new version 4.8.0

2016-08-10 16:46:42 +02:00 · 2016-08-10 16:46:42 +02:00 · 561100c24a
commit 561100c24a
parent 674af76d36
7 changed files with 71 additions and 69 deletions
--- a/.gitignore
+++ b/.gitignore
@ -11,3 +11,4 @@ tcpdump-4.1.1.tar.gz
 /tcpdump-4.6.2.tar.gz
 /tcpdump-4.7.3.tar.gz
 /tcpdump-4.7.4.tar.gz
+/tcpdump-4.8.0.tar.gz
--- a/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch
+++ b/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch
@ -9,11 +9,11 @@ Subject: [PATCH 1/7] icmp6: print Reachable Time and Retransmit Time from
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/print-icmp6.c b/print-icmp6.c
-index 553bb46..e288630 100644
+index 135f6ef..28e124c 100644
 --- a/print-icmp6.c
 +++ b/print-icmp6.c
-@@ -1053,7 +1053,7 @@ icmp6_print(netdissect_options *ndo,
- 			p = (struct nd_router_advert *)dp;
+@@ -1032,7 +1032,7 @@ icmp6_print(netdissect_options *ndo,
+ 			p = (const struct nd_router_advert *)dp;
 			ND_TCHECK(p->nd_ra_retransmit);
 			ND_PRINT((ndo,"\n\thop limit %u, Flags [%s]" \
 -                                  ", pref %s, router lifetime %us, reachable time %us, retrans time %us",
@ -22,5 +22,4 @@ index 553bb46..e288630 100644
                                   bittok2str(icmp6_opt_ra_flag_values,"none",(p->nd_ra_flags_reserved)),
                                   get_rtpref(p->nd_ra_flags_reserved),
 -- 
-1.8.3.1
-
+1.8.3.1
--- a/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch
+++ b/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch
@ -8,18 +8,18 @@ Subject: [PATCH 2/7] Use getnameinfo instead of gethostbyaddr
 1 file changed, 46 insertions(+), 2 deletions(-)

 diff --git a/addrtoname.c b/addrtoname.c
-index eb0b2ae..277751d 100644
+index 571a952..0caa8a9 100644
 --- a/addrtoname.c
 +++ b/addrtoname.c
-@@ -221,7 +221,6 @@ static uint32_t f_localnet;
+@@ -220,7 +220,6 @@ static uint32_t f_localnet;
 const char *
 getname(netdissect_options *ndo, const u_char *ap)
 {
 -	register struct hostent *hp;
 	uint32_t addr;
- 	static struct hnamemem *p;		/* static for longjmp() */
+ 	struct hnamemem *p;
 
-@@ -243,6 +242,28 @@ getname(netdissect_options *ndo, const u_char *ap)
+@@ -242,6 +241,28 @@ getname(netdissect_options *ndo, const u_char *ap)
 	 */
 	if (!ndo->ndo_nflag &&
 	    (addr & f_netmask) == f_localnet) {
@ -48,15 +48,15 @@ index eb0b2ae..277751d 100644
 		hp = gethostbyaddr((char *)&addr, 4, AF_INET);
 		if (hp) {
 			char *dotp;
-@@ -256,6 +277,7 @@ getname(netdissect_options *ndo, const u_char *ap)
+@@ -258,6 +279,7 @@ getname(netdissect_options *ndo, const u_char *ap)
 			}
 			return (p->name);
 		}
 +#endif
 	}
 	p->name = strdup(intoa(addr));
- 	return (p->name);
-@@ -269,7 +291,6 @@ getname(netdissect_options *ndo, const u_char *ap)
+ 	if (p->name == NULL)
+@@ -272,7 +294,6 @@ getname(netdissect_options *ndo, const u_char *ap)
 const char *
 getname6(netdissect_options *ndo, const u_char *ap)
 {
@ -64,7 +64,7 @@ index eb0b2ae..277751d 100644
 	union {
 		struct in6_addr addr;
 		struct for_hash_addr {
-@@ -294,6 +315,28 @@ getname6(netdissect_options *ndo, const u_char *ap)
+@@ -297,6 +318,28 @@ getname6(netdissect_options *ndo, const u_char *ap)
 	 * Do not print names if -n was given.
 	 */
 	if (!ndo->ndo_nflag) {
@ -93,13 +93,13 @@ index eb0b2ae..277751d 100644
 		hp = gethostbyaddr((char *)&addr, sizeof(addr), AF_INET6);
 		if (hp) {
 			char *dotp;
-@@ -307,6 +350,7 @@ getname6(netdissect_options *ndo, const u_char *ap)
+@@ -313,6 +356,7 @@ getname6(netdissect_options *ndo, const u_char *ap)
 			}
 			return (p->name);
 		}
 +#endif
 	}
- 	cp = inet_ntop(AF_INET6, &addr, ntop_buf, sizeof(ntop_buf));
+ 	cp = addrtostr6(ap, ntop_buf, sizeof(ntop_buf));
 	p->name = strdup(cp);
 -- 
 1.8.3.1
--- a/0003-Drop-root-priviledges-before-opening-first-savefile-.patch
+++ b/0003-Drop-root-priviledges-before-opening-first-savefile-.patch
@ -35,63 +35,63 @@ index f9522cb..3f1bc5f 100644
 .RS
 selects which packets will be dumped.
 diff --git a/tcpdump.c b/tcpdump.c
-index 2fd1617..4cbeb05 100644
+index a3cccc8..043191a 100644
 --- a/tcpdump.c
 +++ b/tcpdump.c
-@@ -1029,6 +1029,7 @@ main(int argc, char **argv)
+@@ -780,6 +780,7 @@ main(int argc, char **argv)
 	cap_rights_t rights;
 	int cansandbox;
 #endif	/* HAVE_CAPSICUM */
-+        int chown_flag = 0;
-
- #ifdef WIN32
- 	if(wsockinit() != 0) return 1;
-@@ -1841,10 +1842,23 @@ main(int argc, char **argv)
+	int chown_flag = 0;
+ 	int Bflag = 0;			/* buffer size */
+ 	int jflag = -1;			/* packet time stamp source */
+ 	int Oflag = 1;			/* run filter code optimizer */
+@@ -1598,9 +1599,22 @@ main(int argc, char **argv)
 		}
 		capng_apply(CAPNG_SELECT_BOTH);
 #endif /* HAVE_LIBCAP_NG */
 -		if (username || chroot_dir)
 -			droproot(username, chroot_dir);
-+		/* If user is running tcpdump as root and wants to write to the savefile,
-+		 * we will check if -C is set and if it is, we will drop root
-+		 * privileges right away and consequent call to	pcap_dump_open()
-+		 * will most likely fail for the first file. If -C flag is not set we
-+		 * will create file as root then change ownership of file to proper
-+		 * user(default tcpdump) and drop root privileges.
-+		 */
-+		if (WFileName)
-+			if (Cflag && (username || chroot_dir))
-+				droproot(username, chroot_dir);
-+			else
-+				chown_flag = 1;
+-
+	/* If user is running tcpdump as root and wants to write to the savefile,
+	 * we will check if -C is set and if it is, we will drop root
+	 * privileges right away and consequent call to>pcap_dump_open()
+	 * will most likely fail for the first file. If -C flag is not set we
+	 * will create file as root then change ownership of file to proper
+	 * user(default tcpdump) and drop root privileges.
+	 */
+	if (WFileName)
+		if (Cflag && (username || chroot_dir))
+			droproot(username, chroot_dir);
 +		else
-+			if (username || chroot_dir)
-+                                droproot(username, chroot_dir);
-+        }
-
-	}
- #endif /* WIN32 */
-
- 	if (pcap_setfilter(pd, &fcode) < 0)
-@@ -1879,6 +1893,21 @@ main(int argc, char **argv)
+			chown_flag = 1;
+	else
+		if (username || chroot_dir)
+			droproot(username, chroot_dir);
+
+ 	}
+ #endif /* _WIN32 */
+ 
+@@ -1636,6 +1650,22 @@ main(int argc, char **argv)
 		  MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, 0);
-
+ 
 		p = pcap_dump_open(pd, dumpinfo.CurrentFileName);
 +
-+		/* Change ownership of file and drop root privileges */
-+		if (chown_flag) {
-+			struct passwd *pwd;
+	/* Change ownership of file and drop root privileges */
+	if (chown_flag) {
+		struct passwd *pwd;
 +
-+			pwd = getpwnam(username);
-+			if (!pwd)
-+				error("Couldn't find user '%s'", username);
+		pwd = getpwnam(username);
+		if (!pwd)
+			error("Couldn't find user '%s'", username);
 +
-+			if (strcmp(WFileName, "-") && chown(dumpinfo.CurrentFileName, pwd->pw_uid, pwd->pw_gid) < 0)
-+				error("Couldn't change ownership of savefile");
+		if (strcmp(WFileName, "-") && chown(dumpinfo.CurrentFileName, pwd->pw_uid, pwd->pw_gid) < 0)
+			error("Couldn't change ownership of savefile");
+
+		if (username || chroot_dir)
+			droproot(username, chroot_dir);
+    }
 +
-+			if (username || chroot_dir)
-+				droproot(username, chroot_dir);
-+		}
 #ifdef HAVE_LIBCAP_NG
 		/* Give up CAP_DAC_OVERRIDE capability.
 		 * Only allow it to be restored if the -C or -G flag have been
--- a/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch
+++ b/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch
@ -8,21 +8,20 @@ Subject: [PATCH] Don't print out we dropped root, we are always dropping it
 1 file changed, 6 deletions(-)

 diff --git a/tcpdump.c b/tcpdump.c
-index 1a17361..7d45924 100644
+index 5598ec2..a3cccc8 100644
 --- a/tcpdump.c
 +++ b/tcpdump.c
-@@ -758,9 +758,6 @@ droproot(const char *username, const char *chroot_dir)
- 		if (ret < 0) {
- 			fprintf(stderr, "error : ret %d\n", ret);
+@@ -552,8 +552,6 @@ droproot(const char *username, const char *chroot_dir)
+ 			int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG);
+ 			if (ret < 0) {
+ 				fprintf(stderr, "error : ret %d\n", ret);
+-			} else {
+-				fprintf(stderr, "dropped privs to %s\n", username);
+ 			}
 		}
-		else {
-			fprintf(stderr, "dropped privs to %s\n", username);
-		}
 #else
- 		if (initgroups(pw->pw_name, pw->pw_gid) != 0 ||
- 		    setgid(pw->pw_gid) != 0 || setuid(pw->pw_uid) != 0) {
-@@ -771,9 +768,6 @@ droproot(const char *username, const char *chroot_dir)
- 			    pcap_strerror(errno));
+@@ -566,9 +564,6 @@ droproot(const char *username, const char *chroot_dir)
+ 				pcap_strerror(errno));
 			exit(1);
 		}
 -		else {
--- a/2
+++ b/2
@ -1,2 +1,2 @@
-58af728de36f499341918fc4b8e827c3  tcpdump-4.7.4.tar.gz
+68778081ed0a0654f491fbf17ad1a8e5  tcpdump-4.8.0.tar.gz
 e329cbeb7e589f132d92c3447c477190  tcpslice-1.2a3.tar.gz
--- a/tcpdump.spec
+++ b/tcpdump.spec
@ -1,8 +1,8 @@
 Summary: A network traffic monitoring tool
 Name: tcpdump
 Epoch: 14
-Version: 4.7.4
-Release: 4%{?dist}
+Version: 4.8.0
+Release: 1%{?dist}
 License: BSD with advertising
 URL: http://www.tcpdump.org
 Group: Applications/Internet
@ -82,6 +82,9 @@ exit 0
 %{_mandir}/man8/tcpdump.8*

 %changelog
+* Tue Aug 09 2016 Luboš Uhliarik <luhliari@redhat.com> - 14:4.8.0-1
+- new version 4.8.0
+
 * Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 14:4.7.4-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild