Fix broken configure script, reorganize patch, remove redundant AF_LOCAL substitution, add with_gui option, write honey launch script, add postscript documentation, correct FSL linkage, minimize installation logic, add FTP, POP3, and SMTP service decoys, add Linux, AIX, and Windows host definitions, add missing uids and gids to host definitions, remove log files, use 192.168.1/24 as the default network, improve run command start logic, correct log file rotation, correct setenv(3) replacement method, and reorder dependencies

honeyd/honey

@@ -0,0 +1,8 @@
+#! /bin/sh
+##
+##  honey -- Java GUI launcher
+##  Copyright (c) 2003 The OpenPKG Project <http://www.openpkg.org/>
+##
+
+@l_prefix@/bin/java -cp @l_prefix@/lib/honeyd/javagui HostFrame
+

honeyd/honeyd.conf

@@ -2,15 +2,61 @@
 ##  honeyd.conf
 ##
 
-#   test host definition
-create testbox
-set testbox personality "AIX 4.0 - 4.2"
-add testbox tcp port 80 "@l_prefix@/libexec/honeyd/honeyd.service http"
-add testbox tcp port 22 "@l_prefix@/libexec/honeyd/honeyd.service ssh"
-add testbox tcp port 23 proxy $ipsrc:23
-set testbox default tcp action reset
+#   Linux 2.4.x host definition
+create linuxhost
+set linuxhost personality  "Linux Kernel 2.4.0 - 2.4.18 (X86)"
+add linuxhost tcp port 21  "@l_prefix@/libexec/honeyd/ftp.sh"
+add linuxhost tcp port 25  "@l_prefix@/libexec/honeyd/smtp.sh"
+add linuxhost tcp port 110 "@l_prefix@/libexec/honeyd/pop3.sh"
+add linuxhost tcp port 22  "@l_prefix@/libexec/honeyd/svcs.sh ssh"
+add linuxhost tcp port 80  "@l_prefix@/libexec/honeyd/svcs.sh http"
+add linuxhost tcp port 53  open
+add linuxhost udp port 53  open
+add linuxhost tcp port 69  open
+add linuxhost udp port 69  open
+add linuxhost tcp port 554 open
+add linuxhost udp port 554 open
+add linuxhost tcp port 23  proxy $ipsrc:23
+set linuxhost default tcp  action reset
+set linuxhost default udp  action reset
+set linuxhost uptime 2655300
+set linuxhost uid @l_muid@ gid @l_mgid@
 
-#   bind the test host to localhost
-bind 127.0.0.2 testbox
-set  127.0.0.2 uptime 1327650
+#   AIX 4.X host definition
+create unixhost
+set unixhost personality  "AIX 4.0 - 4.2"
+add unixhost tcp port 21  "@l_prefix@/libexec/honeyd/ftp.sh"
+add unixhost tcp port 25  "@l_prefix@/libexec/honeyd/smtp.sh"
+add unixhost tcp port 110 "@l_prefix@/libexec/honeyd/pop3.sh"
+add unixhost tcp port 22  "@l_prefix@/libexec/honeyd/svcs.sh ssh"
+add unixhost tcp port 80  "@l_prefix@/libexec/honeyd/svcs.sh http"
+add unixhost tcp port 53  open
+add unixhost udp port 53  open
+add unixhost tcp port 111 open
+add unixhost udp port 111 open
+add unixhost tcp port 123 open
+add unixhost udp port 123 open
+add unixhost tcp port 23  proxy $ipsrc:23
+set unixhost default tcp  action reset
+set unixhost default udp  action reset
+set unixhost uptime 3284460
+set unixhost uid @l_muid@ gid @l_mgid@
+
+#   Windows NT 4.0 host definition
+create winhost
+set winhost personality  "Windows NT 4.0 Server SP5-SP6"
+add winhost tcp port 21  "@l_prefix@/libexec/honeyd/ftp.sh"
+add winhost tcp port 25  "@l_prefix@/libexec/honeyd/smtp.sh"
+add winhost tcp port 110 "@l_prefix@/libexec/honeyd/pop3.sh"
+add winhost tcp port 137 open
+add winhost udp port 137 open
+set winhost default tcp  action reset
+set winhost default udp  action reset
+set winhost uptime 663825
+set winhost uid @l_muid@ gid @l_mgid@
+
+#   Bind hosts
+bind 192.168.100.201 linuxhost
+bind 192.168.100.202 unixhost
+bind 192.168.100.203 winhost
 

honeyd/honeyd.patch

@@ -55,6 +55,28 @@ diff -Naur honeyd-0.6a.orig/honeyd_overload.c honeyd-0.6a/honeyd_overload.c
  	return (fd);
  }
 +#endif /* !sun */
+diff -Naur honeyd-0.6a.orig/command.c honeyd-0.6a/command.c
+--- honeyd-0.6a.orig/command.c	2003-06-26 07:34:18.000000000 +0200
++++ honeyd-0.6a/command.c	2003-09-24 20:54:20.208451644 +0200
+@@ -65,6 +65,9 @@
+ #include "tcp.h"
+ #include "udp.h"
+ #include "fdpass.h"
++#ifndef HAVE_SETENV
++#include "setenv.h"
++#endif
+ 
+ ssize_t atomicio(ssize_t (*)(), int, void *, size_t);
+ 
+@@ -458,7 +461,7 @@
+ 	else
+ 		cb = &cb_udp;
+ 
+-        if (socketpair(AF_LOCAL, hdr->type, 0, pair) == -1) {
++        if (socketpair(AF_UNIX, hdr->type, 0, pair) == -1) {
+                 warn("socketpair");
+                 return (-1);
+         }
 diff -Naur honeyd-0.6a.orig/util.c honeyd-0.6a/util.c
 --- honeyd-0.6a.orig/util.c	2003-06-12 04:31:52.000000000 +0200
 +++ honeyd-0.6a/util.c	2003-09-24 21:10:53.916758139 +0200
@@ -118,28 +140,6 @@ diff -Naur honeyd-0.6a.orig/honeyd.c honeyd-0.6a/honeyd.c
  	fclose(fp);
  	
  	chmod(PIDFILE, 0644);
-diff -Naur honeyd-0.6a.orig/command.c honeyd-0.6a/command.c
---- honeyd-0.6a.orig/command.c	2003-06-26 07:34:18.000000000 +0200
-+++ honeyd-0.6a/command.c	2003-09-24 20:54:20.208451644 +0200
-@@ -65,6 +65,9 @@
- #include "tcp.h"
- #include "udp.h"
- #include "fdpass.h"
-+#ifndef HAVE_SETENV
-+#include "setenv.h"
-+#endif
- 
- ssize_t atomicio(ssize_t (*)(), int, void *, size_t);
- 
-@@ -458,7 +461,7 @@
- 	else
- 		cb = &cb_udp;
- 
--        if (socketpair(AF_LOCAL, hdr->type, 0, pair) == -1) {
-+        if (socketpair(AF_UNIX, hdr->type, 0, pair) == -1) {
-                 warn("socketpair");
-                 return (-1);
-         }
 diff -Naur honeyd-0.6a.orig/arp.c honeyd-0.6a/arp.c
 --- honeyd-0.6a.orig/arp.c	2003-07-10 10:19:38.000000000 +0200
 +++ honeyd-0.6a/arp.c	2003-09-24 20:18:04.000000000 +0200
@@ -252,6 +252,26 @@ diff -Naur honeyd-0.6a.orig/configure honeyd-0.6a/configure
  do
  as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
  echo "$as_me:$LINENO: checking for $ac_func" >&5
+@@ -10097,6 +10097,8 @@
+ rm -f conftest*
+ 
+ 
++SAVED_CFLAGS=$CFLAGS
++SAVED_LIBS=$LIBS
+ CFLAGS=$DNETINC
+ LIBS=$DNETLIB
+ 
+@@ -10155,8 +10157,8 @@
+ rm -f core core.* *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+ fi
+ 
+-CFLAGS=""
+-LIBS=""
++CFLAGS="$SAVED_CFLAGS"
++LIBS="$SAVED_LIBS"
+ 
+ echo "$as_me:$LINENO: checking for struct sockaddr_storage" >&5
+ echo $ECHO_N "checking for struct sockaddr_storage... $ECHO_C" >&6
 diff -Naur honeyd-0.6a.orig/gre.c honeyd-0.6a/gre.c
 --- honeyd-0.6a.orig/gre.c	2003-06-26 17:51:52.000000000 +0200
 +++ honeyd-0.6a/gre.c	2003-09-24 20:18:04.000000000 +0200

honeyd/honeyd.spec

@@ -33,33 +33,42 @@ Distribution: OpenPKG [EVAL]
 Group:        Security
 License:      BSD
 Version:      0.6a
-Release:      20030924
+Release:      20030925
 
 #   package options
 %option       with_fsl  yes
+%option       with_gui  no
 
 #   list of sources
 Source0:      http://niels.xtdnet.nl/honeyd/honeyd-%{version}.tar.gz
-Source1:      rc.honeyd
-Source2:      honeyd.conf
-Source3:      honeyd.service
-Source4:      fsl.honeyd
-Source5:      cdefs.h
-Source6:      setenv.h
-Source7:      setenv.c
+Source1:      http://www.citi.umich.edu/u/provos/honeyd/contrib/mael/ftp.sh
+Source2:      http://www.citi.umich.edu/u/provos/honeyd/contrib/mael/pop3.sh
+Source3:      http://www.citi.umich.edu/u/provos/honeyd/contrib/mael/smtp.sh
+Source4:      http://www.citi.umich.edu/u/provos/papers/honeyd-eabstract.pdf
+Source5:      http://www.citi.umich.edu/u/provos/papers/honeyd-eabstract.ps
+Source6:      http://www.citi.umich.edu/u/provos/honeyd/ch01-results/1/honeydGUI.tar.gz
+Source7:      honey
+Source8:      svcs.sh
+Source9:      rc.honeyd
+Source10:     fsl.honeyd
+Source11:     honeyd.conf
+Source12:     cdefs.h
+Source13:     setenv.h
+Source14:     setenv.c
 Patch0:       honeyd.patch
 
 #   build information
 Prefix:       %{l_prefix}
 BuildRoot:    %{l_buildroot}
-BuildPreReq:  OpenPKG, openpkg >= 20030718
-PreReq:       OpenPKG, openpkg >= 20030718
-BuildPreReq:  libdnet, libpcap, libevent
-PreReq:       libdnet, libpcap, libevent
+BuildPreReq:  OpenPKG, openpkg >= 20030718, libdnet, libpcap, libevent
+PreReq:       OpenPKG, openpkg >= 20030718, libdnet, libpcap, libevent
 %if "%{with_fsl}" == "yes"
 BuildPreReq:  fsl >= 1.2.0
 PreReq:       fsl >= 1.2.0
 %endif
+%if "%{with_gui}" == "yes"
+PreReq:       JRE
+%endif
 AutoReq:      no
 AutoReqProv:  no
 
@@ -82,58 +91,67 @@ AutoReqProv:  no
     cp -f %{SOURCE setenv.c} .
     cp -f %{SOURCE setenv.h} .
     cp -f %{SOURCE cdefs.h} .
-    %{l_shtool} subst -e \
-        's;AF_LOCAL;AF_UNIX;g' \
-        command.c \
-        honeyd_overload.c
-
-%build
     %{l_shtool} subst \
         -e 's;/var/run/honeyd.pid;%{l_prefix}/var/honeyd/honeyd.pid;' \
         honeyd.h
+
+%build
     CC="%{l_cc}" \
     CFLAGS="%{l_cflags -O}" \
     CPPFLAGS="%{l_cppflags} -DREPLACE_GETOPT" \
+    LDFLAGS="%{l_fsl_ldflags}" \
+    LIBS="%{l_fsl_libs}" \
     ./configure \
         --prefix=%{l_prefix} \
         --with-libdnet=%{l_prefix} \
         --with-libpcap=%{l_prefix} \
         --with-libevent=%{l_prefix}
-    %{l_shtool} subst \
-        -e "s;^\\(honeyd_LDADD.*\\)$;\\1 %{l_fsl_ldflags} %{l_fsl_libs};" \
-        Makefile
     %{l_make} %{l_mflags}
 
 %install
     rm -rf $RPM_BUILD_ROOT
+
+    #   create directories
     %{l_shtool} mkdir -f -p -m 755 \
-        $RPM_BUILD_ROOT%{l_prefix}/etc/honeyd \
         $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
-        $RPM_BUILD_ROOT%{l_prefix}/sbin \
-        $RPM_BUILD_ROOT%{l_prefix}/man/man8 \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/honeyd \
         $RPM_BUILD_ROOT%{l_prefix}/lib/honeyd \
-        $RPM_BUILD_ROOT%{l_prefix}/libexec/honeyd \
+        $RPM_BUILD_ROOT%{l_prefix}/var/honeyd \
         $RPM_BUILD_ROOT%{l_prefix}/share/honeyd \
-        $RPM_BUILD_ROOT%{l_prefix}/var/honeyd
+        $RPM_BUILD_ROOT%{l_prefix}/libexec/honeyd
 
     #   install files
-    %{l_shtool} install -c -s -m 755 \
-        honeyd $RPM_BUILD_ROOT%{l_prefix}/sbin/
-    %{l_shtool} install -c -m 755 \
-        libhoneyd.so $RPM_BUILD_ROOT%{l_prefix}/lib/honeyd/
-    %{l_shtool} install -c -m 644 \
-        honeyd.8 $RPM_BUILD_ROOT%{l_prefix}/man/man8/
+    %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
+    %{l_shtool} install -c -m 750 %{l_value -s -a} \
+        -e 's;^log=/\(.*/\)*\(.*\)-.*\.log;log=%{l_prefix}/var/honeyd/\2.log;g' \
+        -e 's;^\(host=\).*;\1`%{l_shtool} echo -e %h`;g' \
+        -e 's;^\(domain=\).*;\1`%{l_shtool} echo -e %d | cut -c2-`;g' \
+        -e 's; gawk ; awk ;g' \
+        %{SOURCE ftp.sh} \
+        %{SOURCE pop3.sh} \
+        %{SOURCE smtp.sh} \
+        %{SOURCE svcs.sh} \
+        $RPM_BUILD_ROOT%{l_prefix}/libexec/honeyd/
     %{l_shtool} install -c -m 644 %{l_value -s -a} \
         %{SOURCE honeyd.conf} \
         $RPM_BUILD_ROOT%{l_prefix}/etc/honeyd/
-    %{l_shtool} install -c -m 644 \
-        nmap.assoc nmap.prints xprobe2.conf \
-        $RPM_BUILD_ROOT%{l_prefix}/share/honeyd/
-    %{l_shtool} install -c -m 755 %{l_value -s -a} \
-        %{SOURCE honeyd.service} \
-        $RPM_BUILD_ROOT%{l_prefix}/libexec/honeyd/
     %{l_shtool} install -c -m 755 %{l_value -s -a} \
         %{SOURCE rc.honeyd} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
+    %{l_shtool} install -c -m 644 \
+        %{SOURCE honeyd-eabstract.ps} \
+        $RPM_BUILD_ROOT%{l_prefix}/share/honeyd/honeyd.ps
+    %{l_shtool} install -c -m 644 \
+        %{SOURCE honeyd-eabstract.pdf} \
+        $RPM_BUILD_ROOT%{l_prefix}/share/honeyd/honeyd.pdf
+
+    #   optionally install the Java GUI
+%if "%{with_gui}" == "yes"
+    %{l_tar} zxf %{SOURCE honeydGUI.tar.gz}
+    mv -f honeydGUI/exec $RPM_BUILD_ROOT%{l_prefix}/lib/honeyd/javagui
+    %{l_shtool} install -c -m 755 %{l_value -s -a} \
+        %{SOURCE honey} \
+        $RPM_BUILD_ROOT%{l_prefix}/bin/
+%endif
 
     #   install OSSP fsl configuration
     %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/etc/fsl
@@ -141,12 +159,17 @@ AutoReqProv:  no
         %{SOURCE fsl.honeyd} \
         $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/
 
+    #   remove unwanted files
+    rm -rf $RPM_BUILD_ROOT%{l_prefix}/include
+    rm -rf $RPM_BUILD_ROOT%{l_prefix}/share/honeyd/README
+    rm -rf $RPM_BUILD_ROOT%{l_prefix}/share/honeyd/config.sample
+
+    #   determine file list
     %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
         %{l_files_std} \
         '%not %dir %{l_prefix}/etc/fsl' \
-        '%config %{l_prefix}/etc/fsl/fsl.honeyd' \
-        '%config %{l_prefix}/etc/honeyd/honeyd.conf' \
-        '%config %{l_prefix}/libexec/honeyd/honeyd.service'
+        '%config %attr(0750,%{l_musr},%{l_mgrp}) %{l_prefix}/etc/fsl/fsl.honeyd' \
+        '%config %attr(0750,%{l_musr},%{l_mgrp}) %{l_prefix}/etc/honeyd/honeyd.conf'
 
 %files -f files
 
@@ -172,5 +195,6 @@ AutoReqProv:  no
     #   before erase, stop service and remove log files
     [ $1 -eq 0 ] || exit 0
     %{l_rc} honeyd stop 2>/dev/null
+    rm -f $RPM_INSTALL_PREFIX/var/honeyd/*.log* >/dev/null 2>&1 || true
     exit 0
 

honeyd/rc.honeyd

@@ -10,12 +10,15 @@
     honeyd_log_numfiles="10"
     honeyd_log_minsize="1M"
     honeyd_log_complevel="9"
-    honeyd_ip_network="127.0.0.0/24"
+    honeyd_ip_network="192.168.100.0/24"
+    honeyd_hw_iface=""
 
 %common
     honeyd_pidfile="@l_prefix@/var/honeyd/honeyd.pid"
     honeyd_cfgfile="@l_prefix@/etc/honeyd/honeyd.conf"
     honeyd_prnfile="@l_prefix@/share/honeyd/nmap.prints"
+    honeyd_xpbfile="@l_prefix@/share/honeyd/xprobe2.conf"
+    honeyd_assfile="@l_prefix@/share/honeyd/nmap.assoc"
     honeyd_signal () {
         [ -f $honeyd_pidfile ] && kill -$1 `cat $honeyd_pidfile`
     }
@@ -34,8 +37,17 @@
 %start -u @l_susr@
     rcService honeyd enable yes || exit 0
     rcService honeyd active yes && exit 0
-    cd @l_prefix@/share/honeyd
-    @l_prefix@/sbin/honeyd -f $honeyd_cfgfile -p $honeyd_prnfile $honeyd_ip_network >/dev/null 2>&1
+    if [ ".$honeyd_hw_iface" != . ]; then
+        arpd_interface="-i $honeyd_hw_iface"
+    fi
+    @l_prefix@/bin/honeyd \
+        -p $honeyd_prnfile \
+        -x $honeyd_xpbfile \
+        -a $honeyd_assfile \
+        -f $honeyd_cfgfile \
+        $honeyd_interface \
+        $honeyd_ip_network \
+        >/dev/null 2>&1
 
 %stop -u @l_susr@
     rcService honeyd enable yes || exit 0
@@ -60,7 +72,7 @@
     #   rotate logfile
     shtool rotate -f \
         -n ${honeyd_log_numfiles} -s ${honeyd_log_minsize} -d \
-        -z ${honeyd_log_complevel} -o @l_rusr@ -g @l_rgrp@ -m 644 \
+        -z ${honeyd_log_complevel} -o @l_susr@ -g @l_mgrp@ -m 644 \
         -P "${honeyd_log_prolog}" \
         -E "${honeyd_log_epilog} && rc honeyd restart" \
         @l_prefix@/var/honeyd/honeyd.log

honeyd/setenv.c

@@ -24,6 +24,7 @@
 */
 
 #ifdef HAVE_CONFIG_H
+#include <sys/types.h>
 #include "config.h"
 #endif
 

honeyd/honeyd.service

@@ -1,4 +1,4 @@
-#!/bin/sh
+#! /bin/sh
 ##
 ##  honeyd.service -- small honeyd(8) service faking script
 ##  Copyright (c) 2003 The OpenPKG Project <http://www.openpkg.org/>
@@ -14,10 +14,9 @@ shift
 
 case $service in
     http )
-        while read line; do
-	        if [ ".$line" = . ]; then
-		        break
-	        fi
+        line="true"
+        while $line; do
+            read line
         done
         echo "HTTP/1.1 404 Not Found"
         echo "Date: `date`"