@@ -, +, @@ --- security/dsniff/Makefile | 2 +- security/dsniff/files/patch-Makefile.in | 7 +- security/dsniff/files/patch-arpspoof.c | 16 +-- security/dsniff/files/patch-dnsspoof.c | 22 +-- security/dsniff/files/patch-filesnarf.c | 8 +- security/dsniff/files/patch-macof.c | 18 +-- security/dsniff/files/patch-pcaputil.c | 2 +- security/dsniff/files/patch-record.c | 6 +- security/dsniff/files/patch-ssh.c | 176 ++++++++++++++++++++++++ security/dsniff/files/patch-sshcrypto.c | 106 +++++++------- security/dsniff/files/patch-sshmitm.c | 28 ++-- security/dsniff/files/patch-tcp_raw.c | 8 +- security/dsniff/files/patch-tcp_raw.h | 6 +- security/dsniff/files/patch-tcpkill.c | 17 +-- security/dsniff/files/patch-tcpnice.c | 16 +-- security/dsniff/files/patch-trigger.c | 10 +- security/dsniff/files/patch-trigger.h | 6 +- security/dsniff/files/patch-urlsnarf.c | 6 +- security/dsniff/files/patch-webmitm.c | 40 +++--- security/dsniff/files/patch-webspy.c | 8 +- 20 files changed, 349 insertions(+), 159 deletions(-) create mode 100644 security/dsniff/files/patch-ssh.c --- b/security/dsniff/Makefile +++ b/security/dsniff/Makefile @@ -3,7 +3,7 @@ PORTNAME= dsniff DISTVERSION= 2.4b1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= http://www.monkey.org/~dugsong/${PORTNAME}/beta/ \ LOCAL/sbz --- b/security/dsniff/files/patch-Makefile.in +++ b/security/dsniff/files/patch-Makefile.in @@ -21,7 +21,7 @@ INSTALL = @INSTALL@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ -@@ -76,22 +75,23 @@ CONFIGS = dsniff.magic dsniff.services d +@@ -76,23 +75,24 @@ CONFIGS = dsniff.magic dsniff.services dnsspoof.hosts .c.o: $(CC) $(CFLAGS) $(INCS) -c $(srcdir)/$*.c @@ -48,14 +48,15 @@ - $(RANLIB) $@ +nfs_prot.c: nfs_prot.x nfs_prot.h + rpcgen -c nfs_prot.x -o $@ -+ + +nfs_prot.h: nfs_prot.x + rpcgen -h nfs_prot.x -o $@ + +filesnarf.c: nfs_prot.h - ++ dsniff: $(HDRS) $(SRCS) $(OBJS) $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) + @@ -156,7 +156,7 @@ install: done --- b/security/dsniff/files/patch-arpspoof.c +++ b/security/dsniff/files/patch-arpspoof.c @@ -1,5 +1,5 @@ ---- ./arpspoof.c.orig 2001-03-15 09:32:58.000000000 +0100 -+++ ./arpspoof.c 2014-07-22 13:21:17.000000000 +0200 +--- arpspoof.c.orig 2001-03-15 08:32:58 UTC ++++ arpspoof.c @@ -13,7 +13,10 @@ #include @@ -27,7 +27,7 @@ static struct ether_addr spoof_mac, target_mac; static in_addr_t spoof_ip, target_ip; static char *intf; -@@ -41,47 +44,49 @@ +@@ -41,47 +44,49 @@ usage(void) } static int @@ -94,7 +94,7 @@ } #ifdef __linux__ -@@ -119,7 +124,7 @@ +@@ -119,7 +124,7 @@ arp_find(in_addr_t ip, struct ether_addr *mac) /* XXX - force the kernel to arp. feh. */ arp_force(ip); #else @@ -103,7 +103,7 @@ #endif sleep(1); } -@@ -136,9 +141,9 @@ +@@ -136,9 +141,9 @@ cleanup(int sig) if (arp_find(spoof_ip, &spoof_mac)) { for (i = 0; i < 3; i++) { /* XXX - on BSD, requires ETHERSPOOF kernel. */ @@ -116,7 +116,7 @@ target_ip); sleep(1); } -@@ -151,7 +156,8 @@ +@@ -151,7 +156,8 @@ main(int argc, char *argv[]) { extern char *optarg; extern int optind; @@ -126,7 +126,7 @@ int c; intf = NULL; -@@ -163,7 +169,7 @@ +@@ -163,7 +169,7 @@ main(int argc, char *argv[]) intf = optarg; break; case 't': @@ -135,7 +135,7 @@ usage(); break; default: -@@ -176,26 +182,26 @@ +@@ -176,26 +182,26 @@ main(int argc, char *argv[]) if (argc != 1) usage(); --- b/security/dsniff/files/patch-dnsspoof.c +++ b/security/dsniff/files/patch-dnsspoof.c @@ -1,6 +1,6 @@ ---- ./dnsspoof.c.orig 2001-03-15 09:33:03.000000000 +0100 -+++ ./dnsspoof.c 2014-07-22 13:20:14.000000000 +0200 -@@ -38,7 +38,7 @@ +--- dnsspoof.c.orig 2001-03-15 08:33:03 UTC ++++ dnsspoof.c +@@ -38,7 +38,7 @@ SLIST_HEAD(, dnsent) dns_entries; pcap_t *pcap_pd = NULL; int pcap_off = -1; @@ -9,7 +9,7 @@ u_long lnet_ip = -1; static void -@@ -90,19 +90,18 @@ +@@ -90,19 +90,18 @@ static void dns_init(char *dev, char *filename) { FILE *f; @@ -36,7 +36,7 @@ SLIST_INIT(&dns_entries); -@@ -180,7 +179,7 @@ +@@ -180,7 +179,7 @@ dns_lookup_ptr(const char *name) static void dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, const u_char *pkt) { @@ -45,7 +45,7 @@ struct libnet_udp_hdr *udp; HEADER *dns; char name[MAXHOSTNAMELEN]; -@@ -189,7 +188,7 @@ +@@ -189,7 +188,7 @@ dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, in_addr_t dst; u_short type, class; @@ -54,7 +54,7 @@ udp = (struct libnet_udp_hdr *)(pkt + pcap_off + (ip->ip_hl * 4)); dns = (HEADER *)(udp + 1); p = (u_char *)(dns + 1); -@@ -212,7 +211,7 @@ +@@ -212,7 +211,7 @@ dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, if (class != C_IN) return; @@ -63,7 +63,7 @@ if (type == T_A) { if ((dst = dns_lookup_a(name)) == -1) -@@ -234,38 +233,38 @@ +@@ -234,38 +233,38 @@ dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, anslen += 12; } else return; @@ -117,7 +117,7 @@ pcap_close(pcap_pd); exit(0); } -@@ -276,6 +275,7 @@ +@@ -276,6 +275,7 @@ main(int argc, char *argv[]) extern char *optarg; extern int optind; char *p, *dev, *hosts, buf[1024]; @@ -125,7 +125,7 @@ int i; dev = hosts = NULL; -@@ -306,7 +306,7 @@ +@@ -306,7 +306,7 @@ main(int argc, char *argv[]) strlcpy(buf, p, sizeof(buf)); } else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", @@ -134,7 +134,7 @@ if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL) errx(1, "couldn't initialize sniffing"); -@@ -314,10 +314,10 @@ +@@ -314,10 +314,10 @@ main(int argc, char *argv[]) if ((pcap_off = pcap_dloff(pcap_pd)) < 0) errx(1, "couldn't determine link layer offset"); --- b/security/dsniff/files/patch-filesnarf.c +++ b/security/dsniff/files/patch-filesnarf.c @@ -1,6 +1,6 @@ ---- ./filesnarf.c.orig 2001-03-15 09:33:03.000000000 +0100 -+++ ./filesnarf.c 2014-07-22 13:20:14.000000000 +0200 -@@ -134,8 +134,8 @@ +--- filesnarf.c.orig 2001-03-15 08:33:03 UTC ++++ filesnarf.c +@@ -134,8 +134,8 @@ nfs_save(struct tuple4 *addr, struct myreadargs *ma, u int fd; warnx("%s.%d > %s.%d: %s (%d@%d)", @@ -11,7 +11,7 @@ ma->filename, len, ma->offset); if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) { -@@ -353,7 +353,7 @@ +@@ -353,7 +353,7 @@ decode_nfs(struct tuple4 *addr, u_char *buf, int len) } static void --- b/security/dsniff/files/patch-macof.c +++ b/security/dsniff/files/patch-macof.c @@ -1,6 +1,6 @@ ---- ./macof.c.orig 2001-03-15 09:33:04.000000000 +0100 -+++ ./macof.c 2014-07-22 13:20:14.000000000 +0200 -@@ -48,8 +48,8 @@ +--- macof.c.orig 2001-03-15 08:33:04 UTC ++++ macof.c +@@ -48,8 +48,8 @@ usage(void) static void gen_mac(u_char *mac) { @@ -11,7 +11,7 @@ } int -@@ -59,22 +59,23 @@ +@@ -59,22 +59,23 @@ main(int argc, char *argv[]) extern int optind; int c, i; struct libnet_link_int *llif; @@ -39,7 +39,7 @@ break; case 'e': Tha = (u_char *)ether_aton(optarg); -@@ -101,13 +102,13 @@ +@@ -101,13 +102,13 @@ main(int argc, char *argv[]) if (argc != 0) usage(); @@ -58,7 +58,7 @@ for (i = 0; i != Repeat; i++) { -@@ -117,39 +118,39 @@ +@@ -117,39 +118,39 @@ main(int argc, char *argv[]) else memcpy(tha, Tha, sizeof(tha)); if (Src != 0) src = Src; @@ -78,13 +78,13 @@ + else dport = libnet_get_prand(LIBNET_PRu16); - seq = libnet_get_prand(PRu32); -- ++ seq = libnet_get_prand(LIBNET_PRu32); + - libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, pkt); - - libnet_build_ip(TCP_H, 0, libnet_get_prand(PRu16), 0, 64, - IPPROTO_TCP, src, dst, NULL, 0, pkt + ETH_H); -+ seq = libnet_get_prand(LIBNET_PRu32); - +- libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, - 0, NULL, 0, pkt + ETH_H + IP_H); + 0, 0, LIBNET_TCP_H, NULL, 0, l, 0); --- b/security/dsniff/files/patch-pcaputil.c +++ b/security/dsniff/files/patch-pcaputil.c @@ -21,7 +21,7 @@ int pcap_dloff(pcap_t *pd) { -@@ -87,12 +76,6 @@ pcap_init(char *intf, char *filter, int +@@ -87,12 +76,6 @@ pcap_init(char *intf, char *filter, int snaplen) pcap_perror(pd, "pcap_compile"); return (NULL); } --- b/security/dsniff/files/patch-record.c +++ b/security/dsniff/files/patch-record.c @@ -1,6 +1,6 @@ ---- ./record.c.orig 2001-03-15 09:33:04.000000000 +0100 -+++ ./record.c 2014-07-22 13:20:14.000000000 +0200 -@@ -65,8 +65,8 @@ +--- record.c.orig 2001-03-15 08:33:04 UTC ++++ record.c +@@ -65,8 +65,8 @@ record_print(struct rec *rec) tm = localtime(&rec->time); strftime(tstr, sizeof(tstr), "%x %X", tm); --- /dev/null +++ b/security/dsniff/files/patch-ssh.c @@ -0,0 +1,176 @@ +--- ssh.c.orig 2001-03-15 08:33:04 UTC ++++ ssh.c +@@ -232,6 +232,10 @@ SSH_accept(SSH *ssh) + u_char *p, cipher, cookie[8], msg[1024]; + u_int32_t num; + int i; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ const BIGNUM *servkey_e, *servkey_n; ++ const BIGNUM *hostkey_e, *hostkey_n; ++#endif + + /* Generate anti-spoofing cookie. */ + RAND_bytes(cookie, sizeof(cookie)); +@@ -241,11 +245,23 @@ SSH_accept(SSH *ssh) + *p++ = SSH_SMSG_PUBLIC_KEY; /* type */ + memcpy(p, cookie, 8); p += 8; /* cookie */ + num = 768; PUTLONG(num, p); /* servkey bits */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL); ++ put_bn(servkey_e, &p); /* servkey exponent */ ++ put_bn(servkey_n, &p); /* servkey modulus */ ++#else + put_bn(ssh->ctx->servkey->e, &p); /* servkey exponent */ + put_bn(ssh->ctx->servkey->n, &p); /* servkey modulus */ ++#endif + num = 1024; PUTLONG(num, p); /* hostkey bits */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL); ++ put_bn(hostkey_e, &p); /* hostkey exponent */ ++ put_bn(hostkey_n, &p); /* hostkey modulus */ ++#else + put_bn(ssh->ctx->hostkey->e, &p); /* hostkey exponent */ + put_bn(ssh->ctx->hostkey->n, &p); /* hostkey modulus */ ++#endif + num = 0; PUTLONG(num, p); /* protocol flags */ + num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */ + num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */ +@@ -296,7 +312,11 @@ SSH_accept(SSH *ssh) + SKIP(p, i, 4); + + /* Decrypt session key. */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if (BN_cmp(servkey_n, hostkey_n) > 0) { ++#else + if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) { ++#endif + rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey); + rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey); + } +@@ -316,8 +336,13 @@ SSH_accept(SSH *ssh) + BN_clear_free(enckey); + + /* Derive real session key using session id. */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if ((p = ssh_session_id(cookie, hostkey_n, ++ servkey_n)) == NULL) { ++#else + if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, + ssh->ctx->servkey->n)) == NULL) { ++#endif + warn("ssh_session_id"); + return (-1); + } +@@ -326,10 +351,15 @@ SSH_accept(SSH *ssh) + } + /* Set cipher. */ + if (cipher == SSH_CIPHER_3DES) { ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ warnx("cipher 3des no longer supported"); ++ return (-1); ++#else + ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); + ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); + ssh->encrypt = des3_encrypt; + ssh->decrypt = des3_decrypt; ++#endif + } + else if (cipher == SSH_CIPHER_BLOWFISH) { + ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey)); +@@ -355,6 +385,10 @@ SSH_connect(SSH *ssh) + u_char *p, cipher, cookie[8], msg[1024]; + u_int32_t num; + int i; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ BIGNUM *servkey_n, *servkey_e; ++ BIGNUM *hostkey_n, *hostkey_e; ++#endif + + /* Get public key. */ + if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { +@@ -377,21 +411,43 @@ SSH_connect(SSH *ssh) + + /* Get servkey. */ + ssh->ctx->servkey = RSA_new(); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ servkey_n = BN_new(); ++ servkey_e = BN_new(); ++ RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL); ++#else + ssh->ctx->servkey->n = BN_new(); + ssh->ctx->servkey->e = BN_new(); ++#endif + + SKIP(p, i, 4); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ get_bn(servkey_e, &p, &i); ++ get_bn(servkey_n, &p, &i); ++#else + get_bn(ssh->ctx->servkey->e, &p, &i); + get_bn(ssh->ctx->servkey->n, &p, &i); ++#endif + + /* Get hostkey. */ + ssh->ctx->hostkey = RSA_new(); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ hostkey_n = BN_new(); ++ hostkey_e = BN_new(); ++ RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL); ++#else + ssh->ctx->hostkey->n = BN_new(); + ssh->ctx->hostkey->e = BN_new(); ++#endif + + SKIP(p, i, 4); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ get_bn(hostkey_e, &p, &i); ++ get_bn(hostkey_n, &p, &i); ++#else + get_bn(ssh->ctx->hostkey->e, &p, &i); + get_bn(ssh->ctx->hostkey->n, &p, &i); ++#endif + + /* Get cipher, auth masks. */ + SKIP(p, i, 4); +@@ -403,8 +459,13 @@ SSH_connect(SSH *ssh) + RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey)); + + /* Obfuscate with session id. */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if ((p = ssh_session_id(cookie, hostkey_n, ++ servkey_n)) == NULL) { ++#else + if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n, + ssh->ctx->servkey->n)) == NULL) { ++#endif + warn("ssh_session_id"); + return (-1); + } +@@ -420,7 +481,11 @@ SSH_connect(SSH *ssh) + else BN_add_word(bn, ssh->sesskey[i]); + } + /* Encrypt session key. */ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if (BN_cmp(servkey_n, hostkey_n) < 0) { ++#else + if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) { ++#endif + rsa_public_encrypt(bn, bn, ssh->ctx->servkey); + rsa_public_encrypt(bn, bn, ssh->ctx->hostkey); + } +@@ -468,10 +533,15 @@ SSH_connect(SSH *ssh) + ssh->decrypt = blowfish_decrypt; + } + else if (cipher == SSH_CIPHER_3DES) { ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ warnx("cipher 3des no longer supported"); ++ return (-1); ++#else + ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); + ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey)); + ssh->encrypt = des3_encrypt; + ssh->decrypt = des3_decrypt; ++#endif + } + /* Get server response. */ + if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) { --- b/security/dsniff/files/patch-sshcrypto.c +++ b/security/dsniff/files/patch-sshcrypto.c @@ -1,66 +1,78 @@ $OpenBSD: patch-sshcrypto_c,v 1.3 2015/05/29 15:57:29 jca Exp $ ---- sshcrypto.c.orig Tue Nov 28 22:23:28 2000 -+++ sshcrypto.c Fri May 29 17:56:22 2015 -@@ -15,7 +15,9 @@ +--- sshcrypto.c.orig 2001-03-15 08:33:04 UTC ++++ sshcrypto.c +@@ -13,11 +13,13 @@ + #include "config.h" + #include ++#include #include -+#include #include -+#include #include #include ++#include + + #include "sshcrypto.h" -@@ -27,8 +29,8 @@ struct blowfish_state { +@@ -26,10 +28,12 @@ struct blowfish_state { + u_char iv[8]; }; ++#if OPENSSL_VERSION_NUMBER < 0x10100000L struct des3_state { -- des_key_schedule k1, k2, k3; -- des_cblock iv1, iv2, iv3; -+ DES_key_schedule k1, k2, k3; -+ DES_cblock iv1, iv2, iv3; + des_key_schedule k1, k2, k3; + des_cblock iv1, iv2, iv3; }; ++#endif void -@@ -153,13 +155,13 @@ des3_init(u_char *sesskey, int len) - if ((state = malloc(sizeof(*state))) == NULL) - err(1, "malloc"); + rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) +@@ -37,10 +41,20 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) + u_char *inbuf, *outbuf; + int len, ilen, olen; -- des_set_key((void *)sesskey, state->k1); -- des_set_key((void *)(sesskey + 8), state->k2); -+ DES_set_key((void *)sesskey, &state->k1); -+ DES_set_key((void *)(sesskey + 8), &state->k2); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ const BIGNUM *n, *e; ++ RSA_get0_key(key, &n, &e, NULL); ++ if (BN_num_bits(e) < 2 || !BN_is_odd(e)) ++#else + if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) ++#endif + errx(1, "rsa_public_encrypt() exponent too small or not odd"); - if (len <= 16) -- des_set_key((void *)sesskey, state->k3); -+ DES_set_key((void *)sesskey, &state->k3); - else -- des_set_key((void *)(sesskey + 16), state->k3); -+ DES_set_key((void *)(sesskey + 16), &state->k3); - - memset(state->iv1, 0, 8); - memset(state->iv2, 0, 8); -@@ -175,9 +177,9 @@ des3_encrypt(u_char *src, u_char *dst, int len, void * - estate = (struct des3_state *)state; - memcpy(estate->iv1, estate->iv2, 8); - -- des_ncbc_encrypt(src, dst, len, estate->k1, &estate->iv1, DES_ENCRYPT); -- des_ncbc_encrypt(dst, dst, len, estate->k2, &estate->iv2, DES_DECRYPT); -- des_ncbc_encrypt(dst, dst, len, estate->k3, &estate->iv3, DES_ENCRYPT); -+ DES_ncbc_encrypt(src, dst, len, &estate->k1, &estate->iv1, DES_ENCRYPT); -+ DES_ncbc_encrypt(dst, dst, len, &estate->k2, &estate->iv2, DES_DECRYPT); -+ DES_ncbc_encrypt(dst, dst, len, &estate->k3, &estate->iv3, DES_ENCRYPT); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ olen = BN_num_bytes(n); ++#else + olen = BN_num_bytes(key->n); ++#endif + outbuf = malloc(olen); + + ilen = BN_num_bytes(in); +@@ -69,7 +83,13 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) + u_char *inbuf, *outbuf; + int len, ilen, olen; + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ const BIGNUM *n; ++ RSA_get0_key(key, &n, NULL, NULL); ++ olen = BN_num_bytes(n); ++#else + olen = BN_num_bytes(key->n); ++#endif + outbuf = malloc(olen); + + ilen = BN_num_bytes(in); +@@ -144,6 +164,7 @@ blowfish_decrypt(u_char *src, u_char *dst, int len, vo + swap_bytes(dst, dst, len); } - void -@@ -188,7 +190,7 @@ des3_decrypt(u_char *src, u_char *dst, int len, void * - dstate = (struct des3_state *)state; - memcpy(dstate->iv1, dstate->iv2, 8); - -- des_ncbc_encrypt(src, dst, len, dstate->k3, &dstate->iv3, DES_DECRYPT); -- des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT); -- des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT); -+ DES_ncbc_encrypt(src, dst, len, &dstate->k3, &dstate->iv3, DES_DECRYPT); -+ DES_ncbc_encrypt(dst, dst, len, &dstate->k2, &dstate->iv2, DES_ENCRYPT); -+ DES_ncbc_encrypt(dst, dst, len, &dstate->k1, &dstate->iv1, DES_DECRYPT); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + /* XXX - SSH1's weirdo 3DES... */ + void * + des3_init(u_char *sesskey, int len) +@@ -192,3 +213,4 @@ des3_decrypt(u_char *src, u_char *dst, int len, void * + des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT); + des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT); } ++#endif --- b/security/dsniff/files/patch-sshmitm.c +++ b/security/dsniff/files/patch-sshmitm.c @@ -1,55 +1,55 @@ ---- ./sshmitm.c.orig 2001-03-15 09:33:04.000000000 +0100 -+++ ./sshmitm.c 2014-07-22 13:20:14.000000000 +0200 -@@ -41,7 +41,7 @@ +--- sshmitm.c.orig 2001-03-15 08:33:04 UTC ++++ sshmitm.c +@@ -41,7 +41,7 @@ int mitm_fd; int client_fd, server_fd; SSH_CTX *ssh_client_ctx, *ssh_server_ctx; SSH *ssh_client, *ssh_server; -struct sockaddr_in csin, ssin; -+struct sockaddr_in ________csin, ssin; ++struct sockaddr_in ____________csin, ssin; int sig_pipe[2]; static void -@@ -148,7 +148,7 @@ +@@ -148,7 +148,7 @@ mitm_child(void) if (Opt_debug) warnx("new connection from %s.%d", - inet_ntoa(csin.sin_addr), ntohs(csin.sin_port)); -+ inet_ntoa(________csin.sin_addr), ntohs(________csin.sin_port)); ++ inet_ntoa(____________csin.sin_addr), ntohs(____________csin.sin_port)); if (fcntl(client_fd, F_SETFL, 0) == -1) err(1, "fcntl"); -@@ -237,10 +237,10 @@ +@@ -237,10 +237,10 @@ mitm_child(void) } else { pass_done = 1; - record(csin.sin_addr.s_addr, -+ record(________csin.sin_addr.s_addr, ++ record(____________csin.sin_addr.s_addr, ssin.sin_addr.s_addr, IPPROTO_TCP, - ntohs(csin.sin_port), -+ ntohs(________csin.sin_port), ++ ntohs(____________csin.sin_port), ntohs(ssin.sin_port), "ssh", userpass, strlen(userpass)); } -@@ -326,7 +326,7 @@ +@@ -326,7 +326,7 @@ mitm_run(void) if (errno != EINTR) err(1, "select"); } - i = sizeof(csin); -+ i = sizeof(________csin); ++ i = sizeof(____________csin); if (FD_ISSET(sig_pipe[0], &fds)) { while (read(sig_pipe[0], buf, 1) == 1) -@@ -336,7 +336,7 @@ +@@ -336,7 +336,7 @@ mitm_run(void) } if (FD_ISSET(mitm_fd, &fds)) { client_fd = accept(mitm_fd, - (struct sockaddr *)&csin, &i); -+ (struct sockaddr *)&________csin, &i); ++ (struct sockaddr *)&____________csin, &i); if (client_fd >= 0) { if (fork() == 0) { -@@ -389,7 +389,7 @@ +@@ -389,7 +389,7 @@ main(int argc, char *argv[]) if (argc < 1) usage(); --- b/security/dsniff/files/patch-tcp_raw.c +++ b/security/dsniff/files/patch-tcp_raw.c @@ -1,6 +1,6 @@ ---- ./tcp_raw.c.orig 2001-03-15 09:33:04.000000000 +0100 -+++ ./tcp_raw.c 2014-07-22 13:20:14.000000000 +0200 -@@ -119,7 +119,7 @@ +--- tcp_raw.c.orig 2001-03-15 08:33:04 UTC ++++ tcp_raw.c +@@ -119,7 +119,7 @@ tcp_raw_reassemble(struct tcp_conn *conn, int minlen) } struct iovec * @@ -9,7 +9,7 @@ { struct tha tha; struct tcp_conn *conn; -@@ -131,7 +131,7 @@ +@@ -131,7 +131,7 @@ tcp_raw_input(struct libnet_ip_hdr *ip, struct libnet_ /* Verify TCP checksum. */ cksum = tcp->th_sum; --- b/security/dsniff/files/patch-tcp_raw.h +++ b/security/dsniff/files/patch-tcp_raw.h @@ -1,6 +1,6 @@ ---- ./tcp_raw.h.orig 2001-03-15 09:33:06.000000000 +0100 -+++ ./tcp_raw.h 2014-07-22 13:20:14.000000000 +0200 -@@ -15,7 +15,7 @@ +--- tcp_raw.h.orig 2001-03-15 08:33:06 UTC ++++ tcp_raw.h +@@ -15,7 +15,7 @@ typedef void (*tcp_raw_callback_t)(in_addr_t src, in_a u_short sport, u_short dport, u_char *buf, int len); --- b/security/dsniff/files/patch-tcpkill.c +++ b/security/dsniff/files/patch-tcpkill.c @@ -1,6 +1,6 @@ ---- ./tcpkill.c.orig 2001-03-17 09:10:43.000000000 +0100 -+++ ./tcpkill.c 2014-07-22 13:20:14.000000000 +0200 -@@ -39,17 +39,18 @@ +--- tcpkill.c.orig 2001-03-17 08:10:43 UTC ++++ tcpkill.c +@@ -39,17 +39,18 @@ usage(void) static void tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) { @@ -24,7 +24,7 @@ if (ip->ip_p != IPPROTO_TCP) return; -@@ -57,34 +58,31 @@ +@@ -57,35 +58,32 @@ tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pc if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) return; @@ -62,7 +62,7 @@ + libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), + seq, 0, TH_RST, 0, 0, 0, LIBNET_TCP_H, + NULL, 0, l, 0); -+ + + libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H, 0, + libnet_get_prand(LIBNET_PRu16), 0, 64, + IPPROTO_TCP, 0, ip->ip_dst.s_addr, @@ -70,10 +70,11 @@ + + if (libnet_write(l) < 0) + warn("write"); - ++ fprintf(stderr, "%s R %lu:%lu(0) win 0\n", ctext, seq, seq); } -@@ -95,8 +93,10 @@ + } +@@ -95,8 +93,10 @@ main(int argc, char *argv[]) { extern char *optarg; extern int optind; @@ -85,7 +86,7 @@ pcap_t *pd; intf = NULL; -@@ -136,14 +136,14 @@ +@@ -136,14 +136,14 @@ main(int argc, char *argv[]) if ((pcap_off = pcap_dloff(pd)) < 0) errx(1, "couldn't determine link layer offset"); --- b/security/dsniff/files/patch-tcpnice.c +++ b/security/dsniff/files/patch-tcpnice.c @@ -1,6 +1,6 @@ ---- ./tcpnice.c.orig 2001-03-17 08:41:51.000000000 +0100 -+++ ./tcpnice.c 2014-07-22 13:20:14.000000000 +0200 -@@ -41,107 +41,106 @@ +--- tcpnice.c.orig 2001-03-17 07:41:51 UTC ++++ tcpnice.c +@@ -41,107 +41,106 @@ usage(void) } static void @@ -106,8 +106,6 @@ + memcpy((u_char *)icmp + LIBNET_ICMPV4_MASK_H, (u_char *)ip, len); - libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_MASK_H + len); -- -- len += (IP_H + ICMP_MASK_H); + len += LIBNET_ICMPV4_MASK_H; + + libnet_build_ipv4(LIBNET_IPV4_H + len, 4, @@ -115,6 +113,8 @@ + 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, + (u_int8_t *) icmp, len, l, 0); +- len += (IP_H + ICMP_MASK_H); +- - if (libnet_write_ip(sock, buf, len) != len) + if (libnet_write(l) != len) warn("write"); @@ -149,7 +149,7 @@ if (ip->ip_p != IPPROTO_TCP) return; -@@ -151,11 +150,11 @@ +@@ -151,11 +150,11 @@ tcp_nice_cb(u_char *user, const struct pcap_pkthdr *pc if (ntohs(ip->ip_len) > (ip->ip_hl << 2) + (tcp->th_off << 2)) { if (Opt_icmp) @@ -164,7 +164,7 @@ } } -@@ -164,8 +163,10 @@ +@@ -164,8 +163,10 @@ main(int argc, char *argv[]) { extern char *optarg; extern int optind; @@ -176,7 +176,7 @@ pcap_t *pd; intf = NULL; -@@ -209,14 +210,14 @@ +@@ -209,14 +210,14 @@ main(int argc, char *argv[]) if ((pcap_off = pcap_dloff(pd)) < 0) errx(1, "couldn't determine link layer offset"); --- b/security/dsniff/files/patch-trigger.c +++ b/security/dsniff/files/patch-trigger.c @@ -1,6 +1,6 @@ ---- ./trigger.c.orig 2001-03-15 09:33:05.000000000 +0100 -+++ ./trigger.c 2014-07-22 13:20:14.000000000 +0200 -@@ -276,7 +276,7 @@ +--- trigger.c.orig 2001-03-15 08:33:05 UTC ++++ trigger.c +@@ -276,7 +276,7 @@ trigger_dump(void) } void @@ -9,7 +9,7 @@ { struct trigger *t, tr; u_char *buf; -@@ -305,7 +305,7 @@ +@@ -305,7 +305,7 @@ trigger_ip(struct libnet_ip_hdr *ip) /* libnids needs a nids_register_udp()... */ void @@ -18,7 +18,7 @@ { struct trigger *t, tr; struct libnet_udp_hdr *udp; -@@ -437,7 +437,7 @@ +@@ -437,7 +437,7 @@ trigger_tcp(struct tcp_stream *ts, void **conn_save) } void --- b/security/dsniff/files/patch-trigger.h +++ b/security/dsniff/files/patch-trigger.h @@ -1,6 +1,6 @@ ---- ./trigger.h.orig 2001-03-15 09:33:06.000000000 +0100 -+++ ./trigger.h 2014-07-22 13:20:14.000000000 +0200 -@@ -24,10 +24,10 @@ +--- trigger.h.orig 2001-03-15 08:33:06 UTC ++++ trigger.h +@@ -24,10 +24,10 @@ int trigger_set_udp(int port, char *name); int trigger_set_tcp(int port, char *name); int trigger_set_rpc(int program, char *name); --- b/security/dsniff/files/patch-urlsnarf.c +++ b/security/dsniff/files/patch-urlsnarf.c @@ -1,6 +1,6 @@ ---- ./urlsnarf.c.orig 2001-03-15 10:26:13.000000000 +0100 -+++ ./urlsnarf.c 2014-07-22 13:20:14.000000000 +0200 -@@ -145,14 +145,14 @@ +--- urlsnarf.c.orig 2001-03-15 09:26:13 UTC ++++ urlsnarf.c +@@ -145,14 +145,14 @@ process_http_request(struct tuple4 *addr, u_char *data if (user == NULL) user = "-"; if (vhost == NULL) --- b/security/dsniff/files/patch-webmitm.c +++ b/security/dsniff/files/patch-webmitm.c @@ -1,26 +1,26 @@ ---- ./webmitm.c.orig 2001-03-17 09:35:05.000000000 +0100 -+++ ./webmitm.c 2014-07-22 13:20:14.000000000 +0200 -@@ -43,7 +43,7 @@ +--- webmitm.c.orig 2001-03-17 08:35:05 UTC ++++ webmitm.c +@@ -43,7 +43,7 @@ int http_fd, https_fd; int client_fd, server_fd; SSL_CTX *ssl_client_ctx, *ssl_server_ctx; SSL *ssl_client, *ssl_server; -struct sockaddr_in csin, ssin; -+struct sockaddr_in ________csin, ssin; ++struct sockaddr_in ____________csin, ssin; int do_ssl, sig_pipe[2]; in_addr_t static_host = 0; -@@ -101,8 +101,8 @@ +@@ -101,8 +101,8 @@ grep_passwords(char *buf, int len) char obuf[1024]; if ((len = decode_http(buf, len, obuf, sizeof(obuf))) > 0) { - record(csin.sin_addr.s_addr, ssin.sin_addr.s_addr, - IPPROTO_TCP, ntohs(csin.sin_port), ntohs(ssin.sin_port), -+ record(________csin.sin_addr.s_addr, ssin.sin_addr.s_addr, -+ IPPROTO_TCP, ntohs(________csin.sin_port), ntohs(ssin.sin_port), ++ record(____________csin.sin_addr.s_addr, ssin.sin_addr.s_addr, ++ IPPROTO_TCP, ntohs(____________csin.sin_port), ntohs(ssin.sin_port), "http", obuf, len); } } -@@ -242,7 +242,7 @@ +@@ -242,7 +242,7 @@ server_init(char *buf, int size) word = buf_tok(&msg, "/", 1); vhost = buf_strdup(word); } @@ -29,57 +29,57 @@ free(vhost); if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) || -@@ -355,7 +355,7 @@ +@@ -355,7 +355,7 @@ mitm_child(void) if (Opt_debug) warnx("new connection from %s.%d", - inet_ntoa(csin.sin_addr), ntohs(csin.sin_port)); -+ inet_ntoa(________csin.sin_addr), ntohs(________csin.sin_port)); ++ inet_ntoa(____________csin.sin_addr), ntohs(____________csin.sin_port)); client_init(); -@@ -363,7 +363,7 @@ +@@ -363,7 +363,7 @@ mitm_child(void) err(1, "client_request"); if (Opt_debug) - warnx("%d bytes from %s", i, inet_ntoa(csin.sin_addr)); -+ warnx("%d bytes from %s", i, inet_ntoa(________csin.sin_addr)); ++ warnx("%d bytes from %s", i, inet_ntoa(____________csin.sin_addr)); if (Opt_debug > 1) write(STDERR_FILENO, buf, i); -@@ -393,7 +393,7 @@ +@@ -393,7 +393,7 @@ mitm_child(void) if (Opt_debug) warnx("%d bytes from %s", - i, inet_ntoa(csin.sin_addr)); -+ i, inet_ntoa(________csin.sin_addr)); ++ i, inet_ntoa(____________csin.sin_addr)); if (Opt_debug > 1) write(STDERR_FILENO, buf, i); -@@ -456,7 +456,7 @@ +@@ -456,7 +456,7 @@ mitm_run(void) if (errno != EINTR) err(1, "select"); } - i = sizeof(csin); -+ i = sizeof(________csin); ++ i = sizeof(____________csin); if (FD_ISSET(sig_pipe[0], &fds)) { while (read(sig_pipe[0], &i, 1) == 1) -@@ -466,11 +466,11 @@ +@@ -466,11 +466,11 @@ mitm_run(void) continue; } if (FD_ISSET(http_fd, &fds)) { - client_fd = accept(http_fd, (struct sockaddr *)&csin, &i); -+ client_fd = accept(http_fd, (struct sockaddr *)&________csin, &i); ++ client_fd = accept(http_fd, (struct sockaddr *)&____________csin, &i); do_ssl = 0; } else if (FD_ISSET(https_fd, &fds)) { - client_fd = accept(https_fd, (struct sockaddr *)&csin, &i); -+ client_fd = accept(https_fd, (struct sockaddr *)&________csin, &i); ++ client_fd = accept(https_fd, (struct sockaddr *)&____________csin, &i); do_ssl = 1; } else errx(1, "select failure"); -@@ -510,7 +510,7 @@ +@@ -510,7 +510,7 @@ main(int argc, char *argv[]) argv += optind; if (argc == 1) { --- b/security/dsniff/files/patch-webspy.c +++ b/security/dsniff/files/patch-webspy.c @@ -1,6 +1,6 @@ ---- ./webspy.c.orig 2001-03-15 09:33:05.000000000 +0100 -+++ ./webspy.c 2014-07-22 13:20:14.000000000 +0200 -@@ -126,7 +126,7 @@ +--- webspy.c.orig 2001-03-15 08:33:05 UTC ++++ webspy.c +@@ -126,7 +126,7 @@ process_http_request(struct tuple4 *addr, u_char *data if (auth == NULL) auth = ""; if (vhost == NULL) @@ -9,7 +9,7 @@ snprintf(cmd, sizeof(cmd), "openURL(http://%s%s%s%s)", auth, *auth ? "@" : "", vhost, uri); -@@ -202,7 +202,7 @@ +@@ -202,7 +202,7 @@ main(int argc, char *argv[]) cmdtab[0] = cmd; cmdtab[1] = NULL; --