diff -ru --new-file dsniff-2.2.orig/config.h.in dsniff-2.2/config.h.in --- dsniff-2.2.orig/config.h.in Wed Jun 14 08:45:47 2000 +++ dsniff-2.2/config.h.in Tue Jun 20 23:34:38 2000 @@ -36,6 +36,9 @@ /* Define if you have the header file. */ #undef HAVE_DB_185_H +/* Define if you have the header file. */ +#undef HAVE_MD5_H + /* Define if you have the MD5Update function. */ #undef HAVE_MD5UPDATE @@ -80,6 +83,15 @@ /* Define if you have the header file. */ #undef HAVE_UNISTD_H + +/* Define if you have the header file. */ +#undef HAVE_NETINET_IF_ETHER_H + +/* Define if you have the uh_ulen member in udphdr structure. */ +#undef HAVE_UH_ULEN + +/* Define to had the support for mountd decoding. */ +#undef ENABLE_MOUNTD /* Define if you have the nsl library (-lnsl). */ #undef HAVE_LIBNSL diff -ru --new-file dsniff-2.2.orig/configure.in dsniff-2.2/configure.in --- dsniff-2.2.orig/configure.in Wed Jun 14 08:43:31 2000 +++ dsniff-2.2/configure.in Wed Jun 21 01:18:54 2000 @@ -20,7 +20,7 @@ dnl Checks for header files. AC_PATH_XTRA AC_HEADER_STDC -AC_CHECK_HEADERS(err.h fcntl.h sys/ioctl.h unistd.h libgen.h) +AC_CHECK_HEADERS(err.h fcntl.h sys/ioctl.h unistd.h libgen.h netinet/if_ether.h) dnl Checks for typedefs, structures, and compiler characteristics. AC_C_CONST @@ -33,6 +33,23 @@ AC_CHECK_TYPE(in_addr_t, u_int32_t) CFLAGS="$CFLAGS -D_BSD_SOURCE" +AC_MSG_CHECKING(whether member uh_ulen is in struct udphdr) +AC_TRY_COMPILE([#include ],[struct udphdr *udp;udp->uh_ulen;],have_uh_ulen=yes,have_uh_ulen=false) +if test "$have_uh_ulen" = "yes"; then + AC_DEFINE(HAVE_UH_ULEN) + AC_MSG_RESULT(yes) +else + AC_MSG_RESULT(no) +fi + +mountd=no +AC_ARG_ENABLE(mountd, +[ --enable-mountd use decode_mountd], +mountd=yes, mountd=no) +if test "$mountd" = "yes"; then + AC_DEFINE(ENABLE_MOUNTD) +fi + dnl Checks for library functions. AC_PROG_GCC_TRADITIONAL AC_FUNC_MEMCMP @@ -51,6 +68,7 @@ LIBOBJS="$LIBOBJS md5.o" MD5INC="-I\$(srcdir)/missing" AC_SUBST(MD5INC) +else AC_CHECK_HEADERS(md5.h) fi neederr=no AC_CHECK_FUNCS(warnx, , [neederr=yes]) @@ -100,6 +118,9 @@ DBLIB="-ldb" elif test -f /usr/include/db.h; then AC_DEFINE(HAVE_DB_H) + if test -f /usr/lib/libdb.a; then + DBLIB="-ldb" + fi else AC_ERROR(Berkeley DB with 1.85 compatibility not found) fi diff -ru --new-file dsniff-2.2.orig/decode.c dsniff-2.2/decode.c --- dsniff-2.2.orig/decode.c Wed Jun 14 18:15:59 2000 +++ dsniff-2.2/decode.c Tue Jun 20 23:36:25 2000 @@ -45,7 +45,9 @@ extern int decode_x11(u_char *, int); extern int decode_irc(u_char *, int); extern int decode_portmap(u_char *, int); +#ifdef ENABLE_MOUNTD extern int decode_mountd(u_char *, int); +#endif extern int decode_yppasswd(u_char *, int); static struct decode decodes[] = { @@ -78,7 +80,9 @@ { "x11", decode_x11 }, { "irc", decode_irc }, { "portmap", decode_portmap }, +#ifdef ENABLE_MOUNTD { "mountd", decode_mountd }, +#endif { "yppasswd", decode_yppasswd }, { NULL } }; diff -ru --new-file dsniff-2.2.orig/missing/ethernet.h dsniff-2.2/missing/ethernet.h --- dsniff-2.2.orig/missing/ethernet.h Thu Jan 1 01:00:00 1970 +++ dsniff-2.2/missing/ethernet.h Tue Jun 20 21:33:17 2000 @@ -0,0 +1,101 @@ +/* + * Fundamental constants relating to ethernet. + * + * $FreeBSD: src/sys/net/ethernet.h,v 1.9.2.1 1999/08/29 16:28:13 peter Exp $ + * + */ + +#ifndef _NET_ETHERNET_H_ +#define _NET_ETHERNET_H_ + +/* + * The number of bytes in an ethernet (MAC) address. + */ +#define ETHER_ADDR_LEN 6 + +/* + * The number of bytes in the type field. + */ +#define ETHER_TYPE_LEN 2 + +/* + * The number of bytes in the trailing CRC field. + */ +#define ETHER_CRC_LEN 4 + +/* + * The length of the combined header. + */ +#define ETHER_HDR_LEN (ETHER_ADDR_LEN*2+ETHER_TYPE_LEN) + +/* + * The minimum packet length. + */ +#define ETHER_MIN_LEN 64 + +/* + * The maximum packet length. + */ +#define ETHER_MAX_LEN 1518 + +/* + * A macro to validate a length with + */ +#define ETHER_IS_VALID_LEN(foo) \ + ((foo) >= ETHER_MIN_LEN && (foo) <= ETHER_MAX_LEN) + +/* + * Structure of a 10Mb/s Ethernet header. + */ +struct ether_header { + u_char ether_dhost[ETHER_ADDR_LEN]; + u_char ether_shost[ETHER_ADDR_LEN]; + u_short ether_type; +}; + +/* + * Structure of a 48-bit Ethernet address. + */ +struct ether_addr { +#ifdef __FreeBSD__ + u_char octet[ETHER_ADDR_LEN]; +#else + u_char ether_addr_octet[ETHER_ADDR_LEN]; +#endif +}; + +#define ETHERTYPE_PUP 0x0200 /* PUP protocol */ +#define ETHERTYPE_IP 0x0800 /* IP protocol */ +#define ETHERTYPE_ARP 0x0806 /* Addr. resolution protocol */ +#define ETHERTYPE_REVARP 0x8035 /* reverse Addr. resolution protocol */ +#define ETHERTYPE_VLAN 0x8100 /* IEEE 802.1Q VLAN tagging */ +#define ETHERTYPE_LOOPBACK 0x9000 /* used to test interfaces */ +/* XXX - add more useful types here */ + +/* + * The ETHERTYPE_NTRAILER packet types starting at ETHERTYPE_TRAIL have + * (type-ETHERTYPE_TRAIL)*512 bytes of data followed + * by an ETHER type (as given above) and then the (variable-length) header. + */ +#define ETHERTYPE_TRAIL 0x1000 /* Trailer packet */ +#define ETHERTYPE_NTRAILER 16 + +#define ETHERMTU (ETHER_MAX_LEN-ETHER_HDR_LEN-ETHER_CRC_LEN) +#define ETHERMIN (ETHER_MIN_LEN-ETHER_HDR_LEN-ETHER_CRC_LEN) + +#ifndef KERNEL +#include + +/* + * Ethernet address conversion/parsing routines. + */ +__BEGIN_DECLS +struct ether_addr *ether_aton __P((char *)); +int ether_hostton __P((char *, struct ether_addr *)); +int ether_line __P((char *, struct ether_addr *, char *)); +char *ether_ntoa __P((struct ether_addr *)); +int ether_ntohost __P((char *, struct ether_addr *)); +__END_DECLS +#endif /* !KERNEL */ + +#endif /* !_NET_ETHERNET_H_ */ diff -ru --new-file dsniff-2.2.orig/missing/ethers.c dsniff-2.2/missing/ethers.c --- dsniff-2.2.orig/missing/ethers.c Sat Apr 8 22:50:28 2000 +++ dsniff-2.2/missing/ethers.c Tue Jun 20 22:27:09 2000 @@ -38,7 +38,11 @@ #include #include #include -#include +#ifdef HAVE_NETINET_IF_ETHER_H +#include */ +#else +#include +#endif #include #include #include diff -ru --new-file dsniff-2.2.orig/missing/if_arp.h dsniff-2.2/missing/if_arp.h --- dsniff-2.2.orig/missing/if_arp.h Thu Jan 1 01:00:00 1970 +++ dsniff-2.2/missing/if_arp.h Tue Jun 20 21:19:54 2000 @@ -0,0 +1,113 @@ +/* + * Copyright (c) 1986, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)if_arp.h 8.1 (Berkeley) 6/10/93 + * $FreeBSD: src/sys/net/if_arp.h,v 1.10.2.3 1999/11/19 09:30:31 julian Exp $ + */ + +#ifndef _NET_IF_ARP_H_ +#define _NET_IF_ARP_H_ + +/* + * Address Resolution Protocol. + * + * See RFC 826 for protocol description. ARP packets are variable + * in size; the arphdr structure defines the fixed-length portion. + * Protocol type values are the same as those for 10 Mb/s Ethernet. + * It is followed by the variable-sized fields ar_sha, arp_spa, + * arp_tha and arp_tpa in that order, according to the lengths + * specified. Field names used correspond to RFC 826. + */ +struct arphdr { + u_short ar_hrd; /* format of hardware address */ +#define ARPHRD_ETHER 1 /* ethernet hardware format */ +#define ARPHRD_IEEE802 6 /* token-ring hardware format */ +#define ARPHRD_FRELAY 15 /* frame relay hardware format */ + u_short ar_pro; /* format of protocol address */ + u_char ar_hln; /* length of hardware address */ + u_char ar_pln; /* length of protocol address */ + u_short ar_op; /* one of: */ +#define ARPOP_REQUEST 1 /* request to resolve address */ +#define ARPOP_REPLY 2 /* response to previous request */ +#define ARPOP_REVREQUEST 3 /* request protocol address given hardware */ +#define ARPOP_REVREPLY 4 /* response giving protocol address */ +#define ARPOP_INVREQUEST 8 /* request to identify peer */ +#define ARPOP_INVREPLY 9 /* response identifying peer */ +/* + * The remaining fields are variable in size, + * according to the sizes above. + */ +#ifdef COMMENT_ONLY + u_char ar_sha[]; /* sender hardware address */ + u_char ar_spa[]; /* sender protocol address */ + u_char ar_tha[]; /* target hardware address */ + u_char ar_tpa[]; /* target protocol address */ +#endif +}; + +/* + * ARP ioctl request + */ +struct arpreq { + struct sockaddr arp_pa; /* protocol address */ + struct sockaddr arp_ha; /* hardware address */ + int arp_flags; /* flags */ +}; +/* arp_flags and at_flags field values */ +#define ATF_INUSE 0x01 /* entry in use */ +#define ATF_COM 0x02 /* completed entry (enaddr valid) */ +#define ATF_PERM 0x04 /* permanent entry */ +#define ATF_PUBL 0x08 /* publish entry (respond for other host) */ +#define ATF_USETRAILERS 0x10 /* has requested trailers */ + +#ifdef KERNEL +/* + * Structure shared between the ethernet driver modules and + * the address resolution code. For example, each ec_softc or il_softc + * begins with this structure. + */ +struct arpcom { + /* + * The ifnet struct _must_ be at the head of this structure. + */ + struct ifnet ac_if; /* network-visible interface */ + u_char ac_enaddr[6]; /* ethernet hardware address */ + int ac_multicnt; /* length of ac_multiaddrs list */ +/* #ifdef NETGRAPH */ + void *ac_ng; /* hook to hang netgraph stuff off */ +/* #endif */ +}; + +extern u_char etherbroadcastaddr[6]; +#endif + +#endif /* !_NET_IF_ARP_H_ */ diff -ru --new-file dsniff-2.2.orig/missing/if_ether.h dsniff-2.2/missing/if_ether.h --- dsniff-2.2.orig/missing/if_ether.h Thu Jan 1 01:00:00 1970 +++ dsniff-2.2/missing/if_ether.h Tue Jun 20 21:20:21 2000 @@ -0,0 +1,107 @@ +/* + * Copyright (c) 1982, 1986, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)if_ether.h 8.3 (Berkeley) 5/2/95 + * $FreeBSD: src/sys/netinet/if_ether.h,v 1.21.2.1 1999/08/29 16:29:31 peter Exp + $ + */ + +#ifndef _NETINET_IF_ETHER_H_ +#define _NETINET_IF_ETHER_H_ + +#include +#include + +/* + * Macro to map an IP multicast address to an Ethernet multicast address. + * The high-order 25 bits of the Ethernet address are statically assigned, + * and the low-order 23 bits are taken from the low end of the IP address. + */ +#define ETHER_MAP_IP_MULTICAST(ipaddr, enaddr) \ + /* struct in_addr *ipaddr; */ \ + /* u_char enaddr[ETHER_ADDR_LEN]; */ \ +{ \ + (enaddr)[0] = 0x01; \ + (enaddr)[1] = 0x00; \ + (enaddr)[2] = 0x5e; \ + (enaddr)[3] = ((u_char *)ipaddr)[1] & 0x7f; \ + (enaddr)[4] = ((u_char *)ipaddr)[2]; \ + (enaddr)[5] = ((u_char *)ipaddr)[3]; \ +} + +/* + * Ethernet Address Resolution Protocol. + * + * See RFC 826 for protocol description. Structure below is adapted + * to resolving internet addresses. Field names used correspond to + * RFC 826. + */ +struct ether_arp { + struct arphdr ea_hdr; /* fixed-size header */ + u_char arp_sha[ETHER_ADDR_LEN]; /* sender hardware address */ + u_char arp_spa[4]; /* sender protocol address */ + u_char arp_tha[ETHER_ADDR_LEN]; /* target hardware address */ + u_char arp_tpa[4]; /* target protocol address */ +}; +#define arp_hrd ea_hdr.ar_hrd +#define arp_pro ea_hdr.ar_pro +#define arp_hln ea_hdr.ar_hln +#define arp_pln ea_hdr.ar_pln +#define arp_op ea_hdr.ar_op + +struct sockaddr_inarp { + u_char sin_len; + u_char sin_family; + u_short sin_port; + struct in_addr sin_addr; + struct in_addr sin_srcaddr; + u_short sin_tos; + u_short sin_other; +#define SIN_PROXY 1 +}; +/* + * IP and ethernet specific routing flags + */ +#define RTF_USETRAILERS RTF_PROTO1 /* use trailers */ +#define RTF_ANNOUNCE RTF_PROTO2 /* announce new arp entry */ + +#ifdef KERNEL +extern u_char ether_ipmulticast_min[ETHER_ADDR_LEN]; +extern u_char ether_ipmulticast_max[ETHER_ADDR_LEN]; +extern struct ifqueue arpintrq; + +int arpresolve __P((struct arpcom *, struct rtentry *, struct mbuf *, + struct sockaddr *, u_char *, struct rtentry *)); +void arp_ifinit __P((struct arpcom *, struct ifaddr *)); +#endif + +#endif diff -ru --new-file dsniff-2.2.orig/missing/udp.h dsniff-2.2/missing/udp.h --- dsniff-2.2.orig/missing/udp.h Thu Jan 1 01:00:00 1970 +++ dsniff-2.2/missing/udp.h Tue Jun 20 20:39:09 2000 @@ -0,0 +1,51 @@ +/* + * Copyright (c) 1982, 1986, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)udp.h 8.1 (Berkeley) 6/10/93 + * $FreeBSD: src/sys/netinet/udp.h,v 1.6.4.1 1999/08/29 16:29:58 peter Exp $ + */ + +#ifndef _NETINET_UDP_H_ +#define _NETINET_UDP_H_ + +/* + * Udp protocol header. + * Per RFC 768, September, 1981. + */ +struct udphdr { + u_short uh_sport; /* source port */ + u_short uh_dport; /* destination port */ + u_short uh_ulen; /* udp length */ + u_short uh_sum; /* udp checksum */ +}; + +#endif diff -ru --new-file dsniff-2.2.orig/record.c dsniff-2.2/record.c --- dsniff-2.2.orig/record.c Wed Jun 14 18:16:01 2000 +++ dsniff-2.2/record.c Tue Jun 20 18:49:10 2000 @@ -12,7 +12,11 @@ #include #include #include +#ifdef HAVE_MD5_H #include +#else +#include +#endif #ifdef HAVE_DB_185_H #define DB_LIBRARY_COMPATIBILITY_API #include diff -ru --new-file dsniff-2.2.orig/trigger.c dsniff-2.2/trigger.c --- dsniff-2.2.orig/trigger.c Sat Jun 17 21:15:10 2000 +++ dsniff-2.2/trigger.c Tue Jun 20 23:37:52 2000 @@ -14,6 +14,10 @@ #ifdef HAVE_ERR_H #include #endif +#ifndef HAVE_UH_ULEN + #include "missing/udp.h" + #define _LINUX_UDP_H +#endif #include #include #include "options.h" @@ -200,7 +204,9 @@ if (proto == IPPROTO_UDP) { trigger_set_udp(num, name); if (strcmp(name, "portmap") == 0 || /* XXX - hack */ +#ifdef ENABLE_MOUNTD strcmp(name, "mountd") == 0 || +#endif strcmp(name, "yppasswd") == 0) { trigger_set_udp(0 - num, name); } @@ -210,7 +216,9 @@ else if (proto == IPPROTO_TCP) { trigger_set_tcp(num, name); if (strcmp(name, "portmap") == 0 || /* XXX - hack */ +#ifdef ENABLE_MOUNTD strcmp(name, "mountd") == 0 || +#endif strcmp(name, "yppasswd") == 0) { trigger_set_tcp(0 - num, name); }