From e0f3faf9f8d7fdd2a692a2d6d7c82f71176b869c Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 7 May 2019 05:29:00 -0400 Subject: [PATCH] import tcpdump-4.9.2-5.el8 --- .gitignore | 2 + .tcpdump.metadata | 2 + ...hable-Time-and-Retransmit-Time-from-.patch | 26 + ...getnameinfo-instead-of-gethostbyaddr.patch | 106 +++ ...edges-before-opening-first-savefile-.patch | 94 +++ ...slice-update-tcpslice-patch-to-1.2a3.patch | 88 +++ ...005-tcpslice-remove-unneeded-include.patch | 26 + ...est-the-pointer-but-pointee-for-NULL.patch | 27 + SOURCES/0007-Introduce-nn-option.patch | 55 ++ ...we-dropped-root-we-are-always-droppi.patch | 36 + ...0009-Change-n-flag-to-nn-in-TESTonce.patch | 27 + ...ds-instead-of-seconds-in-icmp-captur.patch | 45 ++ SOURCES/0011-Evp-cipher-buffers.patch | 133 ++++ ...rinting-support-for-vsockmon-devices.patch | 318 ++++++++ SOURCES/0013-tcpslice-stdlib.patch | 12 + SOURCES/tcpdump-4.9.2.tar.gz.sig | Bin 0 -> 442 bytes SPECS/tcpdump.spec | 694 ++++++++++++++++++ 17 files changed, 1691 insertions(+) create mode 100644 .gitignore create mode 100644 .tcpdump.metadata create mode 100644 SOURCES/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch create mode 100644 SOURCES/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch create mode 100644 SOURCES/0003-Drop-root-priviledges-before-opening-first-savefile-.patch create mode 100644 SOURCES/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch create mode 100644 SOURCES/0005-tcpslice-remove-unneeded-include.patch create mode 100644 SOURCES/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch create mode 100644 SOURCES/0007-Introduce-nn-option.patch create mode 100644 SOURCES/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch create mode 100644 SOURCES/0009-Change-n-flag-to-nn-in-TESTonce.patch create mode 100644 SOURCES/0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch create mode 100644 SOURCES/0011-Evp-cipher-buffers.patch create mode 100644 SOURCES/0012-Add-printing-support-for-vsockmon-devices.patch create mode 100644 SOURCES/0013-tcpslice-stdlib.patch create mode 100644 SOURCES/tcpdump-4.9.2.tar.gz.sig create mode 100644 SPECS/tcpdump.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8b13cdc --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +SOURCES/tcpdump-4.9.2.tar.gz +SOURCES/tcpslice-1.2a3.tar.gz diff --git a/.tcpdump.metadata b/.tcpdump.metadata new file mode 100644 index 0000000..0bccb2a --- /dev/null +++ b/.tcpdump.metadata @@ -0,0 +1,2 @@ +f7dccebe94c3d07ac8744d43297ea2b98b35a13f SOURCES/tcpdump-4.9.2.tar.gz +98790301cb1bf4399a95153bc62d49b3f5808994 SOURCES/tcpslice-1.2a3.tar.gz diff --git a/SOURCES/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch b/SOURCES/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch new file mode 100644 index 0000000..c5e54ae --- /dev/null +++ b/SOURCES/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch @@ -0,0 +1,26 @@ +From f19e0376b8e98b38240d28eb9e6f78c465bb1c6e Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 13:34:24 +0200 +Subject: [PATCH 1/8] icmp6: print Reachable Time and Retransmit Time from + ICMPv6 as milliseconds + +--- + print-icmp6.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/print-icmp6.c b/print-icmp6.c +index 7fe639d..cfaa2df 100644 +--- a/print-icmp6.c ++++ b/print-icmp6.c +@@ -1034,7 +1034,7 @@ icmp6_print(netdissect_options *ndo, + p = (const struct nd_router_advert *)dp; + ND_TCHECK(p->nd_ra_retransmit); + ND_PRINT((ndo,"\n\thop limit %u, Flags [%s]" \ +- ", pref %s, router lifetime %us, reachable time %us, retrans time %us", ++ ", pref %s, router lifetime %us, reachable time %ums, retrans time %ums", + (u_int)p->nd_ra_curhoplimit, + bittok2str(icmp6_opt_ra_flag_values,"none",(p->nd_ra_flags_reserved)), + get_rtpref(p->nd_ra_flags_reserved), +-- +2.9.3 + diff --git a/SOURCES/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch b/SOURCES/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch new file mode 100644 index 0000000..28bce58 --- /dev/null +++ b/SOURCES/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch @@ -0,0 +1,106 @@ +From c48fba64fbbff9c75c79e32ab33aa65742c197d9 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 14:12:46 +0200 +Subject: [PATCH 2/8] Use getnameinfo instead of gethostbyaddr + +--- + addrtoname.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 46 insertions(+), 2 deletions(-) + +diff --git a/addrtoname.c b/addrtoname.c +index 6975b71..949acb7 100644 +--- a/addrtoname.c ++++ b/addrtoname.c +@@ -220,7 +220,6 @@ static uint32_t f_localnet; + const char * + getname(netdissect_options *ndo, const u_char *ap) + { +- register struct hostent *hp; + uint32_t addr; + struct hnamemem *p; + +@@ -242,6 +241,28 @@ getname(netdissect_options *ndo, const u_char *ap) + */ + if (!ndo->ndo_nflag && + (addr & f_netmask) == f_localnet) { ++#ifdef HAVE_GETNAMEINFO ++ struct sockaddr_in sa; ++ char hbuf[NI_MAXHOST]; ++ ++ memset(&sa, 0, sizeof (sa)); ++ sa.sin_family = AF_INET; ++ sa.sin_addr.s_addr = addr; ++ if (!getnameinfo((struct sockaddr *)&sa, sizeof (sa), ++ hbuf, sizeof (hbuf), NULL, 0, 0)) { ++ if (ndo->ndo_Nflag) { ++ char *dotp; ++ ++ /* Remove domain qualifications */ ++ dotp = strchr(hbuf, '.'); ++ if (dotp) ++ *dotp = '\0'; ++ } ++ p->name = strdup(hbuf); ++ return p->name; ++ } ++#else ++ register struct hostent *hp; + hp = gethostbyaddr((char *)&addr, 4, AF_INET); + if (hp) { + char *dotp; +@@ -258,6 +279,7 @@ getname(netdissect_options *ndo, const u_char *ap) + } + return (p->name); + } ++#endif + } + p->name = strdup(intoa(addr)); + if (p->name == NULL) +@@ -272,7 +294,6 @@ getname(netdissect_options *ndo, const u_char *ap) + const char * + getname6(netdissect_options *ndo, const u_char *ap) + { +- register struct hostent *hp; + union { + struct in6_addr addr; + struct for_hash_addr { +@@ -297,6 +318,28 @@ getname6(netdissect_options *ndo, const u_char *ap) + * Do not print names if -n was given. + */ + if (!ndo->ndo_nflag) { ++#ifdef HAVE_GETNAMEINFO ++ struct sockaddr_in6 sa; ++ char hbuf[NI_MAXHOST]; ++ ++ memset(&sa, 0, sizeof (sa)); ++ sa.sin6_family = AF_INET6; ++ sa.sin6_addr = addr.addr; ++ if (!getnameinfo((struct sockaddr *)&sa, sizeof (sa), ++ hbuf, sizeof (hbuf), NULL, 0, 0)) { ++ if (ndo->ndo_Nflag) { ++ char *dotp; ++ ++ /* Remove domain qualifications */ ++ dotp = strchr(hbuf, '.'); ++ if (dotp) ++ *dotp = '\0'; ++ } ++ p->name = strdup(hbuf); ++ return p->name; ++ } ++#else ++ register struct hostent *hp; + hp = gethostbyaddr((char *)&addr, sizeof(addr), AF_INET6); + if (hp) { + char *dotp; +@@ -313,6 +356,7 @@ getname6(netdissect_options *ndo, const u_char *ap) + } + return (p->name); + } ++#endif + } + cp = addrtostr6(ap, ntop_buf, sizeof(ntop_buf)); + p->name = strdup(cp); +-- +2.9.3 + diff --git a/SOURCES/0003-Drop-root-priviledges-before-opening-first-savefile-.patch b/SOURCES/0003-Drop-root-priviledges-before-opening-first-savefile-.patch new file mode 100644 index 0000000..c7ffc59 --- /dev/null +++ b/SOURCES/0003-Drop-root-priviledges-before-opening-first-savefile-.patch @@ -0,0 +1,94 @@ +From 9bee0dffaebbc53b9762df7a6d84a553969e7b00 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Fri, 3 Feb 2017 09:36:26 +0100 +Subject: [PATCH 3/8] Drop root priviledges before opening first savefile if + running with -Z root + +--- + tcpdump.1.in | 7 ++++++- + tcpdump.c | 30 ++++++++++++++++++++++++++++++ + 2 files changed, 36 insertions(+), 1 deletion(-) + +diff --git a/tcpdump.1.in b/tcpdump.1.in +index f04a579..ca5cff2 100644 +--- a/tcpdump.1.in ++++ b/tcpdump.1.in +@@ -249,6 +249,9 @@ have the name specified with the + flag, with a number after it, starting at 1 and continuing upward. + The units of \fIfile_size\fP are millions of bytes (1,000,000 bytes, + not 1,048,576 bytes). ++ ++Note that when used with \fB\-Z\fR option (enabled by default), privileges ++are dropped before opening first savefile. + .TP + .B \-d + Dump the compiled packet-matching code in a human readable form to +@@ -860,7 +863,9 @@ but before opening any savefiles for output, change the user ID to + and the group ID to the primary group of + .IR user . + .IP +-This behavior can also be enabled by default at compile time. ++This behavior is enabled by default (\fB\-Z tcpdump\fR), and can ++be disabled by \fB\-Z root\fR. ++ + .IP "\fI expression\fP" + .RS + selects which packets will be dumped. +diff --git a/tcpdump.c b/tcpdump.c +index 73bf138..29f7f87 100644 +--- a/tcpdump.c ++++ b/tcpdump.c +@@ -1133,6 +1133,7 @@ main(int argc, char **argv) + cap_rights_t rights; + int cansandbox; + #endif /* HAVE_CAPSICUM */ ++ int chown_flag = 0; + int Oflag = 1; /* run filter code optimizer */ + int yflag_dlt = -1; + const char *yflag_dlt_name = NULL; +@@ -1843,6 +1844,19 @@ main(int argc, char **argv) + } + capng_apply(CAPNG_SELECT_BOTH); + #endif /* HAVE_LIBCAP_NG */ ++ /* If user is running tcpdump as root and wants to write to the savefile, ++ * we will check if -C is set and if it is, we will drop root ++ * privileges right away and consequent call to>pcap_dump_open() ++ * will most likely fail for the first file. If -C flag is not set we ++ * will create file as root then change ownership of file to proper ++ * user(default tcpdump) and drop root privileges. ++ */ ++ if (WFileName) ++ if (Cflag && (username || chroot_dir)) ++ droproot(username, chroot_dir); ++ else ++ chown_flag = 1; ++ else + if (username || chroot_dir) + droproot(username, chroot_dir); + +@@ -1881,6 +1895,22 @@ main(int argc, char **argv) + MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, 0); + + p = pcap_dump_open(pd, dumpinfo.CurrentFileName); ++ ++ /* Change ownership of file and drop root privileges */ ++ if (chown_flag) { ++ struct passwd *pwd; ++ ++ pwd = getpwnam(username); ++ if (!pwd) ++ error("Couldn't find user '%s'", username); ++ ++ if (strcmp(WFileName, "-") && chown(dumpinfo.CurrentFileName, pwd->pw_uid, pwd->pw_gid) < 0) ++ error("Couldn't change ownership of savefile"); ++ ++ if (username || chroot_dir) ++ droproot(username, chroot_dir); ++ } ++ + #ifdef HAVE_LIBCAP_NG + /* Give up CAP_DAC_OVERRIDE capability. + * Only allow it to be restored if the -C or -G flag have been +-- +2.9.3 + diff --git a/SOURCES/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch b/SOURCES/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch new file mode 100644 index 0000000..d6973ac --- /dev/null +++ b/SOURCES/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch @@ -0,0 +1,88 @@ +From 954c235f6db6f601d732b6fce48d2e8183c05d49 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 14:43:04 +0200 +Subject: [PATCH 4/8] tcpslice: update tcpslice patch to 1.2a3 + +--- + tcpslice-1.2a3/search.c | 22 +++++++++++++++------- + tcpslice-1.2a3/tcpslice.h | 20 ++++++++++++++++++++ + 2 files changed, 35 insertions(+), 7 deletions(-) + +diff --git a/tcpslice-1.2a3/search.c b/tcpslice-1.2a3/search.c +index 1e2d051..23aa105 100644 +--- a/tcpslice-1.2a3/search.c ++++ b/tcpslice-1.2a3/search.c +@@ -53,7 +53,7 @@ static const char rcsid[] = + /* Size of a packet header in bytes; easier than typing the sizeof() all + * the time ... + */ +-#define PACKET_HDR_LEN (sizeof( struct pcap_pkthdr )) ++#define PACKET_HDR_LEN (sizeof( struct pcap_sf_pkthdr )) + + extern int snaplen; + +@@ -111,16 +111,24 @@ reasonable_header( struct pcap_pkthdr *hdr, time_t first_time, time_t last_time + static void + extract_header( pcap_t *p, u_char *buf, struct pcap_pkthdr *hdr ) + { +- memcpy((char *) hdr, (char *) buf, sizeof(struct pcap_pkthdr)); ++ struct pcap_sf_pkthdr hdri; ++ ++ memcpy((char *) &hdri, (char *) buf, sizeof(struct pcap_sf_pkthdr)); + + if ( pcap_is_swapped( p ) ) + { +- hdr->ts.tv_sec = SWAPLONG(hdr->ts.tv_sec); +- hdr->ts.tv_usec = SWAPLONG(hdr->ts.tv_usec); +- hdr->len = SWAPLONG(hdr->len); +- hdr->caplen = SWAPLONG(hdr->caplen); ++ hdr->ts.tv_sec = SWAPLONG(hdri.ts.tv_sec); ++ hdr->ts.tv_usec = SWAPLONG(hdri.ts.tv_usec); ++ hdr->len = SWAPLONG(hdri.len); ++ hdr->caplen = SWAPLONG(hdri.caplen); ++ } ++ else ++ { ++ hdr->ts.tv_sec = hdri.ts.tv_sec; ++ hdr->ts.tv_usec = hdri.ts.tv_usec; ++ hdr->len = hdri.len; ++ hdr->caplen = hdri.caplen; + } +- + /* + * From bpf/libpcap/savefile.c: + * +diff --git a/tcpslice-1.2a3/tcpslice.h b/tcpslice-1.2a3/tcpslice.h +index de4a01c..9dcd1a1 100644 +--- a/tcpslice-1.2a3/tcpslice.h ++++ b/tcpslice-1.2a3/tcpslice.h +@@ -20,6 +20,26 @@ + */ + + ++#include ++/* #include */ ++ ++/* ++ * This is a timeval as stored in disk in a dumpfile. ++ * It has to use the same types everywhere, independent of the actual ++ * `struct timeval' ++ */ ++ ++struct pcap_timeval { ++ bpf_int32 tv_sec; /* seconds */ ++ bpf_int32 tv_usec; /* microseconds */ ++}; ++ ++struct pcap_sf_pkthdr { ++ struct pcap_timeval ts; /* time stamp */ ++ bpf_u_int32 caplen; /* length of portion present */ ++ bpf_u_int32 len; /* length this packet (off wire) */ ++}; ++ + time_t gwtm2secs( struct tm *tm ); + + int sf_find_end( struct pcap *p, struct timeval *first_timestamp, +-- +2.9.3 + diff --git a/SOURCES/0005-tcpslice-remove-unneeded-include.patch b/SOURCES/0005-tcpslice-remove-unneeded-include.patch new file mode 100644 index 0000000..2413575 --- /dev/null +++ b/SOURCES/0005-tcpslice-remove-unneeded-include.patch @@ -0,0 +1,26 @@ +From d32956586bfb50b189132d5a15db8a50ef871278 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 15:06:54 +0200 +Subject: [PATCH 5/8] tcpslice: remove unneeded include + +net/bpf.h doesn't exist on Linux. +--- + tcpslice-1.2a3/tcpslice.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c +index e73d76f..895e54f 100644 +--- a/tcpslice-1.2a3/tcpslice.c ++++ b/tcpslice-1.2a3/tcpslice.c +@@ -35,8 +35,6 @@ static const char rcsid[] = + #include + #include + +-#include +- + #include + #ifdef HAVE_FCNTL_H + #include +-- +2.9.3 + diff --git a/SOURCES/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch b/SOURCES/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch new file mode 100644 index 0000000..60efc1c --- /dev/null +++ b/SOURCES/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch @@ -0,0 +1,27 @@ +From e159008d2f126d92112858269fb6b2fbca63ffc2 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 15:19:44 +0200 +Subject: [PATCH 6/8] tcpslice: don't test the pointer but pointee for NULL + +--- + tcpslice-1.2a3/tcpslice.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c +index 895e54f..a91439b 100644 +--- a/tcpslice-1.2a3/tcpslice.c ++++ b/tcpslice-1.2a3/tcpslice.c +@@ -402,7 +402,9 @@ fill_tm(char *time_string, int is_delta, struct tm *t, time_t *usecs_addr) + + while (isdigit(*t_stop)) + ++t_stop; +- if (! t_stop) ++ ++ if (!(*t_stop)) ++ /* we've reached end of string -> bad date format */ + error("bad date format %s, problem starting at %s", + time_string, t_start); + +-- +2.9.3 + diff --git a/SOURCES/0007-Introduce-nn-option.patch b/SOURCES/0007-Introduce-nn-option.patch new file mode 100644 index 0000000..1e64d8b --- /dev/null +++ b/SOURCES/0007-Introduce-nn-option.patch @@ -0,0 +1,55 @@ +From 9ea43c6c97d3653cb58c1934f8770b951917bf9a Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Mon, 20 Oct 2014 13:26:38 +0200 +Subject: [PATCH 7/8] Introduce -nn option + +This changes the semantics on -n option so only namelookups are skipped. Port +numbers *are* translated to their string representations. Option -nn then has +the same semantics as -n had originally. +--- + addrtoname.c | 4 ++-- + tcpdump.1.in | 6 +++++- + 2 files changed, 7 insertions(+), 3 deletions(-) + +diff --git a/addrtoname.c b/addrtoname.c +index 949acb7..9dd78d8 100644 +--- a/addrtoname.c ++++ b/addrtoname.c +@@ -810,7 +810,7 @@ init_servarray(netdissect_options *ndo) + + while (table->name) + table = table->nxt; +- if (ndo->ndo_nflag) { ++ if (ndo->ndo_nflag > 1) { + (void)snprintf(buf, sizeof(buf), "%d", port); + table->name = strdup(buf); + } else +@@ -1233,7 +1233,7 @@ init_addrtoname(netdissect_options *ndo, uint32_t localnet, uint32_t mask) + f_localnet = localnet; + f_netmask = mask; + } +- if (ndo->ndo_nflag) ++ if (ndo->ndo_nflag > 1) + /* + * Simplest way to suppress names. + */ +diff --git a/tcpdump.1.in b/tcpdump.1.in +index ca5cff2..c711a24 100644 +--- a/tcpdump.1.in ++++ b/tcpdump.1.in +@@ -547,7 +547,11 @@ Use \fIsecret\fP as a shared secret for validating the digests found in + TCP segments with the TCP-MD5 option (RFC 2385), if present. + .TP + .B \-n +-Don't convert addresses (i.e., host addresses, port numbers, etc.) to names. ++Don't convert host addresses to names. This can be used to avoid ++DNS lookups. ++.TP ++.B \-nn ++Don't convert protocol and port numbers etc. to names either. + .TP + .B \-N + Don't print domain name qualification of host names. +-- +2.9.3 + diff --git a/SOURCES/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch b/SOURCES/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch new file mode 100644 index 0000000..2e4551c --- /dev/null +++ b/SOURCES/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch @@ -0,0 +1,36 @@ +From d5508c13119404102104a3935e7445c9fddf79b5 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Fri, 3 Feb 2017 09:43:03 +0100 +Subject: [PATCH 8/8] Don't print out we dropped root, we are always dropping + it + +--- + tcpdump.c | 5 ----- + 1 file changed, 5 deletions(-) + +diff --git a/tcpdump.c b/tcpdump.c +index 29f7f87..18c4a5c 100644 +--- a/tcpdump.c ++++ b/tcpdump.c +@@ -618,8 +618,6 @@ droproot(const char *username, const char *chroot_dir) + int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG); + if (ret < 0) { + fprintf(stderr, "error : ret %d\n", ret); +- } else { +- fprintf(stderr, "dropped privs to %s\n", username); + } + } + #else +@@ -632,9 +630,6 @@ droproot(const char *username, const char *chroot_dir) + pcap_strerror(errno)); + exit_tcpdump(1); + } +- else { +- fprintf(stderr, "dropped privs to %s\n", username); +- } + #endif /* HAVE_LIBCAP_NG */ + } + else { +-- +2.9.3 + diff --git a/SOURCES/0009-Change-n-flag-to-nn-in-TESTonce.patch b/SOURCES/0009-Change-n-flag-to-nn-in-TESTonce.patch new file mode 100644 index 0000000..53a9556 --- /dev/null +++ b/SOURCES/0009-Change-n-flag-to-nn-in-TESTonce.patch @@ -0,0 +1,27 @@ +From 04e23aa3f91ff137237daf68f02e7b3c0c1a9168 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 11 Apr 2017 09:19:48 +0200 +Subject: [PATCH 09/13] Change -n flag to -nn in TESTonce + +We need to change this because we have a different meaning of -n +flag than upstream does. We use -nn in those cases. +--- + tests/TESTonce | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/TESTonce b/tests/TESTonce +index 7026624..e348701 100755 +--- a/tests/TESTonce ++++ b/tests/TESTonce +@@ -21,7 +21,7 @@ if ($^O eq 'MSWin32') { + else { + # we used to do this as a nice pipeline, but the problem is that $r fails to + # to be set properly if the tcpdump core dumps. +- $r = system "../tcpdump 2>/dev/null -n -t -r $input $options >NEW/$output"; ++ $r = system "../tcpdump 2>/dev/null -nn -t -r $input $options >NEW/$output"; + if($r != 0) { + # this means tcpdump failed. + open(OUTPUT, ">>"."NEW/$output") || die "fail to open $output\n"; +-- +2.13.5 + diff --git a/SOURCES/0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch b/SOURCES/0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch new file mode 100644 index 0000000..30502b8 --- /dev/null +++ b/SOURCES/0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch @@ -0,0 +1,45 @@ +From 0ae4aa1881bbe40443bff802b5e4aa6ca0696dd9 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 11 Apr 2017 09:37:53 +0200 +Subject: [PATCH 10/13] Expect miliseconds instead of seconds in icmp capture. + +Again this is caused by our patch, so we need to modify tests +accordingly. +--- + tests/icmpv6.out | 2 +- + tests/icmpv6_opt24-v.out | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tests/icmpv6.out b/tests/icmpv6.out +index bb7775e..8979540 100644 +--- a/tests/icmpv6.out ++++ b/tests/icmpv6.out +@@ -1,5 +1,5 @@ + IP6 (hlim 255, next-header ICMPv6 (58) payload length: 176) fe80::b299:28ff:fec8:d66c > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 176 +- hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0s, retrans time 0s ++ hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0ms, retrans time 0ms + prefix info option (3), length 32 (4): 2222:3333:4444:5555:6600::/72, Flags [onlink, auto], valid time 2592000s, pref. time 604800s + 0x0000: 48c0 0027 8d00 0009 3a80 0000 0000 2222 + 0x0010: 3333 4444 5555 6600 0000 0000 0000 +diff --git a/tests/icmpv6_opt24-v.out b/tests/icmpv6_opt24-v.out +index 2b7cf09..00512df 100644 +--- a/tests/icmpv6_opt24-v.out ++++ b/tests/icmpv6_opt24-v.out +@@ -1,5 +1,5 @@ + IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120 +- hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s ++ hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms + source link-address option (1), length 8 (1): 14:cf:92:87:23:d6 + mtu option (5), length 8 (1): 1500 + prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s +@@ -7,7 +7,7 @@ IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87 + rdnss option (25), length 24 (3): lifetime 1800s, addr: fd8d:4fb3:5b2e::1 + dnssl option (31), length 16 (2): lifetime 1800s, domain(s): lan. + IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120 +- hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s ++ hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms + source link-address option (1), length 8 (1): 14:cf:92:87:23:d6 + mtu option (5), length 8 (1): 1500 + prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s +-- +2.13.5 diff --git a/SOURCES/0011-Evp-cipher-buffers.patch b/SOURCES/0011-Evp-cipher-buffers.patch new file mode 100644 index 0000000..a271419 --- /dev/null +++ b/SOURCES/0011-Evp-cipher-buffers.patch @@ -0,0 +1,133 @@ +diff --git a/print-esp.c b/print-esp.c +index 511ee8a3..5b282526 100644 +--- a/print-esp.c ++++ b/print-esp.c +@@ -192,8 +192,8 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo, + const u_char *iv; + unsigned int len; + EVP_CIPHER_CTX *ctx; +- unsigned int block_size, output_buffer_size; +- u_char *output_buffer; ++ unsigned int block_size, buffer_size; ++ u_char *input_buffer, *output_buffer; + + /* initiator arg is any non-zero value */ + if(initiator) initiator=1; +@@ -228,19 +228,41 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo, + (*ndo->ndo_warning)(ndo, "espkey init failed"); + set_cipher_parameters(ctx, NULL, NULL, iv, 0); + /* +- * Allocate a buffer for the decrypted data. +- * The output buffer must be separate from the input buffer, and +- * its size must be a multiple of the cipher block size. ++ * Allocate buffers for the encrypted and decrypted data. ++ * Both buffers' sizes must be a multiple of the cipher block ++ * size, and the output buffer must be separate from the input ++ * buffer. + */ + block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx); +- output_buffer_size = len + (block_size - len % block_size); +- output_buffer = (u_char *)malloc(output_buffer_size); ++ buffer_size = len + (block_size - len % block_size); ++ ++ /* ++ * Attempt to allocate the input buffer. ++ */ ++ input_buffer = (u_char *)malloc(buffer_size); ++ if (input_buffer == NULL) { ++ (*ndo->ndo_warning)(ndo, "can't allocate memory for encrypted data buffer"); ++ EVP_CIPHER_CTX_free(ctx); ++ return 0; ++ } ++ /* ++ * Copy the input data to the encrypted data buffer, and pad it ++ * with zeroes. ++ */ ++ memcpy(input_buffer, buf, len); ++ memset(input_buffer + len, 0, buffer_size - len); ++ ++ /* ++ * Attempt to allocate the output buffer. ++ */ ++ output_buffer = (u_char *)malloc(buffer_size); + if (output_buffer == NULL) { + (*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer"); ++ free(input_buffer); + EVP_CIPHER_CTX_free(ctx); + return 0; + } +- EVP_Cipher(ctx, output_buffer, buf, len); ++ EVP_Cipher(ctx, output_buffer, input_buffer, buffer_size); + EVP_CIPHER_CTX_free(ctx); + + /* +@@ -249,6 +272,7 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo, + * but changing this would require a more complicated fix. + */ + memcpy(buf, output_buffer, len); ++ free(input_buffer); + free(output_buffer); + + ndo->ndo_packetp = buf; +@@ -666,8 +690,8 @@ esp_print(netdissect_options *ndo, + const u_char *ivoff; + const u_char *p; + EVP_CIPHER_CTX *ctx; +- unsigned int block_size, output_buffer_size; +- u_char *output_buffer; ++ unsigned int block_size, buffer_size; ++ u_char *input_buffer, *output_buffer; + #endif + + esp = (const struct newesp *)bp; +@@ -784,21 +808,43 @@ esp_print(netdissect_options *ndo, + len = ep - (p + ivlen); + + /* +- * Allocate a buffer for the decrypted data. +- * The output buffer must be separate from the +- * input buffer, and its size must be a multiple +- * of the cipher block size. ++ * Allocate buffers for the encrypted and decrypted ++ * data. Both buffers' sizes must be a multiple of ++ * the cipher block size, and the output buffer must ++ * be separate from the input buffer. + */ + block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx); +- output_buffer_size = len + (block_size - len % block_size); +- output_buffer = (u_char *)malloc(output_buffer_size); ++ buffer_size = len + (block_size - len % block_size); ++ ++ /* ++ * Attempt to allocate the input buffer. ++ */ ++ input_buffer = (u_char *)malloc(buffer_size); ++ if (input_buffer == NULL) { ++ (*ndo->ndo_warning)(ndo, "can't allocate memory for encrypted data buffer"); ++ EVP_CIPHER_CTX_free(ctx); ++ return 0; ++ } ++ /* ++ * Copy the input data to the encrypted data buffer, ++ * and pad it with zeroes. ++ */ ++ memcpy(input_buffer, p + ivlen, len); ++ memset(input_buffer + len, 0, buffer_size - len); ++ ++ /* ++ * Attempt to allocate the output buffer. ++ */ ++ output_buffer = (u_char *)malloc(buffer_size); + if (output_buffer == NULL) { + (*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer"); ++ free(input_buffer); + EVP_CIPHER_CTX_free(ctx); + return -1; + } + +- EVP_Cipher(ctx, output_buffer, p + ivlen, len); ++ EVP_Cipher(ctx, output_buffer, input_buffer, len); ++ free(input_buffer); + EVP_CIPHER_CTX_free(ctx); + /* + * XXX - of course this is wrong, because buf is a diff --git a/SOURCES/0012-Add-printing-support-for-vsockmon-devices.patch b/SOURCES/0012-Add-printing-support-for-vsockmon-devices.patch new file mode 100644 index 0000000..0808c3e --- /dev/null +++ b/SOURCES/0012-Add-printing-support-for-vsockmon-devices.patch @@ -0,0 +1,318 @@ +From 66a5b93dee386bc2f57033a150341752923b8b41 Mon Sep 17 00:00:00 2001 +From: Gerard Garcia +Date: Tue, 14 Jun 2016 16:45:44 +0200 +Subject: [PATCH 13/13] Add printing support for vsockmon devices. + +Print Linux 4.12 vsockmon captures: + + # modprobe vsockmon + # ip link add type vsockmon + # ip link set vsockmon0 up + # tcpdump -i vsockmon0 + 16:25:24.987917 VIRTIO 3.1025 > 2.1234 CONNECT, length 76 + 16:25:24.987963 VIRTIO 2.1234 > 3.1025 CONNECT, length 76 + 16:25:26.568271 VIRTIO 3.1025 > 2.1234 PAYLOAD, length 82 + 16:25:26.568512 VIRTIO 2.1234 > 3.1025 CONTROL, length 76 + 16:25:28.411335 VIRTIO 3.1025 > 2.1234 DISCONNECT, length 76 + 16:25:28.411628 VIRTIO 2.1234 > 3.1025 DISCONNECT, length 76 + +For more information about vsock see: +http://wiki.qemu.org/Features/VirtioVsock +--- + Makefile.in | 1 + + netdissect.h | 1 + + print-vsock.c | 243 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + print.c | 3 + + 4 files changed, 248 insertions(+) + create mode 100644 print-vsock.c + +diff --git a/Makefile.in b/Makefile.in +index 0941f0e..a301878 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -226,6 +226,7 @@ LIBNETDISSECT_SRC=\ + print-vjc.c \ + print-vqp.c \ + print-vrrp.c \ ++ print-vsock.c \ + print-vtp.c \ + print-vxlan.c \ + print-vxlan-gpe.c \ +diff --git a/netdissect.h b/netdissect.h +index 089b040..c89fcf1 100644 +--- a/netdissect.h ++++ b/netdissect.h +@@ -444,6 +444,7 @@ extern u_int symantec_if_print IF_PRINTER_ARGS; + extern u_int token_if_print IF_PRINTER_ARGS; + extern u_int usb_linux_48_byte_print IF_PRINTER_ARGS; + extern u_int usb_linux_64_byte_print IF_PRINTER_ARGS; ++extern u_int vsock_print IF_PRINTER_ARGS; + + /* + * Structure passed to some printers to allow them to print +diff --git a/print-vsock.c b/print-vsock.c +new file mode 100644 +index 0000000..fc5694d +--- /dev/null ++++ b/print-vsock.c +@@ -0,0 +1,243 @@ ++/* ++ * Copyright (c) 2016 Gerard Garcia ++ * Copyright (c) 2017 Red Hat, Inc. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * 3. The names of the authors may not be used to endorse or promote ++ * products derived from this software without specific prior ++ * written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR ++ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED ++ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. ++ */ ++ ++/* \summary: Linux vsock printer */ ++ ++#ifdef HAVE_CONFIG_H ++#include "config.h" ++#endif ++ ++#include ++#include ++ ++#include "netdissect.h" ++#include "extract.h" ++ ++static const char tstr[] = " [|vsock]"; ++ ++enum af_vsockmon_transport { ++ AF_VSOCK_TRANSPORT_UNKNOWN = 0, ++ AF_VSOCK_TRANSPORT_NO_INFO = 1, /* No transport information */ ++ AF_VSOCK_TRANSPORT_VIRTIO = 2, /* Virtio transport header */ ++}; ++ ++static const struct tok vsock_transport[] = { ++ {AF_VSOCK_TRANSPORT_UNKNOWN, "UNKNOWN"}, ++ {AF_VSOCK_TRANSPORT_NO_INFO, "NO_INFO"}, ++ {AF_VSOCK_TRANSPORT_VIRTIO, "VIRTIO"}, ++ { 0, NULL } ++}; ++ ++enum af_vsockmon_op { ++ AF_VSOCK_OP_UNKNOWN = 0, ++ AF_VSOCK_OP_CONNECT = 1, ++ AF_VSOCK_OP_DISCONNECT = 2, ++ AF_VSOCK_OP_CONTROL = 3, ++ AF_VSOCK_OP_PAYLOAD = 4, ++}; ++ ++static const struct tok vsock_op[] = { ++ {AF_VSOCK_OP_UNKNOWN, "UNKNOWN"}, ++ {AF_VSOCK_OP_CONNECT, "CONNECT"}, ++ {AF_VSOCK_OP_DISCONNECT, "DISCONNECT"}, ++ {AF_VSOCK_OP_CONTROL, "CONTROL"}, ++ {AF_VSOCK_OP_PAYLOAD, "PAYLOAD"}, ++ { 0, NULL } ++}; ++ ++enum virtio_vsock_type { ++ VIRTIO_VSOCK_TYPE_STREAM = 1, ++}; ++ ++static const struct tok virtio_type[] = { ++ {VIRTIO_VSOCK_TYPE_STREAM, "STREAM"}, ++ { 0, NULL } ++}; ++ ++enum virtio_vsock_op { ++ VIRTIO_VSOCK_OP_INVALID = 0, ++ VIRTIO_VSOCK_OP_REQUEST = 1, ++ VIRTIO_VSOCK_OP_RESPONSE = 2, ++ VIRTIO_VSOCK_OP_RST = 3, ++ VIRTIO_VSOCK_OP_SHUTDOWN = 4, ++ VIRTIO_VSOCK_OP_RW = 5, ++ VIRTIO_VSOCK_OP_CREDIT_UPDATE = 6, ++ VIRTIO_VSOCK_OP_CREDIT_REQUEST = 7, ++}; ++ ++static const struct tok virtio_op[] = { ++ {VIRTIO_VSOCK_OP_INVALID, "INVALID"}, ++ {VIRTIO_VSOCK_OP_REQUEST, "REQUEST"}, ++ {VIRTIO_VSOCK_OP_RESPONSE, "RESPONSE"}, ++ {VIRTIO_VSOCK_OP_RST, "RST"}, ++ {VIRTIO_VSOCK_OP_SHUTDOWN, "SHUTDOWN"}, ++ {VIRTIO_VSOCK_OP_RW, "RW"}, ++ {VIRTIO_VSOCK_OP_CREDIT_UPDATE, "CREDIT UPDATE"}, ++ {VIRTIO_VSOCK_OP_CREDIT_REQUEST, "CREDIT REQUEST"}, ++ { 0, NULL } ++}; ++ ++/* All fields are little-endian */ ++ ++struct virtio_vsock_hdr { ++ uint64_t src_cid; ++ uint64_t dst_cid; ++ uint32_t src_port; ++ uint32_t dst_port; ++ uint32_t len; ++ uint16_t type; /* enum virtio_vsock_type */ ++ uint16_t op; /* enum virtio_vsock_op */ ++ uint32_t flags; ++ uint32_t buf_alloc; ++ uint32_t fwd_cnt; ++} UNALIGNED; ++ ++struct af_vsockmon_hdr { ++ uint64_t src_cid; ++ uint64_t dst_cid; ++ uint32_t src_port; ++ uint32_t dst_port; ++ uint16_t op; /* enum af_vsockmon_op */ ++ uint16_t transport; /* enum af_vosckmon_transport */ ++ uint16_t len; /* size of transport header */ ++ uint8_t reserved[2]; ++}; ++ ++static void ++vsock_virtio_hdr_print(netdissect_options *ndo, const struct virtio_vsock_hdr *hdr) ++{ ++ uint16_t u16_v; ++ uint32_t u32_v; ++ ++ u32_v = EXTRACT_LE_32BITS(&hdr->len); ++ ND_PRINT((ndo, "len %u", u32_v)); ++ ++ u16_v = EXTRACT_LE_16BITS(&hdr->type); ++ ND_PRINT((ndo, ", type %s", ++ tok2str(virtio_type, "Invalid type (%hu)", u16_v))); ++ ++ u16_v = EXTRACT_LE_16BITS(&hdr->op); ++ ND_PRINT((ndo, ", op %s", ++ tok2str(virtio_op, "Invalid op (%hu)", u16_v))); ++ ++ u32_v = EXTRACT_LE_32BITS(&hdr->flags); ++ ND_PRINT((ndo, ", flags %x", u32_v)); ++ ++ u32_v = EXTRACT_LE_32BITS(&hdr->buf_alloc); ++ ND_PRINT((ndo, ", buf_alloc %u", u32_v)); ++ ++ u32_v = EXTRACT_LE_32BITS(&hdr->fwd_cnt); ++ ND_PRINT((ndo, ", fwd_cnt %u", u32_v)); ++} ++ ++static size_t ++vsock_transport_hdr_size(uint16_t transport) ++{ ++ switch (transport) { ++ case AF_VSOCK_TRANSPORT_VIRTIO: ++ return sizeof(struct virtio_vsock_hdr); ++ default: ++ return 0; ++ } ++} ++ ++static void ++vsock_transport_hdr_print(netdissect_options *ndo, uint16_t transport, ++ const u_char *p, const u_int len) ++{ ++ size_t transport_size = vsock_transport_hdr_size(transport); ++ const void *hdr; ++ ++ if (len < sizeof(struct af_vsockmon_hdr) + transport_size) ++ return; ++ ++ hdr = p + sizeof(struct af_vsockmon_hdr); ++ switch (transport) { ++ case AF_VSOCK_TRANSPORT_VIRTIO: ++ ND_PRINT((ndo, " (")); ++ vsock_virtio_hdr_print(ndo, hdr); ++ ND_PRINT((ndo, ")")); ++ break; ++ default: ++ break; ++ } ++} ++ ++static void ++vsock_hdr_print(netdissect_options *ndo, const u_char *p, const u_int len) ++{ ++ uint16_t hdr_transport, hdr_op; ++ uint32_t hdr_src_port, hdr_dst_port; ++ uint64_t hdr_src_cid, hdr_dst_cid; ++ size_t total_hdr_size; ++ ++ const struct af_vsockmon_hdr *hdr = (struct af_vsockmon_hdr *)p; ++ ++ hdr_transport = EXTRACT_LE_16BITS(&hdr->transport); ++ ND_PRINT((ndo, "%s", ++ tok2str(vsock_transport, "Invalid transport (%u)", ++ hdr_transport))); ++ ++ /* If verbose level is more than 0 print transport details */ ++ if (ndo->ndo_vflag) { ++ vsock_transport_hdr_print(ndo, hdr_transport, p, len); ++ ND_PRINT((ndo, "\n\t")); ++ } else ++ ND_PRINT((ndo, " ")); ++ ++ hdr_src_cid = EXTRACT_LE_64BITS(&hdr->src_cid); ++ hdr_dst_cid = EXTRACT_LE_64BITS(&hdr->dst_cid); ++ hdr_src_port = EXTRACT_LE_32BITS(&hdr->src_port); ++ hdr_dst_port = EXTRACT_LE_32BITS(&hdr->dst_port); ++ hdr_op = EXTRACT_LE_16BITS(&hdr->op); ++ ND_PRINT((ndo, "%lu.%hu > %lu.%hu %s, length %u", ++ hdr_src_cid, hdr_src_port, ++ hdr_dst_cid, hdr_dst_port, ++ tok2str(vsock_op, " invalid op (%u)", hdr_op), ++ len)); ++ ++ /* If debug level is more than 1 print payload contents */ ++ total_hdr_size = sizeof(struct af_vsockmon_hdr) + ++ vsock_transport_hdr_size(hdr_transport); ++ if (ndo->ndo_vflag > 1 && ++ hdr_op == AF_VSOCK_OP_PAYLOAD && ++ len > total_hdr_size) { ++ const u_char *payload = p + total_hdr_size; ++ ++ ND_PRINT((ndo, "\n")); ++ print_unknown_data(ndo, payload, "\t", len - total_hdr_size); ++ } ++} ++ ++u_int ++vsock_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char *cp) ++{ ++ u_int len = h->len; ++ ++ if (len < sizeof(struct af_vsockmon_hdr)) ++ ND_PRINT((ndo, "%s", tstr)); ++ else ++ vsock_hdr_print(ndo, cp, len); ++ ++ return len; ++} +diff --git a/print.c b/print.c +index c76f344..1945cfd 100644 +--- a/print.c ++++ b/print.c +@@ -220,6 +220,9 @@ static const struct printer printers[] = { + #ifdef DLT_PPP_SERIAL + { ppp_hdlc_if_print, DLT_PPP_SERIAL }, + #endif ++#ifdef DLT_VSOCK ++ { vsock_print, DLT_VSOCK }, ++#endif + { NULL, 0 }, + }; + +-- +2.13.5 + diff --git a/SOURCES/0013-tcpslice-stdlib.patch b/SOURCES/0013-tcpslice-stdlib.patch new file mode 100644 index 0000000..fc14ed2 --- /dev/null +++ b/SOURCES/0013-tcpslice-stdlib.patch @@ -0,0 +1,12 @@ +diff --git a/tcpslice-1.2a3/util.c b/tcpslice-1.2a3/util.c +index cebaa5b..cada4c1 100644 +--- a/tcpslice-1.2a3/util.c ++++ b/tcpslice-1.2a3/util.c +@@ -27,6 +27,7 @@ static const char rcsid[] = + #include + + #include ++#include + #if __STDC__ + #include + #else diff --git a/SOURCES/tcpdump-4.9.2.tar.gz.sig b/SOURCES/tcpdump-4.9.2.tar.gz.sig new file mode 100644 index 0000000000000000000000000000000000000000..6456b348dab2b183bbaea78235abcb7653a72646 GIT binary patch literal 442 zcmV;r0Y(0a0k;GI0SEvc79j*57HU^QtGVDLnvF2viQe(q!Cegn0$Ht(7yt?h5a5a4 z@!7#$4M;c)AgDC~CV8>3^xdUrckOV7a-5_T05ZU{6kI#FTB5=5jpO~@e{zdxW-AS( zA>8w@c^98;l$~#2h0|t}K7=D;wKE-CzILSK1$K-r-T7bl@2p^b(EVu^o4<>cput09 z-zi0e57YQQNweCNQ95W3g5aWleR7jfQ|Z{=83Q-sw{sb`FKDoY%2Vpv6}7z5MUP7P z@JQIRCQ^gw5YyI1T71|YO1g#Bgp0eit^5Q`?>7Ba58!1uW}Vq{)AN8$YH!f4}5vh<4UT}PV@=iT8e`=yp->LPg_ zKSE#~6%~FkeXJ&OQuOfOm0nMfZuy3>y#wQr3HS;GIR{D zWNY1zz@;shoFH&-BCM6D@FTkQ+dj)3L?1Tpc7`$r%O616GHR2^S#ve k>c+IQlNIxzC%MEW2A$)CM4nX{geu{O*3V!#w)~-fos#X>e*gdg literal 0 HcmV?d00001 diff --git a/SPECS/tcpdump.spec b/SPECS/tcpdump.spec new file mode 100644 index 0000000..b647894 --- /dev/null +++ b/SPECS/tcpdump.spec @@ -0,0 +1,694 @@ +Summary: A network traffic monitoring tool +Name: tcpdump +Epoch: 14 +Version: 4.9.2 +Release: 5%{?dist} +License: BSD with advertising +URL: http://www.tcpdump.org +Group: Applications/Internet +Requires(pre): shadow-utils +BuildRequires: automake openssl-devel libpcap-devel git-core + +Source0: http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz +Source1: ftp://ftp.ee.lbl.gov/tcpslice-1.2a3.tar.gz +Source2: http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz.sig + +Patch0001: 0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch +Patch0002: 0002-Use-getnameinfo-instead-of-gethostbyaddr.patch +Patch0003: 0003-Drop-root-priviledges-before-opening-first-savefile-.patch +Patch0004: 0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch +Patch0005: 0005-tcpslice-remove-unneeded-include.patch +Patch0006: 0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch +Patch0007: 0007-Introduce-nn-option.patch +Patch0008: 0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch +Patch0009: 0009-Change-n-flag-to-nn-in-TESTonce.patch +Patch0010: 0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch +Patch0011: 0011-Evp-cipher-buffers.patch +Patch0012: 0012-Add-printing-support-for-vsockmon-devices.patch +Patch0013: 0013-tcpslice-stdlib.patch + +%define tcpslice_dir tcpslice-1.2a3 + +%description +Tcpdump is a command-line tool for monitoring network traffic. +Tcpdump can capture and display the packet headers on a particular +network interface or on all interfaces. Tcpdump can display all of +the packet headers, or just the ones that match particular criteria. + +Install tcpdump if you need a program to monitor network traffic. + +%prep +%autosetup -a 1 -S git + +%build +export CFLAGS="$RPM_OPT_FLAGS $(getconf LFS_CFLAGS) -fno-strict-aliasing" + +pushd %{tcpslice_dir} +# update config.{guess,sub} +automake -a -f 2> /dev/null || : +%configure +make %{?_smp_mflags} +popd + +%configure --with-crypto --with-user=tcpdump --without-smi +make %{?_smp_mflags} + +%check +make check + +%install +mkdir -p ${RPM_BUILD_ROOT}%{_libdir} +mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man8 +mkdir -p ${RPM_BUILD_ROOT}%{_sbindir} + +pushd %{tcpslice_dir} +install -m755 tcpslice ${RPM_BUILD_ROOT}%{_sbindir} +install -m644 tcpslice.1 ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpslice.8 +popd + +install -m755 tcpdump ${RPM_BUILD_ROOT}%{_sbindir} +install -m644 tcpdump.1 ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdump.8 + +# fix section numbers +sed -i 's/\(\.TH[a-zA-Z ]*\)[1-9]\(.*\)/\18\2/' \ + ${RPM_BUILD_ROOT}%{_mandir}/man8/* + +%pre +/usr/sbin/groupadd -g 72 tcpdump 2> /dev/null +/usr/sbin/useradd -u 72 -g 72 -s /sbin/nologin -M -r \ + -d / tcpdump 2> /dev/null +exit 0 + +%files +%defattr(-,root,root) +%license LICENSE +%doc README.md CHANGES CREDITS +%{_sbindir}/tcpdump +%{_sbindir}/tcpslice +%{_mandir}/man8/tcpslice.8* +%{_mandir}/man8/tcpdump.8* + +%changelog +* Wed Sep 26 2018 Michal Ruprich - 14:4.9.2-5 +- Resolves: #1602710 - Please review important issues found by covscan + +* Thu Jun 21 2018 Michal Ruprich - 14:4.9.2-4 +- Removing build-time dependency on sharutils(rhbz#1587877) +- Changing git dependency to smaller git-core + +* Thu Jun 07 2018 Michal Ruprich - 14:4.9.2-3 +- Adding support for VSOCK (rhbz#1587831) + +* Fri Feb 09 2018 Fedora Release Engineering - 14:4.9.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Sep 05 2017 Martin Sehnoutka - 14:4.9.2-1 +- New upstream release 4.9.2 + +* Thu Aug 03 2017 Fedora Release Engineering - 14:4.9.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Mon Jul 31 2017 Florian Weimer - 14:4.9.1-2 +- Rebuild with binutils fix for ppc64le (#1475636) + +* Wed Jul 26 2017 Martin Sehnoutka - 14:4.9.1-1 +- New upstream release 4.9.1 + +* Sat Feb 11 2017 Fedora Release Engineering - 14:4.9.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Feb 03 2017 Martin Sehnoutka - 14:4.9.0-1 +- New upstream version 4.9.0 + +* Mon Oct 31 2016 Luboš Uhliarik - 14:4.8.1-1 +- new version 4.8.1 + +* Tue Aug 09 2016 Luboš Uhliarik - 14:4.8.0-1 +- new version 4.8.0 + +* Fri Feb 05 2016 Fedora Release Engineering - 14:4.7.4-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Jun 29 2015 Michal Sekletar - 14:4.7.4-3 +- prevent sefaulting by properly initializing chown_flag variable (#1223329) + +* Fri Jun 19 2015 Fedora Release Engineering - 14:4.7.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue May 5 2015 Michal Sekletar - 14:4.7.4-1 +- rebase to 4.7.4 (#1214753) + +* Wed Mar 25 2015 Michal Sekletar - 14:4.7.3-1 +- rebase to 4.7.3 (#1201573) +- contains fixes for CVE-2015-0261 CVE-2015-2154 CVE-2015-2153 CVE-2015-2155 (#1201799,#1201792,#1201795,#1201797) + +* Wed Dec 03 2014 Michal Sekletar - 14:4.6.2-3 +- fix for CVE-2014-9140 + +* Thu Nov 20 2014 Michal Sekletar - 14:4.6.2-2 +- fix for CVE-2014-8767 (#1165160) +- fix for CVE-2014-8768 (#1165161) +- fix for CVE-2014-8769 (#1165162) + +* Mon Oct 20 2014 Michal Sekletar - 14:4.6.2-1 +- update to 4.6.2 (#1124289) + +* Mon Aug 18 2014 Fedora Release Engineering - 14:4.5.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sun Jun 08 2014 Fedora Release Engineering - 14:4.5.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Nov 28 2013 Michal Sekletar - 14:4.5.1-1 +- update to 4.5.1 + +* Fri Nov 08 2013 Michal Sekletar - 14:4.5.0-1.20131108gitb07944a +- update to snaphot gitb07944a + +* Mon Oct 7 2013 Michal Sekletar - 14:4.4.0-3 +- don't try to change ownership of stdout (#1015767) + +* Sun Aug 04 2013 Fedora Release Engineering - 14:4.4.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Thu Jun 06 2013 Michal Sekletar - 14:4.4.0-1 +- update to 4.4.0 + +* Fri Feb 15 2013 Fedora Release Engineering - 14:4.3.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Sat Jul 21 2012 Fedora Release Engineering - 14:4.3.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Wed Jun 13 2012 Michal Sekletar - 14:4.3.0-1 +- Update to 4.3.0 + +* Wed May 16 2012 Michal Sekletar +- Resolves: #809638 +- created savefile has proper owner + +* Sat Jan 14 2012 Fedora Release Engineering - 14:4.2.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Jan 03 2012 Jan Synáček - 14:4.2.1-1 +- Update to 4.2.1 +- Remove ppi.h from sources (readded again in upstream tarball) + +* Fri Dec 02 2011 Michal Sekletar - 14:4.2.0-1 +- updated to 4.2.0 +- added new source file ppi.h, missing in upstream tarball +- disabled make check because of missing .pcap files in testsuite +- dropped unnecessary patches + +* Wed Aug 24 2011 Michal Sekletar - 14:4.1.1-3 +- Fix manpage (#663739) +- Fix improper handling of bad date format in tcpslice (#684005) +- Spec file clean up + +* Wed Feb 09 2011 Fedora Release Engineering - 14:4.1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Tue Apr 06 2010 Miroslav Lichvar - 14:4.1.1-1 +- update to 4.1.1 +- add %%check + +* Wed Sep 23 2009 Miroslav Lichvar - 14:4.0.0-3.20090921gitdf3cb4 +- update to snapshot 20090921gitdf3cb4 + +* Fri Aug 21 2009 Tomas Mraz - 14:4.0.0-2.20090818git832d2c +- rebuilt with new openssl + +* Thu Aug 20 2009 Miroslav Lichvar - 14:4.0.0-1.20090818git832d2c +- update to post 4.0.0 git snapshot 20090818git832d2c +- print retrans and reachable times in ICMPv6 as milliseconds (#474264) + +* Sun Jul 26 2009 Fedora Release Engineering - 14:3.9.8-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Wed Feb 25 2009 Fedora Release Engineering - 14:3.9.8-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Tue Jan 20 2009 Miroslav Lichvar - 14:3.9.8-7 +- rebuild for new openssl +- convert CREDITS to UTF-8 (#226481) + +* Fri Aug 29 2008 Miroslav Lichvar - 14:3.9.8-6 +- rediff patches with fuzz +- add -fno-strict-aliasing to CFLAGS + +* Mon Jun 02 2008 Miroslav Lichvar - 14:3.9.8-5 +- update config.{guess,sub} when building tcpslice +- remove -D_GNU_SOURCE from CFLAGS +- disable libsmi check in configure + +* Wed Feb 13 2008 Miroslav Lichvar - 14:3.9.8-4 +- fix building with new glibc headers + +* Thu Dec 06 2007 Miroslav Lichvar - 14:3.9.8-3 +- update IKEv2 support + +* Thu Dec 6 2007 Jeremy Katz - 14:3.9.8-2 +- rebuild for new openssl + +* Wed Oct 24 2007 Miroslav Lichvar - 14:3.9.8-1 +- update to 3.9.8 +- don't use gethostbyaddr +- fix default user in man page + +* Tue Sep 18 2007 Miroslav Lichvar - 14:3.9.7-5 +- support decoding IKEv2 packets + +* Wed Aug 22 2007 Miroslav Lichvar - 14:3.9.7-4 +- rebuild + +* Thu Aug 09 2007 Miroslav Lichvar - 14:3.9.7-3 +- enable crypto support on 64-bit architectures +- update license tag + +* Wed Jul 25 2007 Jeremy Katz - 14:3.9.7-2 +- rebuild for toolchain bug + +* Tue Jul 24 2007 Miroslav Lichvar - 14:3.9.7-1 +- update to 3.9.7 +- with -C option, drop root privileges before opening first savefile (#244860) +- update tcpslice to 1.2a3 +- include time patch from Debian to fix tcpslice on 64-bit architectures + +* Thu Mar 15 2007 Miroslav Lichvar - 14:3.9.5-3 +- fix buffer overflow in 802.11 printer (#232349, CVE-2007-1218) +- spec cleanup (#226481) + +* Tue Dec 12 2006 Miroslav Lichvar - 14:3.9.5-2 +- use tcpdump user, fix scriptlet (#219268) + +* Wed Nov 29 2006 Miroslav Lichvar - 14:3.9.5-1 +- split off libpcap and arpwatch (#193657) +- update to 3.9.5 +- force linking with system libpcap + +* Fri Nov 17 2006 Miroslav Lichvar - 14:3.9.4-9 +- fix processing of Prism and AVS headers (#206686) +- fix arp2ethers script +- update ethercodes.dat +- move pcap man page to devel package + +* Wed Jul 12 2006 Jesse Keating - 14:3.9.4-8.1 +- rebuild + +* Thu Jun 22 2006 Martin Stransky - 14:3.9.4-8 +- more ipv6 flags + +* Sun Jun 4 2006 Jeremy Katz - 14:3.9.4-7 +- fix libpcap-devel inclusion of .so and its deps (#193189) + +* Thu Jun 1 2006 Martin Stransky - 14:3.9.4-6 +- added release to arpwatch package name + +* Wed May 31 2006 Martin Stransky - 14:3.9.4-5 +- removed libpcap-devel dependency from libpcap + +* Mon May 29 2006 Martin Stransky - 14:3.9.4-4 +- added libpcap-devel package (#193189) + +* Tue Mar 28 2006 Martin Stransky - 14:3.9.4-3 +- updated ethernet codes (#186633) + +* Fri Feb 10 2006 Jesse Keating - 14:3.9.4-2.2 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 14:3.9.4-2.1 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Tue Dec 20 2005 Martin Stransky - 14:3.9.4-2 +- fix for #176010 - file owner problem when using 'ring buffer + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Thu Nov 10 2005 Martin Stransky - 14:3.9.4-1 +- new upstream + +* Thu Nov 10 2005 Tomas Mraz - 14:3.9.3-5 +- rebuilt against new openssl + +* Wed Nov 9 2005 Martin Stransky - 14:3.9.3-4 +- rebuilt + +* Tue Aug 9 2005 Jeremy Katz - 14:3.9.3-3 +- remove explicit kernel dep for libpcap too + +* Tue Jul 26 2005 Martin Stransky - 14:3.9.3-2 +- fixed typo in last patch + +* Tue Jul 26 2005 Martin Stransky - 14:3.9.3-1 +- New upstream version - 3.9.3 +- fix for #164227 (buffer overflow) +- fix for #164230 (missing debug info) + +* Thu Jul 14 2005 Martin Stransky - 14:3.9.1-1 +- New upstream version + +* Tue Jun 21 2005 Martin Stransky - 14:3.8.2-14 +- add shadow-utils to Prereq (#160643) + +* Tue Jun 7 2005 Martin Stransky - 14:3.8.2-13 +- fix for CAN-2005-1267 - BGP DoS, #159209 + +* Thu Apr 28 2005 Martin Stransky - 14:3.8.2-12 +- fix for CAN-2005-1280 Multiple DoS issues in tcpdump + (CAN-2005-1279 CAN-2005-1278), #156041 + +* Mon Mar 7 2005 Martin Stransky +- rebuilt + +* Mon Feb 14 2005 Martin Stransky - 14:3.8.2-10 +- remove explicit kernel dependecy (#146165) +- support for files larger than 2GB (#147840) + +* Fri Feb 11 2005 Ivana Varekova - 14:3.8.2-9 +- added arpsnmp options to specify sender and recipient + and corrected arpwatch and arpsnmp man pages (#70386) + +* Thu Feb 10 2005 Ivana Varekova - 14:3.8.2-8 +- rebuilt + +* Tue Oct 12 2004 Harald Hoyer - 14:3.8.2-7 +- fixed nfs protocol parsing for 64 bit architectures (bug 132781) + +* Wed Sep 15 2004 Harald Hoyer - 14:3.8.2-6 +- added libpcap-0.8.3-ppp.patch for ppp (bug 128053) + +* Wed Jun 23 2004 Elliot Lee +- added flex to BuildRequires + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Sun May 30 2004 Florian La Roche +- simplify rpm scripts + +* Tue Apr 6 2004 Harald Hoyer - 14:3.8.2-3 +- added LICENSE files + +* Wed Mar 31 2004 Harald Hoyer - 14:3.8.2-2 +- update to libpcap-0.8.3 (tcpdump-3.8.3 seems to be older that 3.8.2!!) + +* Tue Mar 30 2004 Harald Hoyer - 14:3.8.2-1 +- update to tcpdump-3.8.2, libpcap-0.8.2, arpwatch-2.1a13 +- patched tcpdump configure for gcc34 optimizations +- removed obsolete patches + +* Tue Mar 02 2004 Elliot Lee +- rebuilt + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Fri Jan 23 2004 Harald Hoyer 14:3.8.1-4/17 +- fixed arpwatch version +- fixed libpcap library version +- fixed tcpdump droproot + +* Tue Jan 20 2004 Harald Hoyer 14:3.8.1-3 +- corrected tcpslice (bpf.h issue) + +* Tue Jan 13 2004 Harald Hoyer 14:3.8.1-2 +- more security issues (patch 18) + +* Fri Jan 09 2004 Phil Knirsch 14:3.8.1-1 +- Updated to latest version because of security issue + +* Fri Aug 29 2003 Harald Hoyer 14:3.7.2-7 +- build libpcap shared library with gcc and not ld + +* Tue Jul 22 2003 Phil Knirsch 14:3.7.2-6.1 +- rebuilt + +* Mon Jul 21 2003 Phil Knirsch 14:3.7.2-6 +- rebuilt + +* Wed Jun 04 2003 Elliot Lee +- rebuilt + +* Wed May 21 2003 Harald Hoyer 14:3.7.2-5 +- add proper attributes for arp.dat, ethercodes + +* Tue May 20 2003 Harald Hoyer 14:3.7.2-4 +- take ethercodes.dat from the arpwatch package now + +* Tue May 6 2003 Harald Hoyer 14:3.7.2-3 +- compile tcpdump with autoheader #90208 + +* Thu May 1 2003 Elliot Lee 14:3.7.2-2 +- Add sctpdef patch to fix ppc64 builds + +* Thu Feb 27 2003 Phil Knirsch 14:3.7.2-1 +- Update to upstream version 3.7.2 + +* Sat Feb 01 2003 Florian La Roche +- sanitized rpm scripts + +* Wed Jan 22 2003 Tim Powers 12:3.6.3-20 +- rebuilt + +* Tue Jan 7 2003 Nalin Dahyabhai 12:3.6.3-19/0.6.2-19/2.1a11-19 +- rebuild + +* Sat Jan 4 2003 Jeff Johnson 12:3.6.3-18/0.6.2-18/2.1a11-18 +- set execute bits on library so that requires are generated. + +* Wed Dec 11 2002 Harald Hoyer 12:3.6.3-17/0.6.2-17/2.1a11-17 +- common release no. across all subpackages + +* Wed Dec 11 2002 Harald Hoyer 12:3.6.3-5/0.6.2-16/2.1a11-16 +- print_bgp security fix + +* Mon Nov 18 2002 Tim Powers +- rebuild on all arches + +* Fri Aug 2 2002 Harald Hoyer 12:3.6.3-3/0.6.2-16/2.1a11-16 +- added man page descriptions for the new parameters + +* Thu Aug 1 2002 Harald Hoyer 12:3.6.3-2 +- added arpwatch options to specify sender and recipient (#70386) + +* Tue Jul 23 2002 Harald Hoyer 12:3.6.3-1 +- removed prestripping + +* Thu May 16 2002 Harald Hoyer 12:3.6.2-13 +- added official 3.6.3 fix +- fixed 6.2 compat #63113 + +* Wed Jan 23 2002 Harald Hoyer 12:3.6.2-12 +- tcpdump-3.6.2-snaplen.patch added to fix #55145 + +* Tue Dec 18 2001 Harald Hoyer 12:3.6.2-10 +- took old purge patch for filters +- fixed #54225,#58346 +- drop root by default #49635 +- fixed #54593 +- fixed #57711 + +* Fri Aug 31 2001 Harald Hoyer 12:3.6.2-9 +- took better fix for #52654 from tcpdump cvs + +* Thu Aug 30 2001 Harald Hoyer 11:3.6.2-8 +- fixed #52654 + +* Thu Jul 19 2001 Harald Hoyer 10:3.6.2-7 +- added shared library to libpcap (#47174) +- afs printing security patch (#49294) + +* Wed Jun 20 2001 Harald Hoyer +- use initgroups, instead of setgroups + +* Mon Jun 18 2001 Harald Hoyer +- added dropgroup patches (#44563) + +* Mon May 07 2001 Harald Hoyer +- switched to Pekka's tcpdump-3.6.2 package +- incremented epoch + +* Sat Apr 14 2001 Pekka Savola +- fix building of tcpslice on glibc 2.2.2 (time.h) +- disable /etc/init.d requirement and fix %%post scripts in arpwatch + +* Wed Feb 14 2001 Harald Hoyer +- glibc sys/time -> time include patch + +* Wed Feb 7 2001 Trond Eivind Glomsrød +- Add space to this check + +* Wed Feb 07 2001 Harald Hoyer +- added check for presence of /etc/sysconfig/arpwatch (#23172) + +* Wed Feb 7 2001 Pekka Savola +- update to 3.6.2, 0.6.2 and new CVS of tcpslice. +- i18n'ize arpwatch init script + +* Fri Feb 2 2001 Trond Eivind Glomsrød +- i18nize initscript + +* Mon Jan 29 2001 Harald Hoyer +- fixed EINTR stopping for e.g. SIGSTOP. (#22008) +- added -u option for tcpdump (#20231) +- new arpwatch version (#23172) +- added "all" and "one" interface for -i (#20907) +- added arpwatch sysconfig (#23172) + +* Mon Jan 22 2001 Harald Hoyer +- more (potential) overflows in libpcap. #21373 +- documentation fix for #20906 + +* Sun Jan 14 2001 Pekka Savola +- use --enable-ipv6 +- Add two patches from CVS to enhance 802.2 printing, and more importantly, + to be able to specify 'no stp' + +* Sat Jan 13 2001 Pekka Savola +- Make SMB printing output a lot more quiet unless in verbose mode. +- Make -n resolve port/protocol numbers but not hostnames, -nn for no + resolving at all +- Separate droproot patch from a more generic man/usage fix one +- Add non-promiscuous mode -by default patch, but don't apply it by default + +* Thu Jan 11 2001 Pekka Savola +- Update to tcpdump 3.6.1 and libpcap 0.6.1 releases. + +* Mon Jan 8 2001 Pekka Savola +- Update to 20010108 CVS, disable some upstreamed patches. +- Change some additional .1 pages to .8. +- Add droproot patch, some --usage and man page fixes. + +* Mon Jan 1 2001 Pekka Savola +- Initial packaging with latest tcpdump.org CVS tcpdump-3.6 and libpcap-0.6. +- add earlier print-domain.c, the latest is segfaulting +- don't unnecesessarily include snprintf.o, it didn't compile with gcc 2.96 anyway +- don't use savestr, require openssl, tweak tweak tweak +- add tcpslice, patch it a bit for egcs detection + +* Sun Dec 31 2000 Pekka Savola +- tcpdump: spice up the manpage about interfaces +- tcpdump: add 'all' and 'any' keywords to -i, saner default behaviour. +- upgrade arpwatch to 2.1a10 + +* Sun Nov 26 2000 Jeff Johnson +- more (potential) overflows in libpcap. + +* Sun Nov 12 2000 Jeff Johnson +- eliminate still more buffer overflows (from FreeBSD) (#20069). + +* Thu Nov 2 2000 Jeff Johnson +- eliminate more buffer overflows (from FreeBSD) (#20069). +- 802.1q ether type incorrect (#19850). +- add -u flag to drop arpwatch privs (#19696). + +* Sun Oct 15 2000 Jeff Johnson +- updated ethercodes.dat + +* Thu Oct 12 2000 Jeff Johnson +- fix arpwatch tmp race (#18943). + +* Fri Aug 11 2000 Bill Nottingham +- fix condrestart + +* Fri Aug 11 2000 Jeff Johnson +- correct arpsnmp man pages (#15442). +- don't print harmless ENOPROTOOPT message (#13518). + +* Fri Aug 4 2000 Jeff Johnson +- rebuild with final kernel headers (#13518). + +* Sat Jul 22 2000 Jeff Johnson +- add STP patch (#14112). + +* Fri Jul 14 2000 Matt Wilson +- source /etc/init.d/functions +- back out /etc/init.d/arpwatch, place file in /etc/rc.d +- move initscript to /etc/init.d +- changed initscript to use start() and stop() functions +- added condrestart to init script +- added %%post %%preun %%postun scripts to register arpwatch script +- added Prereq: for all things needed in post/preun/postun + +* Wed Jul 12 2000 Prospector +- automatic rebuild + +* Tue Jul 11 2000 Jeff Johnson +- updated man page and help (pekkas@netcore.fi) (#10739 et al). + +* Sun Jun 18 2000 Jeff Johnson +- FHS packaging. + +* Tue May 9 2000 Bill Nottingham +- minor tweaks for ia64 (prototypes) + +* Thu Feb 17 2000 Bernhard Rosenkraenzer +- Compile shared libpcap with -fPIC (Bug #6342) + +* Wed Feb 02 2000 Cristian Gafton +- fix descriptions +- man pages are compressed + +* Wed Dec 22 1999 Jeff Johnson +- remove sparc64 SIOCGIFNAME hack, not needed with (at least) kernel 2.2.12-40. +- upgrade to ANK ss991030 snapshot with pcap magic fix (#6773). +- add getprotobyname lookup (#6725). +- getservbyname port lookup appears functional (#7569). +- remove uid 2090 backdoor (sorry Dave) (#7116). + +* Thu Sep 09 1999 Cristian Gafton +- fox the pcap.h header + +* Fri Aug 20 1999 Jeff Johnson +- prevent segfault on obscure spoofed ip header (#4634). + +* Wed Aug 18 1999 Jeff Johnson +- add defattr to arpwatch (#4591). + +* Mon Aug 16 1999 Bill Nottingham +- initscript munging + +* Sun Aug 8 1999 Jeff Johnson +- add -DWORDS_BIGINDIAN to tcpdump compile on sparc sparc61. + +* Tue Aug 3 1999 Jeff Johnson +- include A. Kuznetsov's patches to libpcap/tcpdump. +- added arpsnmp to package (#3258). +- arp2ethers written for different of awk (#4326). + +* Sun Mar 21 1999 Cristian Gafton +- auto rebuild in the new build environment (release 10) + +* Fri Mar 19 1999 Jeff Johnson +- strip binaries. + +* Wed Jan 13 1999 Bill Nottingham +- autoconf fixes for arm + +* Tue Sep 29 1998 Jeff Johnson +- libpcap description typo. + +* Sat Sep 19 1998 Jeff Johnson +- fix arpwatch summary line. + +* Mon Aug 17 1998 Jeff Johnson +- enable arpwatch + +* Mon Aug 3 1998 Jeff Johnson +- separate package for libpcap. +- update tcpdump to 3.4, libpcap to 0.4. +- added arpwatch (but disabled for now) + +* Thu May 07 1998 Prospector System +- translations modified for de, fr, tr + +* Sat May 2 1998 Alan Cox +- Added the SACK printing fix so you can dump Linux 2.1+. + +* Tue Oct 21 1997 Erik Troan +- updated to release 3.4a5 +- uses a buildroot and %%attr + +* Thu Jul 17 1997 Erik Troan +- built against glibc