Date: Tue, 16 Oct 2018 20:03:46 +0000 (UTC) From: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r482244 - in head/net-mgmt/ettercap: . files Message-ID: <201810162003.w9GK3kx5009762@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sunpoet Date: Tue Oct 16 20:03:46 2018 New Revision: 482244 URL: https://svnweb.freebsd.org/changeset/ports/482244 Log: Fix build with OpenSSL 1.1.x Obtained from: https://github.com/LocutusOfBorg/ettercap/commit/f0d63b27c82df2ad5f7ada6310727d841b43fbcc https://github.com/LocutusOfBorg/ettercap/commit/def7a62c542241367428223dc460906b0634dcd1 Added: head/net-mgmt/ettercap/files/patch-src-dissectors-ec_ssh.c (contents, props changed) head/net-mgmt/ettercap/files/patch-src-ec_sslwrap.c (contents, props changed) Modified: head/net-mgmt/ettercap/Makefile Modified: head/net-mgmt/ettercap/Makefile ============================================================================== --- head/net-mgmt/ettercap/Makefile Tue Oct 16 20:03:38 2018 (r482243) +++ head/net-mgmt/ettercap/Makefile Tue Oct 16 20:03:46 2018 (r482244) @@ -16,7 +16,7 @@ LICENSE_FILE= ${WRKSRC}/LICENSE LIB_DEPENDS= libnet.so:net/libnet OPTIONS_DEFINE= DESKTOP DOCS GTK2 IPV6 NCURSES PCRE PLUGINS SSL UTF8 -OPTIONS_DEFAULT=GTK2 NCURSES PCRE PLUGINS SSL UTF8 +OPTIONS_DEFAULT=NCURSES PCRE PLUGINS SSL UTF8 OPTIONS_SUB= yes DESKTOP_DESC= Install ettercap.desktop NCURSES_DESC= Ncurses interface Added: head/net-mgmt/ettercap/files/patch-src-dissectors-ec_ssh.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net-mgmt/ettercap/files/patch-src-dissectors-ec_ssh.c Tue Oct 16 20:03:46 2018 (r482244) @@ -0,0 +1,207 @@ +Obtained from: https://github.com/LocutusOfBorg/ettercap/commit/f0d63b27c82df2ad5f7ada6310727d841b43fbcc + +--- src/dissectors/ec_ssh.c.orig 2015-03-14 13:43:11 UTC ++++ src/dissectors/ec_ssh.c +@@ -36,6 +36,10 @@ + #include <openssl/md5.h> + #include <zlib.h> + ++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) ++#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ ++#endif ++ + #define SMSG_PUBLIC_KEY 2 + #define CMSG_SESSION_KEY 3 + #define CMSG_USER 4 +@@ -138,6 +142,11 @@ FUNC_DECODER(dissector_ssh) + char tmp[MAX_ASCII_ADDR_LEN]; + u_int32 ssh_len, ssh_mod; + u_char ssh_packet_type, *ptr, *key_to_put; ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ BIGNUM *h_n, *s_n, *m_h_n, *m_s_n; ++ BIGNUM *h_e, *s_e, *m_h_e, *m_s_e; ++ BIGNUM *h_d, *s_d, *m_h_d, *m_s_d; ++#endif + + /* don't complain about unused var */ + (void) DECODE_DATA; +@@ -383,12 +392,25 @@ FUNC_DECODER(dissector_ssh) + if (session_data->ptrkey == NULL) { + /* Initialize RSA key structures (other fileds are set to 0) */ + session_data->serverkey = RSA_new(); ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ s_n = BN_new(); ++ s_e = BN_new(); ++ RSA_set0_key(session_data->serverkey, s_n, s_e, s_d); ++#else + session_data->serverkey->n = BN_new(); + session_data->serverkey->e = BN_new(); ++#endif + + session_data->hostkey = RSA_new(); ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ h_n = BN_new(); ++ h_e = BN_new(); ++ RSA_set0_key(session_data->hostkey, h_n, h_e, h_d); ++#else + session_data->hostkey->n = BN_new(); + session_data->hostkey->e = BN_new(); ++#endif + + /* Get the RSA Key from the packet */ + NS_GET32(server_mod,ptr); +@@ -396,19 +418,37 @@ FUNC_DECODER(dissector_ssh) + DEBUG_MSG("Dissector_ssh Bougs Server_Mod"); + return NULL; + } ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ RSA_get0_key(session_data->serverkey, &s_n, &s_e, &s_d); ++ get_bn(s_e, &ptr); ++ get_bn(s_n, &ptr); ++#else + get_bn(session_data->serverkey->e, &ptr); + get_bn(session_data->serverkey->n, &ptr); ++#endif + + NS_GET32(host_mod,ptr); + if (ptr + (host_mod/8) > PACKET->DATA.data + PACKET->DATA.len) { + DEBUG_MSG("Dissector_ssh Bougs Host_Mod"); + return NULL; + } ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ RSA_get0_key(session_data->hostkey, &h_n, &h_e, &h_d); ++ get_bn(h_e, &ptr); ++ get_bn(h_n, &ptr); ++#else + get_bn(session_data->hostkey->e, &ptr); + get_bn(session_data->hostkey->n, &ptr); ++#endif + ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ server_exp = BN_get_word(s_e); ++ host_exp = BN_get_word(h_e); ++#else + server_exp = *(session_data->serverkey->e->d); + host_exp = *(session_data->hostkey->e->d); ++#endif + + /* Check if we already have a suitable RSA key to substitute */ + index_ssl = &ssh_conn_key; +@@ -424,7 +464,7 @@ FUNC_DECODER(dissector_ssh) + SAFE_CALLOC(*index_ssl, 1, sizeof(ssh_my_key)); + + /* Generate the new key */ +- (*index_ssl)->myserverkey = (RSA *)RSA_generate_key(server_mod, server_exp, NULL, NULL); ++ (*index_ssl)->myserverkey = (RSA *)RSA_generate_key_ex(server_mod, server_exp, NULL, NULL); + (*index_ssl)->myhostkey = (RSA *)RSA_generate_key(host_mod, host_exp, NULL, NULL); + (*index_ssl)->server_mod = server_mod; + (*index_ssl)->host_mod = host_mod; +@@ -443,11 +483,25 @@ FUNC_DECODER(dissector_ssh) + + /* Put our RSA key in the packet */ + key_to_put+=4; ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ RSA_get0_key(session_data->ptrkey->myserverkey, &m_s_n, &m_s_e, &m_s_d); ++ put_bn(m_s_e, &key_to_put); ++ put_bn(m_s_n, &key_to_put); ++#else + put_bn(session_data->ptrkey->myserverkey->e, &key_to_put); + put_bn(session_data->ptrkey->myserverkey->n, &key_to_put); ++#endif + key_to_put+=4; ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ RSA_get0_key(session_data->ptrkey->myhostkey, &m_h_n, &m_h_e, &m_h_d); ++ put_bn(m_h_e, &key_to_put); ++ put_bn(m_h_n, &key_to_put); ++#else + put_bn(session_data->ptrkey->myhostkey->e, &key_to_put); + put_bn(session_data->ptrkey->myhostkey->n, &key_to_put); ++#endif + + /* Recalculate SSH crc */ + *(u_int32 *)(PACKET->DATA.data + PACKET->DATA.len - 4) = htonl(CRC_checksum(PACKET->DATA.data+4, PACKET->DATA.len-8, CRC_INIT_ZERO)); +@@ -482,19 +536,34 @@ FUNC_DECODER(dissector_ssh) + key_to_put = ptr; + + /* Calculate real session id and our fake session id */ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ temp_session_id = ssh_session_id(cookie, h_n, s_n); ++#else + temp_session_id = ssh_session_id(cookie, session_data->hostkey->n, session_data->serverkey->n); ++#endif + if (temp_session_id) + memcpy(session_id1, temp_session_id, 16); ++ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ temp_session_id=ssh_session_id(cookie, m_h_n, m_s_n); ++#else + temp_session_id=ssh_session_id(cookie, session_data->ptrkey->myhostkey->n, session_data->ptrkey->myserverkey->n); ++#endif ++ + if (temp_session_id) + memcpy(session_id2, temp_session_id, 16); + + /* Get the session key */ + enckey = BN_new(); ++ + get_bn(enckey, &ptr); + + /* Decrypt session key */ ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ if (BN_cmp(m_s_n, m_h_n) > 0) { ++#else + if (BN_cmp(session_data->ptrkey->myserverkey->n, session_data->ptrkey->myhostkey->n) > 0) { ++#endif + rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myserverkey); + rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myhostkey); + } else { +@@ -534,7 +603,11 @@ FUNC_DECODER(dissector_ssh) + BN_add_word(bn, sesskey[i]); + } + ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ if (BN_cmp(s_n, h_n) < 0) { ++#else + if (BN_cmp(session_data->serverkey->n, session_data->hostkey->n) < 0) { ++#endif + rsa_public_encrypt(bn, bn, session_data->serverkey); + rsa_public_encrypt(bn, bn, session_data->hostkey); + } else { +@@ -716,7 +789,16 @@ static void rsa_public_encrypt(BIGNUM *o + u_char *inbuf, *outbuf; + int32 len, ilen, olen; + ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ BIGNUM *n; ++ BIGNUM *e; ++ BIGNUM *d; ++ RSA_get0_key(key, &n, &e, &d); ++ olen = BN_num_bytes(n); ++#else + olen = BN_num_bytes(key->n); ++#endif ++ + outbuf = malloc(olen); + if (outbuf == NULL) /* oops, couldn't allocate memory */ + return; +@@ -744,7 +826,16 @@ static void rsa_private_decrypt(BIGNUM * + u_char *inbuf, *outbuf; + int32 len, ilen, olen; + ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ BIGNUM *n; ++ BIGNUM *e; ++ BIGNUM *d; ++ RSA_get0_key(key, &n, &e, &d); ++ olen = BN_num_bytes(n); ++#else + olen = BN_num_bytes(key->n); ++#endif ++ + outbuf = malloc(olen); + if (outbuf == NULL) /* oops, couldn't allocate memory */ + return; Added: head/net-mgmt/ettercap/files/patch-src-ec_sslwrap.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net-mgmt/ettercap/files/patch-src-ec_sslwrap.c Tue Oct 16 20:03:46 2018 (r482244) @@ -0,0 +1,36 @@ +Obtained from: https://github.com/LocutusOfBorg/ettercap/commit/f0d63b27c82df2ad5f7ada6310727d841b43fbcc + https://github.com/LocutusOfBorg/ettercap/commit/def7a62c542241367428223dc460906b0634dcd1 + +--- src/ec_sslwrap.c.orig 2015-03-14 13:43:11 UTC ++++ src/ec_sslwrap.c +@@ -53,6 +53,10 @@ + #define OPENSSL_NO_KRB5 1 + #include <openssl/ssl.h> + ++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) ++#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ ++#endif ++ + #define BREAK_ON_ERROR(x,y,z) do { \ + if (x == -E_INVALID) { \ + SAFE_FREE(z.DATA.disp_data); \ +@@ -974,9 +978,19 @@ static X509 *sslw_create_selfsigned(X509 + index = X509_get_ext_by_NID(server_cert, NID_authority_key_identifier, -1); + if (index >=0) { + ext = X509_get_ext(server_cert, index); ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ ASN1_OCTET_STRING* os; ++ os = X509_EXTENSION_get_data (ext); ++#endif + if (ext) { ++#ifdef HAVE_OPAQUE_RSA_DSA_DH ++ os->data[7] = 0xe7; ++ os->data[8] = 0x7e; ++ X509_EXTENSION_set_data (ext, os); ++#else + ext->value->data[7] = 0xe7; + ext->value->data[8] = 0x7e; ++#endif + X509_add_ext(out_cert, ext, -1); + } + }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201810162003.w9GK3kx5009762>