == "yes"
michael@574: BuildPreReq: fsl
michael@574: PreReq: fsl
michael@574: %endif
michael@574: %if "%{with_gui}" == "yes"
michael@574: PreReq: java, JAVA-JDK
michael@574: %endif
michael@574:
michael@574: %description
michael@574: Honeyd is a small daemon that creates virtual hosts on a network.
michael@574: The hosts can be configured to run arbitrary services, and their
michael@574: TCP personality can be adapted so that they appear to be running
michael@574: certain versions of operating systems. Honeyd enables a single host
michael@574: to claim multiple addresses on a LAN for network simulation. It is
michael@574: possible to ping the virtual machines, or to traceroute them. Any
michael@574: type of service on the virtual machine can be simulated according to
michael@574: a simple configuration file. Instead of simulating a service, it is
michael@574: also possible to proxy it to another machine. The package arpd will
michael@574: most certainly be useful as well, although it is not a technical
michael@574: requirement for this package.
michael@574:
michael@574: %track
michael@574: prog honeyd:honeyd = {
michael@574: version = %{V_honeyd}
michael@574: url = http://www.citi.umich.edu/u/provos/honeyd/
michael@574: regex = honeyd-(__VER__)\.tar\.gz
michael@574: }
michael@574: prog honeyd:libdnsres = {
michael@574: version = %{V_libdnsres}
michael@574: url = http://www.monkey.org/~provos/libdnsres/
michael@574: regex = libdnsres-(__VER__)\.tar\.gz
michael@574: }
michael@574:
michael@574: %prep
michael@574: %setup -q
michael@575: %setup -q -D -T -a 18
michael@574: %patch -p0
michael@575: cp -f %{SOURCE setenv.c} .
michael@575: cp -f %{SOURCE setenv.h} .
michael@575: cp -f %{SOURCE vasprintf.c} .
michael@575: cp -f %{SOURCE vasprintf.h} .
michael@575: cp -f %{SOURCE evbuffer.h} .
michael@575: cp -f %{SOURCE cdefs.h} .
michael@575: %{l_shtool} mkdir -f -p -m 755 libdnsres-%{V_libdnsres}/sys
michael@575: cp -f %{SOURCE cdefs.h} libdnsres-%{V_libdnsres}/sys/
michael@574: %{l_shtool} subst \
michael@574: -e 's;AF_LOCAL;AF_UNIX;' \
michael@574: *.c
michael@574: %{l_shtool} subst \
michael@575: -e 's;\(for ac_header in stdarg.h errno.h fcntl.h paths.h stdlib.h string.h time.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h sys/ioccom.h sys/file.h net/bpf.h syslog.h unistd.h assert.h\);\1 sys/cdefs.h;' \
michael@575: -e 's;\(for ac_func in asprintf dup2 fgetln gettimeofday memmove memset strcasecmp strchr strdup strncasecmp strtoul strspn getaddrinfo getnameinfo freeaddrinfo setgroups sendmsg recvmsg setregid setruid\) \(kqueue\);\1 setenv \2;' \
michael@575: configure
michael@575: %{l_shtool} subst \
michael@574: -e 's;^\(honeyd_SOURCES *=[^\\]*\);\1 setenv.c vasprintf.c;' \
michael@574: -e 's;^\(honeyd_OBJECTS *=[^\\]*\);\1 setenv.o vasprintf.o ;' \
michael@574: Makefile.in
michael@574: %{l_shtool} subst \
michael@574: -e 's;/var/run/honeyd.pid;%{l_prefix}/var/honeyd/honeyd.pid;' \
michael@574: honeyd.h
michael@574: %{l_shtool} subst \
michael@575: -e 's;\(encode_int\);loc_\1;g' \
michael@575: tagging.[ch]
michael@575: %{l_shtool} subst \
michael@575: -e '/#include /a#include "evbuffer.h"' \
michael@575: honeydstats.c \
michael@575: untagging.c \
michael@575: ui.c
michael@575: %{l_shtool} subst \
michael@575: -e 's;flock(fd, [^)][^)]*);lockf(fd, F_LOCK, 0);g' \
michael@575: subsystems/smtp.c
michael@575: %{l_shtool} subst \
michael@574: -e 's/\(user_target=no\)/\1; pic_mode=no;/' \
michael@574: -e 's;test "*$\(hardcode_into_libs\)"* *\([!=]*\) *"*\([a-zA-Z_][a-zA-Z_]*\)"*;test ".$\1" \2 ".$\3";g' \
michael@574: -e 's;test "*$\(build_libtool_need_lc\)"* *\([!=]*\) *"*\([a-zA-Z_][a-zA-Z_]*\)"*;test ".$\1" \2 ".$\3";g' \
michael@574: ltmain.sh
michael@574: case "%{l_platform -t}" in
michael@574: *-sunos* )
michael@574: %{l_shtool} subst \
michael@574: -e 's;-levent;-levent -lsocket -lnsl;g' \
michael@574: configure
michael@574: %{l_shtool} subst \
michael@574: -e 's;\(\$(honeydctl_LDADD)\);\1 -lsocket -lnsl;g' \
michael@574: Makefile.in
michael@575: %{l_shtool} subst \
michael@575: -e 's;-lsocket;-lsocket -lnsl -lresolv;g' \
michael@575: libdnsres-%{V_libdnsres}/configure
michael@574: ;;
michael@574: esac
michael@575: %{l_shtool} subst \
michael@575: -e 's;#if \((!defined(BSD))\) || \((BSD < [0-9][0-9]*)\);#if (!defined(__sun)) \&\& (!defined(__SVR4)) \&\& \1 \&\& \2;' \
michael@575: libdnsres-%{V_libdnsres}/dnsres.h \
michael@575: libdnsres-%{V_libdnsres}/resolv.h
michael@575: %{l_shtool} subst \
michael@575: -e 's;u_int\([0-9]*\)_t;uint\1_t;g' \
michael@575: libdnsres-%{V_libdnsres}/dnsres.h \
michael@575: libdnsres-%{V_libdnsres}/resolv.h \
michael@575: libdnsres-%{V_libdnsres}/res_random.c
michael@575: %{l_shtool} subst \
michael@575: -e 's;top_buildir;top_builddir;' \
michael@575: -e 's;\(am_simple_test_OBJECTS = simple_test\.\$(OBJEXT)\);\1 arc4random.$(OBJEXT);' \
michael@575: libdnsres-%{V_libdnsres}/Makefile.in
michael@575: %{l_shtool} subst \
michael@575: -e '/#include "config.h"/a#ifndef HAVE_ARC4RANDOM' \
michael@575: libdnsres-%{V_libdnsres}/arc4random.c
michael@575: echo '#endif' >>libdnsres-%{V_libdnsres}/arc4random.c
michael@575: echo '#ifndef MIN' >>keycount.h
michael@575: echo '#define MIN(a,b) (((a) < (b)) ? (a) : (b))' >>keycount.h
michael@575: echo '#endif' >>keycount.h
michael@574:
michael@574: %build
michael@574: ( cd libdnsres-%{V_libdnsres}
michael@575: loc_cppflags=
michael@575: case "%{l_platform -t}" in
michael@575: *-sunos* )
michael@575: loc_cppflags="-D_KERNEL"
michael@575: ;;
michael@575: esac
michael@574: CC="%{l_cc}" \
michael@574: CFLAGS="%{l_cflags -O}" \
michael@575: CPPFLAGS="%{l_cppflags} $loc_cppflags" \
michael@574: ./configure \
michael@574: --with-libevent=%{l_prefix} \
michael@574: --disable-shared
michael@574: %{l_make} %{l_mflags}
michael@574: ) || exit $?
michael@574: CC="%{l_cc}" \
michael@574: CFLAGS="%{l_cflags -O}" \
michael@574: CPPFLAGS="%{l_cppflags} -DREPLACE_GETOPT" \
michael@574: LDFLAGS="%{l_fsl_ldflags}" \
michael@574: LIBS="%{l_fsl_libs}" \
michael@574: ./configure \
michael@574: --prefix=%{l_prefix} \
michael@574: --with-libevent=%{l_prefix} \
michael@574: --with-libdnet=%{l_prefix} \
michael@574: --with-libdnsres=`pwd`/libdnsres-%{V_libdnsres} \
michael@574: --with-libpcre=%{l_prefix} \
michael@574: --without-python
michael@575: %{l_make} %{l_mflags -O}
michael@574:
michael@574: %install
michael@574: # create directories
michael@574: %{l_shtool} mkdir -f -p -m 755 \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/etc/honeyd \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/lib/honeyd \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/var/honeyd \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/share/honeyd \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/libexec/honeyd
michael@574:
michael@574: # install files
michael@574: %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
michael@574: %{l_shtool} install -c -m 750 %{l_value -s -a} \
michael@574: -e 's;^log=/\(.*/\)*\(.*\)-.*\.log;log=%{l_prefix}/var/honeyd/\2.log;g' \
michael@574: -e 's;^\(host=\).*;\1`%{l_shtool} echo -e %h`;g' \
michael@574: -e 's;^\(domain=\).*;\1`%{l_shtool} echo -e %d | cut -c2-`;g' \
michael@574: -e 's; gawk ; awk ;g' \
michael@574: %{SOURCE ftp.sh} \
michael@574: %{SOURCE pop3.sh} \
michael@574: %{SOURCE smtp.sh} \
michael@574: %{SOURCE svcs.sh} \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/libexec/honeyd/
michael@574: %{l_shtool} install -c -m 644 %{l_value -s -a} \
michael@574: %{SOURCE honeyd.conf} \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/etc/honeyd/
michael@574: %{l_shtool} install -c -m 755 %{l_value -s -a} \
michael@574: %{SOURCE rc.honeyd} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
michael@574: %{l_shtool} install -c -m 644 \
michael@574: %{SOURCE honeyd-eabstract.ps} \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/share/honeyd/honeyd.ps
michael@574: %{l_shtool} install -c -m 644 \
michael@574: %{SOURCE honeyd-eabstract.pdf} \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/share/honeyd/honeyd.pdf
michael@574:
michael@574: # optionally install the Java GUI
michael@574: %if "%{with_gui}" == "yes"
michael@574: %{l_tar} zxf %{SOURCE honeydGUI.tar.gz}
michael@574: mv -f honeydGUI/exec $RPM_BUILD_ROOT%{l_prefix}/lib/honeyd/javagui
michael@574: %{l_shtool} install -c -m 755 %{l_value -s -a} \
michael@574: %{SOURCE honey} \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/bin/
michael@574: %endif
michael@574:
michael@574: # install OSSP fsl configuration
michael@574: %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/etc/fsl
michael@574: %{l_shtool} install -c -m 644 %{l_value -s -a} \
michael@574: %{SOURCE fsl.honeyd} \
michael@574: $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/
michael@574:
michael@574: # remove unwanted files
michael@574: rm -rf $RPM_BUILD_ROOT%{l_prefix}/include
michael@574: rm -rf $RPM_BUILD_ROOT%{l_prefix}/lib/honeyd
michael@574: rm -rf $RPM_BUILD_ROOT%{l_prefix}/share/honeyd/README
michael@574: rm -rf $RPM_BUILD_ROOT%{l_prefix}/share/honeyd/config.sample
michael@574:
michael@574: # determine file list
michael@574: %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
michael@574: %{l_files_std} \
michael@574: '%config %attr(0750,%{l_susr},%{l_mgrp}) %{l_prefix}/var/honeyd' \
michael@574: '%config %{l_prefix}/etc/fsl/fsl.honeyd' \
michael@574: '%config %attr(0750,%{l_musr},%{l_mgrp}) %{l_prefix}/etc/honeyd/honeyd.conf'
michael@574:
michael@574: %files -f files
michael@574:
michael@574: %clean
michael@574:
michael@574: %pre
michael@574: # before upgrade, save status and stop service
michael@574: [ $1 -eq 2 ] || exit 0
michael@574: eval `%{l_rc} honeyd status 2>/dev/null | tee %{l_tmpfile}`
michael@574: %{l_rc} honeyd stop 2>/dev/null
michael@574: exit 0
michael@574:
michael@574: %post
michael@574: if [ $1 -eq 1 ]; then
michael@574: # display final hints on initial installation
michael@574: ( echo "Before starting Honey daemon, please set the configuration variable"
michael@574: echo "\"honeyd_if\" in $RPM_INSTALL_PREFIX/etc/rc.conf to the name of the"
michael@574: echo "used network interface."
michael@574: ) | %{l_rpmtool} msg -b -t notice
michael@574: fi
michael@574: if [ $1 -eq 2 ]; then
michael@574: # after upgrade, restore status
michael@574: eval `cat %{l_tmpfile}`; rm -f %{l_tmpfile}
michael@574: [ ".$honeyd_active" = .yes ] && %{l_rc} honeyd start
michael@574: fi
michael@574: exit 0
michael@574:
michael@574: %preun
michael@574: # before erase, stop service and remove log files
michael@574: [ $1 -eq 0 ] || exit 0
michael@574: %{l_rc} honeyd stop 2>/dev/null
michael@574: rm -f $RPM_INSTALL_PREFIX/var/honeyd/*.log* >/dev/null 2>&1 || true
michael@574: exit 0
michael@574: