Date: Sat, 21 Feb 2015 15:11:28 +0000 (UTC) From: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r379520 - in head/net-mgmt/ettercap: . files Message-ID: <201502211511.t1LFBSSP002918@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sunpoet Date: Sat Feb 21 15:11:27 2015 New Revision: 379520 URL: https://svnweb.freebsd.org/changeset/ports/379520 QAT: https://qat.redports.org/buildarchive/r379520/ Log: - Import upstream patches: - Fix when determine MTU on BSD system [1] - Reset logfile ownership upon dropping privileges [2] - Bump PORTREVISION for package change PR: 197509 [2] Submitted by: Rafal Grzeszczuk <rafi.root@gmail.com> [2] Obtained from: https://github.com/Ettercap/ettercap/commit/00f864d7dd2d82b640064db81aad065794b9b11b [1] https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863 [2] Added: head/net-mgmt/ettercap/files/ head/net-mgmt/ettercap/files/patch-include-ec_log.h (contents, props changed) head/net-mgmt/ettercap/files/patch-src-ec_log.c (contents, props changed) head/net-mgmt/ettercap/files/patch-src-ec_utils.c (contents, props changed) head/net-mgmt/ettercap/files/patch-src-os-ec_bsd.c (contents, props changed) Modified: head/net-mgmt/ettercap/Makefile Modified: head/net-mgmt/ettercap/Makefile ============================================================================== --- head/net-mgmt/ettercap/Makefile Sat Feb 21 15:11:21 2015 (r379519) +++ head/net-mgmt/ettercap/Makefile Sat Feb 21 15:11:27 2015 (r379520) @@ -3,6 +3,7 @@ PORTNAME= ettercap PORTVERSION= 0.8.1 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= net-mgmt security Added: head/net-mgmt/ettercap/files/patch-include-ec_log.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net-mgmt/ettercap/files/patch-include-ec_log.h Sat Feb 21 15:11:27 2015 (r379520) @@ -0,0 +1,21 @@ +Obtained from: https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863 + +--- include/ec_log.h.orig 2014-10-17 01:29:44.000000000 +0800 ++++ include/ec_log.h 2015-02-21 19:58:20.730805519 +0800 +@@ -8,6 +8,7 @@ + + #include <zlib.h> + #include <sys/time.h> ++#include <unistd.h> + + + struct log_fd { +@@ -126,6 +127,8 @@ + #define LOG_TRUE 1 + #define LOG_FALSE 0 + ++EC_API_EXTERN void reset_logfile_owners(uid_t old_uid, gid_t old_gid, uid_t new_uid, gid_t new_gid); ++ + EC_API_EXTERN int log_open(struct log_fd *fd, char *filename); + EC_API_EXTERN void log_close(struct log_fd *fd); + EC_API_EXTERN void log_stop(void); Added: head/net-mgmt/ettercap/files/patch-src-ec_log.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net-mgmt/ettercap/files/patch-src-ec_log.c Sat Feb 21 15:11:27 2015 (r379520) @@ -0,0 +1,143 @@ +Obtained from: https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863 + +--- src/ec_log.c.orig 2014-10-17 01:29:44.000000000 +0800 ++++ src/ec_log.c 2015-02-21 19:58:20.733803628 +0800 +@@ -37,8 +37,11 @@ + + /* globals */ + +-static struct log_fd fdp; +-static struct log_fd fdi; ++/* zero is formally a valid value for an opened file descriptor ++ * so we need a custom initializer ++ */ ++static struct log_fd fdp = {0, NULL, -1}; ++static struct log_fd fdi = {0, NULL, -1}; + + /* protos */ + +@@ -79,7 +82,7 @@ + /* all the host type will be unknown, warn the user */ + if (GBL_OPTIONS->read) { + USER_MSG("*********************************************************\n"); +- USER_MSG("WARNING: while reading form file we cannot determine \n"); ++ USER_MSG("WARNING: while reading form file we cannot determine \n"); + USER_MSG("if an host is local or not because the ip address of \n"); + USER_MSG("the NIC may have been changed from the time of the dump. \n"); + USER_MSG("*********************************************************\n\n"); +@@ -168,23 +171,30 @@ + + /* + * open a file in the appropriate log_fd struct ++ * ++ * whether or not the log is compressed ++ * fd->fd becomes to always be a file descriptor of the opened file ++ * and fd->cfd is a non-NULL gzip stream descriptor when the log is to be compressed ++ * ++ * TODO: it is likely that we dont need 'type' field in 'log_fd' struct ++ * to mark a compressed log; non-NULL 'cfd' field becomes such a flag + */ + int log_open(struct log_fd *fd, char *filename) + { +- int zerr; + +- if (fd->type == LOG_COMPRESSED) { +- fd->cfd = gzopen(filename, "wb9"); +- if (fd->cfd == NULL) +- SEMIFATAL_ERROR("%s", gzerror(fd->cfd, &zerr)); +- } else { +- fd->fd = open(filename, O_CREAT | O_TRUNC | O_RDWR | O_BINARY, S_IRUSR | S_IWUSR); +- if (fd->fd == -1) +- SEMIFATAL_ERROR("Can't create %s: %s", filename, strerror(errno)); +- } +- +- /* set the permissions */ +- chmod(filename, 0600); ++ fd->fd = open(filename, O_CREAT|O_TRUNC|O_RDWR|O_BINARY, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH); ++ if (fd->fd == -1) ++ SEMIFATAL_ERROR("Can't create %s: %s", filename, strerror(errno)); ++ else ++ { ++ if (GBL_OPTIONS->compress) ++ { ++ int zerr; ++ fd->cfd = gzdopen(fd->fd, "wb9"); ++ if (fd->cfd == NULL) ++ SEMIFATAL_ERROR("%s", gzerror(fd->cfd, &zerr)); ++ }; ++ }; + + return E_SUCCESS; + } +@@ -195,14 +205,66 @@ + void log_close(struct log_fd *fd) + { + DEBUG_MSG("log_close: type: %d [%p][%d]", fd->type, fd->cfd, fd->fd); +- +- if (fd->type == LOG_COMPRESSED && fd->cfd) { ++ ++ if (fd->cfd) ++ { ++ /* gzclose() on the gzip stream descriptor (fd->cfd) ++ * will also close the file descriptor (fd->fd) ++ */ + gzclose(fd->cfd); + fd->cfd = NULL; +- } else if (fd->type == LOG_UNCOMPRESSED && fd->fd) { ++ fd->fd = -1; /* to prevent double closing the file descriptor */ ++ }; ++ ++ if (fd->fd >= 0) ++ { + close(fd->fd); +- fd->fd = 0; +- } ++ fd->fd = -1; ++ }; ++} ++ ++/* ++ * set the owner:group of the packet and info logfiles to new_uid:new_gid ++ * if the current owners are old_uid:old_gid respectively ++ * ++ * prefer this way to unconditionally setting the new ownership as far as ++ * the file may be intentionally located in the set-group-ID directory ++ */ ++void reset_logfile_owners(uid_t old_uid, gid_t old_gid, uid_t new_uid, gid_t new_gid) ++{ ++ struct stat f; ++ uid_t uid; ++ gid_t gid; ++ ++ /* packet logfile */ ++ if (fdp.fd >= 0) ++ { ++ DEBUG_MSG("reset_logfile_owners: packet log file"); ++ if (fstat(fdp.fd, &f) == 0) ++ { ++ uid = (f.st_uid == old_uid) ? new_uid : (uid_t)-1; ++ gid = (f.st_gid == old_gid) ? new_gid : (gid_t)-1; ++ if ( fchown(fdp.fd, uid, gid) != 0 ) ++ ERROR_MSG("fchown()"); ++ } ++ else ++ ERROR_MSG("fstat()"); ++ }; ++ ++ /* info logfile */ ++ if (fdi.fd >= 0) ++ { ++ DEBUG_MSG("reset_logfile_owners: info log file"); ++ if (fstat(fdi.fd, &f) == 0) ++ { ++ uid = (f.st_uid == old_uid) ? new_uid : (uid_t)-1; ++ gid = (f.st_gid == old_gid) ? new_gid : (gid_t)-1; ++ if ( fchown(fdi.fd, uid, gid) != 0 ) ++ ERROR_MSG("fchown()"); ++ } ++ else ++ ERROR_MSG("fstat()"); ++ }; + } + + /* Added: head/net-mgmt/ettercap/files/patch-src-ec_utils.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net-mgmt/ettercap/files/patch-src-ec_utils.c Sat Feb 21 15:11:27 2015 (r379520) @@ -0,0 +1,28 @@ +Obtained from: https://github.com/Ettercap/ettercap/commit/42600aada0ba56b9c63dabcc2b0cb1417fa27863 + +--- src/ec_utils.c.orig 2014-10-17 01:29:44.000000000 +0800 ++++ src/ec_utils.c 2015-02-21 19:58:20.735805931 +0800 +@@ -225,17 +225,19 @@ + else + gid = GBL_CONF->ec_gid; + +- DEBUG_MSG("drop_privs: setuid(%d) setgid(%d)", uid, gid); ++ reset_logfile_owners(geteuid(), getegid(), uid, gid); ++ ++ DEBUG_MSG("drop_privs: seteuid(%d) setegid(%d)", uid, gid); + + /* drop to a good uid/gid ;) */ +- if ( setgid(gid) < 0 ) +- ERROR_MSG("setgid()"); ++ if ( setegid(gid) < 0 ) ++ ERROR_MSG("setegid()"); + + if ( seteuid(uid) < 0 ) + ERROR_MSG("seteuid()"); + + DEBUG_MSG("privs: UID: %d %d GID: %d %d", (int)getuid(), (int)geteuid(), (int)getgid(), (int)getegid() ); +- USER_MSG("Privileges dropped to UID %d GID %d...\n\n", (int)getuid(), (int)getgid() ); ++ USER_MSG("Privileges dropped to EUID %d EGID %d...\n\n", (int)geteuid(), (int)getegid() ); + } + + /* base64 stuff */ Added: head/net-mgmt/ettercap/files/patch-src-os-ec_bsd.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net-mgmt/ettercap/files/patch-src-os-ec_bsd.c Sat Feb 21 15:11:27 2015 (r379520) @@ -0,0 +1,13 @@ +Obtained from: https://github.com/Ettercap/ettercap/commit/00f864d7dd2d82b640064db81aad065794b9b11b + +--- src/os/ec_bsd.c.orig 2014-10-17 01:29:44.000000000 +0800 ++++ src/os/ec_bsd.c 2015-02-21 19:58:20.738805431 +0800 +@@ -136,7 +136,7 @@ + + /* open the socket to work on */ + sock = socket(PF_INET, SOCK_DGRAM, 0); +- if (sock = -1) ++ if (sock == -1) + FATAL_ERROR("Unable to open socket on interface for MTU query\n"); + memset(&ifr, 0, sizeof(ifr)); + strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name));
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201502211511.t1LFBSSP002918>