[packages/ettercap] - rel 18; fix openssl 1.1.1 build
arekm
arekm at pld-linux.org
Wed Sep 26 07:33:51 CEST 2018
commit 888d2f69fe64e85642f33c9d09f01652f4accf4f
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Wed Sep 26 07:33:44 2018 +0200
- rel 18; fix openssl 1.1.1 build
ettercap.spec | 4 +-
openssl.patch | 333 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 336 insertions(+), 1 deletion(-)
---
diff --git a/ettercap.spec b/ettercap.spec
index b04ddc5..6708252 100644
--- a/ettercap.spec
+++ b/ettercap.spec
@@ -7,7 +7,7 @@ Summary(pl.UTF-8): ettercap - oparte o ncurses narzędzie do sniffowania/przechw
Summary(pt_BR.UTF-8): ettercap e um interceptador/sniffer paseado em ncurses
Name: ettercap
Version: 0.7.3
-Release: 17
+Release: 18
Epoch: 1
License: GPL
Group: Networking/Utilities
@@ -18,6 +18,7 @@ Patch2: %{name}-as-needed.patch
Patch3: %{name}-libmissing.patch
Patch4: %{name}-shlib_ext.patch
Patch5: %{name}-flags.patch
+Patch6: openssl.patch
URL: http://ettercap.sourceforge.net/
BuildRequires: autoconf
BuildRequires: automake
@@ -85,6 +86,7 @@ hosts na rede local, portas abertas, versão de serviços, tipo de host
%patch3 -p1
%patch4 -p1
%patch5 -p1
+%patch6 -p1
%build
%{__libtoolize}
diff --git a/openssl.patch b/openssl.patch
new file mode 100644
index 0000000..bad147e
--- /dev/null
+++ b/openssl.patch
@@ -0,0 +1,333 @@
+From f0d63b27c82df2ad5f7ada6310727d841b43fbcc Mon Sep 17 00:00:00 2001
+From: Gianfranco Costamagna <costamagnagianfranco at yahoo.it>
+Date: Mon, 27 Jun 2016 12:41:33 +0200
+Subject: [PATCH 1/2] First draft of openssl 1.1 compatibility layer (from
+ https://github.com/curl/curl/commit/cfe16c22d7891a1f65ea8cd4c5352504a2afbddc)
+ Closes: #739
+
+---
+ src/dissectors/ec_ssh.c | 93 ++++++++++++++++++++++++++++++++++++++++-
+ src/ec_sslwrap.c | 14 +++++++
+ 2 files changed, 106 insertions(+), 1 deletion(-)
+
+diff --git a/src/dissectors/ec_ssh.c b/src/dissectors/ec_ssh.c
+index f89200dca..26c864910 100644
+--- a/src/dissectors/ec_ssh.c
++++ b/src/dissectors/ec_ssh.c
+@@ -36,6 +36,10 @@
+ #include <openssl/md5.h>
+ #include <zlib.h>
+
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
++#endif
++
+ #define SMSG_PUBLIC_KEY 2
+ #define CMSG_SESSION_KEY 3
+ #define CMSG_USER 4
+@@ -138,6 +142,11 @@ FUNC_DECODER(dissector_ssh)
+ char tmp[MAX_ASCII_ADDR_LEN];
+ u_int32 ssh_len, ssh_mod;
+ u_char ssh_packet_type, *ptr, *key_to_put;
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ BIGNUM *h_n, *s_n, *m_h_n, *m_s_n;
++ BIGNUM *h_e, *s_e, *m_h_e, *m_s_e;
++ BIGNUM *h_d, *s_d, *m_h_d, *m_s_d;
++#endif
+
+ /* don't complain about unused var */
+ (void) DECODE_DATA;
+@@ -383,12 +392,25 @@ FUNC_DECODER(dissector_ssh)
+ if (session_data->ptrkey == NULL) {
+ /* Initialize RSA key structures (other fileds are set to 0) */
+ session_data->serverkey = RSA_new();
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ s_n = BN_new();
++ s_e = BN_new();
++ RSA_set0_key(session_data->serverkey, s_n, s_e, s_d);
++#else
+ session_data->serverkey->n = BN_new();
+ session_data->serverkey->e = BN_new();
++#endif
+
+ session_data->hostkey = RSA_new();
++
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ h_n = BN_new();
++ h_e = BN_new();
++ RSA_set0_key(session_data->hostkey, h_n, h_e, h_d);
++#else
+ session_data->hostkey->n = BN_new();
+ session_data->hostkey->e = BN_new();
++#endif
+
+ /* Get the RSA Key from the packet */
+ NS_GET32(server_mod,ptr);
+@@ -396,19 +418,37 @@ FUNC_DECODER(dissector_ssh)
+ DEBUG_MSG("Dissector_ssh Bougs Server_Mod");
+ return NULL;
+ }
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ RSA_get0_key(session_data->serverkey, &s_n, &s_e, &s_d);
++ get_bn(s_e, &ptr);
++ get_bn(s_n, &ptr);
++#else
+ get_bn(session_data->serverkey->e, &ptr);
+ get_bn(session_data->serverkey->n, &ptr);
++#endif
+
+ NS_GET32(host_mod,ptr);
+ if (ptr + (host_mod/8) > PACKET->DATA.data + PACKET->DATA.len) {
+ DEBUG_MSG("Dissector_ssh Bougs Host_Mod");
+ return NULL;
+ }
++
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ RSA_get0_key(session_data->hostkey, &h_n, &h_e, &h_d);
++ get_bn(h_e, &ptr);
++ get_bn(h_n, &ptr);
++#else
+ get_bn(session_data->hostkey->e, &ptr);
+ get_bn(session_data->hostkey->n, &ptr);
++#endif
+
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ server_exp = BN_get_word(s_e);
++ host_exp = BN_get_word(h_e);
++#else
+ server_exp = *(session_data->serverkey->e->d);
+ host_exp = *(session_data->hostkey->e->d);
++#endif
+
+ /* Check if we already have a suitable RSA key to substitute */
+ index_ssl = &ssh_conn_key;
+@@ -424,7 +464,7 @@ FUNC_DECODER(dissector_ssh)
+ SAFE_CALLOC(*index_ssl, 1, sizeof(ssh_my_key));
+
+ /* Generate the new key */
+- (*index_ssl)->myserverkey = (RSA *)RSA_generate_key(server_mod, server_exp, NULL, NULL);
++ (*index_ssl)->myserverkey = (RSA *)RSA_generate_key_ex(server_mod, server_exp, NULL, NULL);
+ (*index_ssl)->myhostkey = (RSA *)RSA_generate_key(host_mod, host_exp, NULL, NULL);
+ (*index_ssl)->server_mod = server_mod;
+ (*index_ssl)->host_mod = host_mod;
+@@ -443,11 +483,25 @@ FUNC_DECODER(dissector_ssh)
+
+ /* Put our RSA key in the packet */
+ key_to_put+=4;
++
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ RSA_get0_key(session_data->ptrkey->myserverkey, &m_s_n, &m_s_e, &m_s_d);
++ put_bn(m_s_e, &key_to_put);
++ put_bn(m_s_n, &key_to_put);
++#else
+ put_bn(session_data->ptrkey->myserverkey->e, &key_to_put);
+ put_bn(session_data->ptrkey->myserverkey->n, &key_to_put);
++#endif
+ key_to_put+=4;
++
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ RSA_get0_key(session_data->ptrkey->myhostkey, &m_h_n, &m_h_e, &m_h_d);
++ put_bn(m_h_e, &key_to_put);
++ put_bn(m_h_n, &key_to_put);
++#else
+ put_bn(session_data->ptrkey->myhostkey->e, &key_to_put);
+ put_bn(session_data->ptrkey->myhostkey->n, &key_to_put);
++#endif
+
+ /* Recalculate SSH crc */
+ *(u_int32 *)(PACKET->DATA.data + PACKET->DATA.len - 4) = htonl(CRC_checksum(PACKET->DATA.data+4, PACKET->DATA.len-8, CRC_INIT_ZERO));
+@@ -482,19 +536,34 @@ FUNC_DECODER(dissector_ssh)
+ key_to_put = ptr;
+
+ /* Calculate real session id and our fake session id */
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ temp_session_id = ssh_session_id(cookie, h_n, s_n);
++#else
+ temp_session_id = ssh_session_id(cookie, session_data->hostkey->n, session_data->serverkey->n);
++#endif
+ if (temp_session_id)
+ memcpy(session_id1, temp_session_id, 16);
++
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ temp_session_id=ssh_session_id(cookie, m_h_n, m_s_n);
++#else
+ temp_session_id=ssh_session_id(cookie, session_data->ptrkey->myhostkey->n, session_data->ptrkey->myserverkey->n);
++#endif
++
+ if (temp_session_id)
+ memcpy(session_id2, temp_session_id, 16);
+
+ /* Get the session key */
+ enckey = BN_new();
++
+ get_bn(enckey, &ptr);
+
+ /* Decrypt session key */
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ if (BN_cmp(m_s_n, m_h_n) > 0) {
++#else
+ if (BN_cmp(session_data->ptrkey->myserverkey->n, session_data->ptrkey->myhostkey->n) > 0) {
++#endif
+ rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myserverkey);
+ rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myhostkey);
+ } else {
+@@ -534,7 +603,11 @@ FUNC_DECODER(dissector_ssh)
+ BN_add_word(bn, sesskey[i]);
+ }
+
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ if (BN_cmp(s_n, h_n) < 0) {
++#else
+ if (BN_cmp(session_data->serverkey->n, session_data->hostkey->n) < 0) {
++#endif
+ rsa_public_encrypt(bn, bn, session_data->serverkey);
+ rsa_public_encrypt(bn, bn, session_data->hostkey);
+ } else {
+@@ -716,7 +789,16 @@ static void rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
+ u_char *inbuf, *outbuf;
+ int32 len, ilen, olen;
+
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ BIGNUM *n;
++ BIGNUM *e;
++ BIGNUM *d;
++ RSA_get0_key(key, &n, &e, &d);
++ olen = BN_num_bytes(n);
++#else
+ olen = BN_num_bytes(key->n);
++#endif
++
+ outbuf = malloc(olen);
+ if (outbuf == NULL) /* oops, couldn't allocate memory */
+ return;
+@@ -744,7 +826,16 @@ static void rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
+ u_char *inbuf, *outbuf;
+ int32 len, ilen, olen;
+
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ BIGNUM *n;
++ BIGNUM *e;
++ BIGNUM *d;
++ RSA_get0_key(key, &n, &e, &d);
++ olen = BN_num_bytes(n);
++#else
+ olen = BN_num_bytes(key->n);
++#endif
++
+ outbuf = malloc(olen);
+ if (outbuf == NULL) /* oops, couldn't allocate memory */
+ return;
+diff --git a/src/ec_sslwrap.c b/src/ec_sslwrap.c
+index c6c74421e..6369d2514 100644
+--- a/src/ec_sslwrap.c
++++ b/src/ec_sslwrap.c
+@@ -56,6 +56,10 @@
+ #define OPENSSL_NO_KRB5 1
+ #include <openssl/ssl.h>
+
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
++#endif
++
+ #define BREAK_ON_ERROR(x,y,z) do { \
+ if (x == -E_INVALID) { \
+ SAFE_FREE(z.DATA.disp_data); \
+@@ -1102,9 +1106,19 @@ static X509 *sslw_create_selfsigned(X509 *server_cert)
+ index = X509_get_ext_by_NID(server_cert, NID_authority_key_identifier, -1);
+ if (index >=0) {
+ ext = X509_get_ext(server_cert, index);
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ ASN1_OCTET_STRING* data;
++ data = X509_EXTENSION_get_data (ext);
++#endif
+ if (ext) {
++#ifdef HAVE_OPAQUE_RSA_DSA_DH
++ data->data[7] = 0xe7;
++ data->data[8] = 0x7e;
++ X509_EXTENSION_set_data (ext, data);
++#else
+ ext->value->data[7] = 0xe7;
+ ext->value->data[8] = 0x7e;
++#endif
+ X509_add_ext(out_cert, ext, -1);
+ }
+ }
+
+From def7a62c542241367428223dc460906b0634dcd1 Mon Sep 17 00:00:00 2001
+From: Gianfranco Costamagna <costamagnagianfranco at yahoo.it>
+Date: Tue, 28 Jun 2016 17:04:20 +0200
+Subject: [PATCH 2/2] Fix naming, from koeppea
+
+---
+ src/ec_sslwrap.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/ec_sslwrap.c b/src/ec_sslwrap.c
+index 6369d2514..696b690a4 100644
+--- a/src/ec_sslwrap.c
++++ b/src/ec_sslwrap.c
+@@ -1107,14 +1107,14 @@ static X509 *sslw_create_selfsigned(X509 *server_cert)
+ if (index >=0) {
+ ext = X509_get_ext(server_cert, index);
+ #ifdef HAVE_OPAQUE_RSA_DSA_DH
+- ASN1_OCTET_STRING* data;
+- data = X509_EXTENSION_get_data (ext);
++ ASN1_OCTET_STRING* os;
++ os = X509_EXTENSION_get_data (ext);
+ #endif
+ if (ext) {
+ #ifdef HAVE_OPAQUE_RSA_DSA_DH
+- data->data[7] = 0xe7;
+- data->data[8] = 0x7e;
+- X509_EXTENSION_set_data (ext, data);
++ os->data[7] = 0xe7;
++ os->data[8] = 0x7e;
++ X509_EXTENSION_set_data (ext, os);
+ #else
+ ext->value->data[7] = 0xe7;
+ ext->value->data[8] = 0x7e;
+diff -ur ettercap-NG-0.7.3/src/dissectors/ec_ssh.c ettercap-NG-0.7.3.new/src/dissectors/ec_ssh.c
+--- ettercap-NG-0.7.3/src/dissectors/ec_ssh.c 2018-09-26 07:30:04.680505099 +0200
++++ ettercap-NG-0.7.3.new/src/dissectors/ec_ssh.c 2018-09-26 07:29:52.413476351 +0200
+@@ -91,8 +91,8 @@
+
+ struct des3_state
+ {
+- des_key_schedule k1, k2, k3;
+- des_cblock iv1, iv2, iv3;
++ DES_key_schedule k1, k2, k3;
++ DES_cblock iv1, iv2, iv3;
+ };
+
+ struct blowfish_state
+@@ -674,13 +674,13 @@
+
+ state = malloc(sizeof(*state));
+
+- des_set_key((void *)sesskey, (state->k1));
+- des_set_key((void *)(sesskey + 8), (state->k2));
++ DES_set_key((DES_cblock *)sesskey, &(state->k1));
++ DES_set_key((DES_cblock *)(sesskey + 8), &(state->k2));
+
+ if (len <= 16)
+- des_set_key((void *)sesskey, (state->k3));
++ DES_set_key((void *)sesskey, &(state->k3));
+ else
+- des_set_key((void *)(sesskey + 16), (state->k3));
++ DES_set_key((void *)(sesskey + 16), &(state->k3));
+
+ memset(state->iv1, 0, 8);
+ memset(state->iv2, 0, 8);
+@@ -696,9 +696,9 @@
+ dstate = (struct des3_state *)state;
+ memcpy(dstate->iv1, dstate->iv2, 8);
+
+- des_ncbc_encrypt(src, dst, len, (dstate->k3), &dstate->iv3, DES_DECRYPT);
+- des_ncbc_encrypt(dst, dst, len, (dstate->k2), &dstate->iv2, DES_ENCRYPT);
+- des_ncbc_encrypt(dst, dst, len, (dstate->k1), &dstate->iv1, DES_DECRYPT);
++ DES_ncbc_encrypt(src, dst, len, &(dstate->k3), &dstate->iv3, DES_DECRYPT);
++ DES_ncbc_encrypt(dst, dst, len, &(dstate->k2), &dstate->iv2, DES_ENCRYPT);
++ DES_ncbc_encrypt(dst, dst, len, &(dstate->k1), &dstate->iv1, DES_DECRYPT);
+ }
+
+ static void swap_bytes(const u_char *src, u_char *dst, int n)
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/ettercap.git/commitdiff/888d2f69fe64e85642f33c9d09f01652f4accf4f
More information about the pld-cvs-commit
mailing list