From a116188bc320c87dadb089d8cab0f9564fafa485 Mon Sep 17 00:00:00 2001 From: Michael Schloh von Bennewitz Date: Wed, 24 Sep 2003 22:37:23 +0000 Subject: [PATCH] I give up, sometimes arpd+honeyd works and sometimes not, but finish this package off anyways, adding features from ticket #202, a big patch job for portable builds, and a better default configuration --- honeyd/cdefs.h | 157 +++++++++++++++++++++++ honeyd/honeyd.conf | 6 +- honeyd/honeyd.patch | 304 ++++++++++++++++++++++++++++++++++++++------ honeyd/honeyd.spec | 52 ++++++-- honeyd/rc.honeyd | 48 ++++--- honeyd/setenv.c | 60 +++++++++ honeyd/setenv.h | 29 +++++ 7 files changed, 587 insertions(+), 69 deletions(-) create mode 100644 honeyd/cdefs.h create mode 100644 honeyd/setenv.c create mode 100644 honeyd/setenv.h diff --git a/honeyd/cdefs.h b/honeyd/cdefs.h new file mode 100644 index 0000000000..1957f175fc --- /dev/null +++ b/honeyd/cdefs.h @@ -0,0 +1,157 @@ +/* +** cdefs.h: ISO C interface +** Most of this file was developed by Sendmail, Incorporated, so: +** +** Copyright (c) 2000-2002 Sendmail, Inc. and its suppliers. +** +** Permission to use, copy, modify, and distribute this software for +** any purpose with or without fee is hereby granted, provided that +** the above copyright notice and this permission notice appear in all +** copies. +** +** THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +** WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +** MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +** IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +** CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +** SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +** LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +** USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +** OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +** OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +** SUCH DAMAGE. +** +*/ + +/* +** libsm C language portability macros +** See libsm/cdefs.html for documentation. +*/ + +#ifndef HOND_CDEFS_H +# define HOND_CDEFS_H + +/* +** BSD and Linux have which defines a set of C language +** portability macros that are a defacto standard in the open source +** community. +*/ + +# if HOND_CONF_SYS_CDEFS_H +# include +# endif /* HOND_CONF_SYS_CDEFS_H */ + +/* +** Define the standard C language portability macros +** for platforms that lack . +*/ + +# if !HOND_CONF_SYS_CDEFS_H +# if defined(__cplusplus) +# define __BEGIN_DECLS extern "C" { +# define __END_DECLS }; +# else /* defined(__cplusplus) */ +# define __BEGIN_DECLS +# define __END_DECLS +# endif /* defined(__cplusplus) */ +# if defined(__STDC__) || defined(__cplusplus) +# ifndef __P +# define __P(protos) protos +# endif /* __P */ +# define __CONCAT(x,y) x ## y +# define __STRING(x) #x +# else /* defined(__STDC__) || defined(__cplusplus) */ +# define __P(protos) () +# define __CONCAT(x,y) x/**/y +# define __STRING(x) "x" +# define const +# define signed +# define volatile +# endif /* defined(__STDC__) || defined(__cplusplus) */ +# endif /* !HOND_CONF_SYS_CDEFS_H */ + +/* +** Define HOND_DEAD, a macro used to declare functions that do not return +** to their caller. +*/ + +# ifndef HOND_DEAD +# if __GNUC__ >= 2 +# if __GNUC__ == 2 && __GNUC_MINOR__ < 5 +# define HOND_DEAD(proto) volatile proto +# else /* __GNUC__ == 2 && __GNUC_MINOR__ < 5 */ +# define HOND_DEAD(proto) proto __attribute__((__noreturn__)) +# endif /* __GNUC__ == 2 && __GNUC_MINOR__ < 5 */ +# else /* __GNUC__ >= 2 */ +# define HOND_DEAD(proto) proto +# endif /* __GNUC__ >= 2 */ +# endif /* HOND_DEAD */ + +/* +** Define HOND_UNUSED, a macro used to declare variables that may be unused. +*/ + +# ifndef HOND_UNUSED +# if __GNUC__ >= 2 +# if __GNUC__ == 2 && __GNUC_MINOR__ < 7 +# define HOND_UNUSED(decl) decl +# else /* __GNUC__ == 2 && __GNUC_MINOR__ < 7 */ +# define HOND_UNUSED(decl) decl __attribute__((__unused__)) +# endif /* __GNUC__ == 2 && __GNUC_MINOR__ < 7 */ +# else /* __GNUC__ >= 2 */ +# define HOND_UNUSED(decl) decl +# endif /* __GNUC__ >= 2 */ +# endif /* HOND_UNUSED */ + +/* +** The HOND_NONVOLATILE macro is used to declare variables that are not +** volatile, but which must be declared volatile when compiling with +** gcc -O -Wall in order to suppress bogus warning messages. +** +** Variables that actually are volatile should be declared volatile +** using the "volatile" keyword. If a variable actually is volatile, +** then HOND_NONVOLATILE should not be used. +** +** To compile sendmail with gcc and see all non-bogus warnings, +** you should use +** gcc -O -Wall -DHOND_OMIT_BOGUS_WARNINGS ... +** Do not use -DHOND_OMIT_BOGUS_WARNINGS when compiling the production +** version of sendmail, because there is a performance hit. +*/ + +# ifdef HOND_OMIT_BOGUS_WARNINGS +# define HOND_NONVOLATILE volatile +# else /* HOND_OMIT_BOGUS_WARNINGS */ +# define HOND_NONVOLATILE +# endif /* HOND_OMIT_BOGUS_WARNINGS */ + +/* +** Turn on format string argument checking. +*/ + +# ifndef HOND_CONF_FORMAT_TEST +# if __GNUC__ == 2 && __GNUC_MINOR__ >= 7 +# define HOND_CONF_FORMAT_TEST 1 +# else /* __GNUC__ == 2 && __GNUC_MINOR__ >= 7 */ +# define HOND_CONF_FORMAT_TEST 0 +# endif /* __GNUC__ == 2 && __GNUC_MINOR__ >= 7 */ +# endif /* HOND_CONF_FORMAT_TEST */ + +# ifndef PRINTFLIKE +# if HOND_CONF_FORMAT_TEST +# define PRINTFLIKE(x,y) __attribute__ ((__format__ (__printf__, x, y))) +# else /* HOND_CONF_FORMAT_TEST */ +# define PRINTFLIKE(x,y) +# endif /* HOND_CONF_FORMAT_TEST */ +# endif /* ! PRINTFLIKE */ + +# ifndef SCANFLIKE +# if HOND_CONF_FORMAT_TEST +# define SCANFLIKE(x,y) __attribute__ ((__format__ (__scanf__, x, y))) +# else /* HOND_CONF_FORMAT_TEST */ +# define SCANFLIKE(x,y) +# endif /* HOND_CONF_FORMAT_TEST */ +# endif /* ! SCANFLIKE */ + +#endif /* ! HOND_CDEFS_H */ diff --git a/honeyd/honeyd.conf b/honeyd/honeyd.conf index fb48140fda..252e1bd3b8 100644 --- a/honeyd/honeyd.conf +++ b/honeyd/honeyd.conf @@ -4,13 +4,13 @@ # test host definition create testbox -set testbox personality "FreeBSD 3.2-4.0" +set testbox personality "AIX 4.0 - 4.2" add testbox tcp port 80 "@l_prefix@/libexec/honeyd/honeyd.service http" add testbox tcp port 22 "@l_prefix@/libexec/honeyd/honeyd.service ssh" add testbox tcp port 23 proxy $ipsrc:23 set testbox default tcp action reset # bind the test host to localhost -bind 127.0.0.1 testbox -set 127.0.0.1 uptime 1327650 +bind 127.0.0.2 testbox +set 127.0.0.2 uptime 1327650 diff --git a/honeyd/honeyd.patch b/honeyd/honeyd.patch index 98161175f8..3a58ebb029 100644 --- a/honeyd/honeyd.patch +++ b/honeyd/honeyd.patch @@ -1,8 +1,200 @@ ---- configure.org Tue Feb 18 15:31:11 2003 -+++ configure Tue Feb 18 15:32:56 2003 -@@ -3435,11 +3435,11 @@ +diff -Naur honeyd-0.6a.orig/honeyd_overload.c honeyd-0.6a/honeyd_overload.c +--- honeyd-0.6a.orig/honeyd_overload.c 2003-09-24 22:40:49.815986404 +0200 ++++ honeyd-0.6a/honeyd_overload.c 2003-09-24 22:40:15.154417000 +0200 +@@ -222,7 +222,7 @@ + struct fd *nfd; + int pair[2]; + +- if (socketpair(AF_LOCAL, type, 0, pair) == -1) { ++ if (socketpair(AF_UNIX, type, 0, pair) == -1) { + warn("%s: socketpair", __func__); + return (NULL); + } +@@ -607,6 +607,7 @@ + } + #endif /* !__FreeBSD__ */ + ++#ifndef sun + ssize_t + recvfrom(int sock, void *buf, size_t len, int flags, struct sockaddr *from, + socklen_t *fromlen) +@@ -634,6 +635,7 @@ + out: + return (ret); + } ++#endif /* !sun */ + + ssize_t + sendto(int sock, const void *buf, size_t len, int flags, +@@ -658,6 +660,7 @@ + return (ret); + } + ++#ifndef sun + int + getsockname(int sock, struct sockaddr *to, socklen_t *tolen) + { +@@ -683,6 +686,7 @@ + + return (0); + } ++#endif /* !sun */ + + ssize_t + sendmsg(int sock, const struct msghdr *msg, int flags) +@@ -775,6 +779,7 @@ + return (ret); + } + ++#ifndef sun + int + accept(int sock, struct sockaddr *addr, socklen_t *addrlen) + { +@@ -813,3 +818,4 @@ + + return (fd); + } ++#endif /* !sun */ +diff -Naur honeyd-0.6a.orig/util.c honeyd-0.6a/util.c +--- honeyd-0.6a.orig/util.c 2003-06-12 04:31:52.000000000 +0200 ++++ honeyd-0.6a/util.c 2003-09-24 21:10:53.916758139 +0200 +@@ -125,7 +125,7 @@ + + /* Try to match against the variable */ + while ((p = strchr(p, match[0])) != NULL) { +- if (!strncmp(p, match, len) && !isalnum(p[len])) ++ if (!strncmp(p, match, len) && !isalnum((int)p[len])) + break; + p += len; + +diff -Naur honeyd-0.6a.orig/personality.c honeyd-0.6a/personality.c +--- honeyd-0.6a.orig/personality.c 2003-05-30 00:51:34.000000000 +0200 ++++ honeyd-0.6a/personality.c 2003-09-24 21:09:37.623869975 +0200 +@@ -51,6 +51,7 @@ + #include + #include + #include ++#include + + #undef timeout_pending + #undef timeout_initialized +@@ -1202,7 +1203,7 @@ + if (CMP(p, FINGERPRINT) == 0) { + p += sizeof(FINGERPRINT) - 1; + p += strspn(p, ": \t"); +- if (!isalnum(*p)) { ++ if (!isalnum((int)*p)) { + fprintf(stderr, "%d: bad name \"%s\"\n", + lineno, p); + return (-1); +@@ -1450,7 +1451,7 @@ + strsep (&p2, "#\r\n"); + + /* Remove trailing whitespace */ +- for (p2 -= 2; (p2 >= p) && isspace (*p2); p2--) ++ for (p2 -= 2; (p2 >= p) && isspace ((int)*p2); p2--) + *p2 = '\0'; + + /* Ignore the "fingperint {" line */ +diff -Naur honeyd-0.6a.orig/honeyd.c honeyd-0.6a/honeyd.c +--- honeyd-0.6a.orig/honeyd.c 2003-07-14 15:12:33.000000000 +0200 ++++ honeyd-0.6a/honeyd.c 2003-09-24 20:50:08.413297423 +0200 +@@ -85,6 +85,9 @@ + #include "arp.h" + #include "gre.h" + #include "log.h" ++#ifndef HAVE_SETENV ++#include "setenv.h" ++#endif + + /* Prototypes */ + void honeyd_tcp_timeout(int, short, void *); +@@ -2502,7 +2505,7 @@ + err(1, "daemon"); + } + } +- fprintf(fp, "%d\n", getpid()); ++ fprintf(fp, "%d\n", (int)getpid()); + fclose(fp); + + chmod(PIDFILE, 0644); +diff -Naur honeyd-0.6a.orig/command.c honeyd-0.6a/command.c +--- honeyd-0.6a.orig/command.c 2003-06-26 07:34:18.000000000 +0200 ++++ honeyd-0.6a/command.c 2003-09-24 20:54:20.208451644 +0200 +@@ -65,6 +65,9 @@ + #include "tcp.h" + #include "udp.h" + #include "fdpass.h" ++#ifndef HAVE_SETENV ++#include "setenv.h" ++#endif + + ssize_t atomicio(ssize_t (*)(), int, void *, size_t); + +@@ -458,7 +461,7 @@ + else + cb = &cb_udp; + +- if (socketpair(AF_LOCAL, hdr->type, 0, pair) == -1) { ++ if (socketpair(AF_UNIX, hdr->type, 0, pair) == -1) { + warn("socketpair"); + return (-1); + } +diff -Naur honeyd-0.6a.orig/arp.c honeyd-0.6a/arp.c +--- honeyd-0.6a.orig/arp.c 2003-07-10 10:19:38.000000000 +0200 ++++ honeyd-0.6a/arp.c 2003-09-24 20:18:04.000000000 +0200 +@@ -48,6 +48,7 @@ + #include + #include + ++#include + #include + #include + #include +diff -Naur honeyd-0.6a.orig/compat/getopt.h honeyd-0.6a/compat/getopt.h +--- honeyd-0.6a.orig/compat/getopt.h 2003-05-31 17:44:36.000000000 +0200 ++++ honeyd-0.6a/compat/getopt.h 2003-09-24 20:23:37.000000000 +0200 +@@ -40,7 +40,11 @@ + #ifndef _GETOPT_H_ + #define _GETOPT_H_ + ++#ifdef HAVE_SYS_CDEFS_H + #include ++#else ++#include "cdefs.h" ++#endif + + /* + * GNU-like getopt_long() and 4.4BSD getsubopt()/optreset extensions +diff -Naur honeyd-0.6a.orig/config.h.in honeyd-0.6a/config.h.in +--- honeyd-0.6a.orig/config.h.in 2003-06-24 02:03:05.000000000 +0200 ++++ honeyd-0.6a/config.h.in 2003-09-24 20:20:36.000000000 +0200 +@@ -180,6 +180,9 @@ + /* Define to 1 if you have the `strtoul' function. */ + #undef HAVE_STRTOUL + ++/* Define to 1 if you have the `setenv' function. */ ++#undef HAVE_SETENV ++ + /* Define if your system defines struct sockaddr_storage */ + #undef HAVE_STRUCT_SOCKADDR_STORAGE + +@@ -207,6 +210,9 @@ + /* Define to 1 if you have the header file. */ + #undef HAVE_SYS_TYPES_H + ++/* Define to 1 if you have the header file. */ ++#undef HAVE_SYS_CDEFS_H ++ + /* Define to 1 if you have that is POSIX.1 compatible. */ + #undef HAVE_SYS_WAIT_H + +diff -Naur honeyd-0.6a.orig/configure honeyd-0.6a/configure +--- honeyd-0.6a.orig/configure 2003-07-21 22:56:08.000000000 +0200 ++++ honeyd-0.6a/configure 2003-09-24 20:19:21.000000000 +0200 +@@ -8387,11 +8387,11 @@ *) - echo "$as_me:3436: result: $withval" >&5 + echo "$as_me:$LINENO: result: $withval" >&5 echo "${ECHO_T}$withval" >&6 - if test -f $withval/pcap.h -a -f $withval/libpcap.a; then + if test -f $withval/include/pcap.h -a -f $withval/lib/libpcap.a; then @@ -13,11 +205,11 @@ + PCAPINC="-I$withval/include -I$withval/bpf" + PCAPLIB="-L$withval/lib -lpcap" else - { { echo "$as_me:3444: error: pcap.h or libpcap.a not found in $withval" >&5 + { { echo "$as_me:$LINENO: error: pcap.h or libpcap.a not found in $withval" >&5 echo "$as_me: error: pcap.h or libpcap.a not found in $withval" >&2;} -@@ -3482,9 +3482,9 @@ - *) - echo "$as_me:3483: result: $withval" >&5 +@@ -8437,9 +8437,9 @@ + echo $ECHO_N "checking for libdnet... $ECHO_C" >&6 + echo "$as_me:$LINENO: result: $withval" >&5 echo "${ECHO_T}$withval" >&6 - if test -f $withval/src/libdnet.a; then + if test -f $withval/lib/libdnet.a; then @@ -27,9 +219,9 @@ elif test -x $withval/bin/dnet-config; then DNETINC="`$withval/bin/dnet-config --cflags`" DNETLIB="`$withval/bin/dnet-config --libs`" -@@ -3525,11 +3525,11 @@ +@@ -8540,11 +8540,11 @@ *) - echo "$as_me:3526: result: $withval" >&5 + echo "$as_me:$LINENO: result: $withval" >&5 echo "${ECHO_T}$withval" >&6 - if test -f $withval/event.h -a -f $withval/libevent.a; then + if test -f $withval/include/event.h -a -f $withval/lib/libevent.a; then @@ -40,10 +232,51 @@ + EVENTINC="-I$withval/include" + EVENTLIB="-L$withval/lib -levent" else - { { echo "$as_me:3534: error: event.h or libevent.a not found in $withval" >&5 + { { echo "$as_me:$LINENO: error: event.h or libevent.a not found in $withval" >&5 echo "$as_me: error: event.h or libevent.a not found in $withval" >&2;} ---- nmap.prints.org Thu Feb 20 15:39:35 2003 -+++ nmap.prints Thu Feb 20 15:40:04 2003 +@@ -8785,7 +8785,7 @@ + + + +-for ac_header in errno.h fcntl.h paths.h stdlib.h string.h time.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h sys/ioccom.h syslog.h unistd.h ++for ac_header in errno.h fcntl.h paths.h stdlib.h string.h time.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h sys/ioccom.h sys/cdefs.h syslog.h unistd.h + do + as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` + if eval "test \"\${$as_ac_Header+set}\" = set"; then +@@ -9697,7 +9697,7 @@ + + + +-for ac_func in dup2 gettimeofday memmove memset strcasecmp strchr strdup strncasecmp strtoul strspn getaddrinfo getnameinfo freeaddrinfo setgroups sendmsg recvmsg ++for ac_func in dup2 gettimeofday memmove memset strcasecmp strchr strdup strncasecmp strtoul strspn getaddrinfo getnameinfo freeaddrinfo setgroups sendmsg recvmsg setenv + do + as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` + echo "$as_me:$LINENO: checking for $ac_func" >&5 +diff -Naur honeyd-0.6a.orig/gre.c honeyd-0.6a/gre.c +--- honeyd-0.6a.orig/gre.c 2003-06-26 17:51:52.000000000 +0200 ++++ honeyd-0.6a/gre.c 2003-09-24 20:18:04.000000000 +0200 +@@ -53,6 +53,7 @@ + #undef timeout_pending + #undef timeout_initialized + ++#include + #include + + #include "honeyd.h" +diff -Naur honeyd-0.6a.orig/interface.c honeyd-0.6a/interface.c +--- honeyd-0.6a.orig/interface.c 2003-07-21 21:22:40.000000000 +0200 ++++ honeyd-0.6a/interface.c 2003-09-24 20:18:04.000000000 +0200 +@@ -50,6 +50,7 @@ + #include + #include + ++#include + #include + #include + #include +diff -Naur honeyd-0.6a.orig/nmap.prints honeyd-0.6a/nmap.prints +--- honeyd-0.6a.orig/nmap.prints 2002-09-13 18:22:12.000000000 +0200 ++++ honeyd-0.6a/nmap.prints 2003-09-24 20:18:04.000000000 +0200 @@ -6715,18 +6715,6 @@ T7(DF=N%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=N|Y) @@ -63,33 +296,24 @@ # Contributed by grunby grunby@hades.ss.purchase.edu Fingerprint Microsoft NT 4.0 SP5-SP6 TSeq(Class=RI%gcd=<6%SI=21A) ---- interface.c.orig Sat Jun 14 05:45:26 2003 -+++ interface.c Thu Jun 26 11:23:20 2003 -@@ -47,6 +47,7 @@ - #include - #include +diff -Naur honeyd-0.6a.or/Makefile.in honeyd-0.6a/Makefile.in +--- honeyd-0.6a.or/Makefile.in 2003-07-21 22:56:07.000000000 +0200 ++++ honeyd-0.6a/Makefile.in 2003-09-24 21:21:51.000000000 +0200 +@@ -127,7 +127,7 @@ + pkgincludedir = $(honeydincludedir) + pkginclude_HEADERS = hooks.h plugins.h plugins_config.h debug.h -+#include - #include - #include - #include ---- arp.c.orig Fri May 30 14:19:46 2003 -+++ arp.c Thu Jun 26 11:23:26 2003 -@@ -45,6 +45,7 @@ - #include - #include - -+#include - #include - #include - #include ---- gre.c.orig Sat Jun 14 06:33:27 2003 -+++ gre.c Thu Jun 26 11:23:38 2003 -@@ -50,6 +50,7 @@ - #undef timeout_pending - #undef timeout_initialized +-honeyd_SOURCES = honeyd.c command.c parse.y lex.l config.c personality.c util.c ipfrag.c router.c tcp.c udp.c xprobe_assoc.c log.c fdpass.c atomicio.c subsystem.c hooks.c plugins.c plugins_config.c pool.c interface.c arp.c gre.c honeyd.h personality.h ipfrag.h router.h tcp.h udp.h parse.h xprobe_assoc.h subsystem.h fdpass.h hooks.h plugins.h plugins_config.h template.h pool.h interface.h arp.h gre.h log.h ++honeyd_SOURCES = honeyd.c command.c parse.y lex.l config.c personality.c util.c ipfrag.c router.c tcp.c udp.c xprobe_assoc.c log.c fdpass.c atomicio.c subsystem.c hooks.c plugins.c plugins_config.c pool.c interface.c arp.c gre.c setenv.c honeyd.h personality.h ipfrag.h router.h tcp.h udp.h parse.h xprobe_assoc.h subsystem.h fdpass.h hooks.h plugins.h plugins_config.h template.h pool.h interface.h arp.h gre.h setenv.h log.h -+#include - #include - #include "honeyd.h" + honeyd_LDADD = @LIBOBJS@ @EVENTLIB@ @PCAPLIB@ @DNETLIB@ @PLUGINLIB@ -lm +@@ -173,7 +173,7 @@ + xprobe_assoc.$(OBJEXT) log.$(OBJEXT) fdpass.$(OBJEXT) \ + atomicio.$(OBJEXT) subsystem.$(OBJEXT) hooks.$(OBJEXT) \ + plugins.$(OBJEXT) plugins_config.$(OBJEXT) pool.$(OBJEXT) \ +-interface.$(OBJEXT) arp.$(OBJEXT) gre.$(OBJEXT) ++interface.$(OBJEXT) arp.$(OBJEXT) gre.$(OBJEXT) setenv.$(OBJEXT) + honeyd_DEPENDENCIES = @LIBOBJS@ + LEXLIB = @LEXLIB@ + COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) diff --git a/honeyd/honeyd.spec b/honeyd/honeyd.spec index 3b078bf81d..e795760e28 100644 --- a/honeyd/honeyd.spec +++ b/honeyd/honeyd.spec @@ -23,19 +23,17 @@ ## SUCH DAMAGE. ## -# FIXME: mlelstv: JUNK because not building on Solaris/Linux2.2 - # package information Name: honeyd Summary: Creates a Virtual Host on Network URL: http://www.citi.umich.edu/u/provos/honeyd/ Vendor: Niels Provos Packager: The OpenPKG Project -Distribution: OpenPKG [JUNK] +Distribution: OpenPKG [EVAL] Group: Security -License: BSD License +License: BSD Version: 0.6a -Release: 20030731 +Release: 20030924 # package options %option with_fsl yes @@ -46,6 +44,9 @@ Source1: rc.honeyd Source2: honeyd.conf Source3: honeyd.service Source4: fsl.honeyd +Source5: cdefs.h +Source6: setenv.h +Source7: setenv.c Patch0: honeyd.patch # build information @@ -71,18 +72,28 @@ AutoReqProv: no possible to ping the virtual machines, or to traceroute them. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is - also possible to proxy it to another machine. + also possible to proxy it to another machine. The package arpd will + most certainly be useful as well, although it is not a technical + requirement for this package. %prep %setup -q - %patch -p0 + %patch -p1 + cp -f %{SOURCE setenv.c} . + cp -f %{SOURCE setenv.h} . + cp -f %{SOURCE cdefs.h} . + %{l_shtool} subst -e \ + 's;AF_LOCAL;AF_UNIX;g' \ + command.c \ + honeyd_overload.c %build %{l_shtool} subst \ -e 's;/var/run/honeyd.pid;%{l_prefix}/var/honeyd/honeyd.pid;' \ honeyd.h CC="%{l_cc}" \ - CFLAGS="%{l_cflags -O}" + CFLAGS="%{l_cflags -O}" \ + CPPFLAGS="%{l_cppflags} -DREPLACE_GETOPT" \ ./configure \ --prefix=%{l_prefix} \ --with-libdnet=%{l_prefix} \ @@ -133,10 +144,33 @@ AutoReqProv: no %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ %{l_files_std} \ '%not %dir %{l_prefix}/etc/fsl' \ - '%config %{l_prefix}/etc/fsl/fsl.honeyd' + '%config %{l_prefix}/etc/fsl/fsl.honeyd' \ + '%config %{l_prefix}/etc/honeyd/honeyd.conf' \ + '%config %{l_prefix}/libexec/honeyd/honeyd.service' %files -f files %clean rm -rf $RPM_BUILD_ROOT +%pre + # before upgrade, save status and stop service + [ $1 -eq 2 ] || exit 0 + eval `%{l_rc} honeyd status 2>/dev/null | tee %{l_tmpfile}` + %{l_rc} honeyd stop 2>/dev/null + exit 0 + +%post + if [ $1 -eq 2 ]; then + # after upgrade, restore status + eval `cat %{l_tmpfile}`; rm -f %{l_tmpfile} + [ ".$honeyd_active" = .yes ] && %{l_rc} honeyd start + fi + exit 0 + +%preun + # before erase, stop service and remove log files + [ $1 -eq 0 ] || exit 0 + %{l_rc} honeyd stop 2>/dev/null + exit 0 + diff --git a/honeyd/rc.honeyd b/honeyd/rc.honeyd index d5f9853ebc..765c0540ae 100644 --- a/honeyd/rc.honeyd +++ b/honeyd/rc.honeyd @@ -10,35 +10,49 @@ honeyd_log_numfiles="10" honeyd_log_minsize="1M" honeyd_log_complevel="9" + honeyd_ip_network="127.0.0.0/24" + +%common + honeyd_pidfile="@l_prefix@/var/honeyd/honeyd.pid" + honeyd_cfgfile="@l_prefix@/etc/honeyd/honeyd.conf" + honeyd_prnfile="@l_prefix@/share/honeyd/nmap.prints" + honeyd_signal () { + [ -f $honeyd_pidfile ] && kill -$1 `cat $honeyd_pidfile` + } + +%status -u @l_susr@ -o + honeyd_usable="no" + honeyd_active="no" + rcService honeyd enable yes && \ + honeyd_chroot && honeyd_usable="yes" + rcService honeyd enable yes && \ + honeyd_signal 0 && honeyd_active="yes" + echo "honeyd_enable=\"$honeyd_enable\"" + echo "honeyd_usable=\"$honeyd_usable\"" + echo "honeyd_active=\"$honeyd_active\"" %start -u @l_susr@ rcService honeyd enable yes || exit 0 + rcService honeyd active yes && exit 0 cd @l_prefix@/share/honeyd - @l_prefix@/sbin/honeyd \ - -f @l_prefix@/etc/honeyd/honeyd.conf \ - >/dev/null 2>&1 + @l_prefix@/sbin/honeyd -f $honeyd_cfgfile -p $honeyd_prnfile $honeyd_ip_network >/dev/null 2>&1 %stop -u @l_susr@ rcService honeyd enable yes || exit 0 - if [ -f @l_prefix@/var/honeyd/honeyd.pid ]; then - kill -TERM `cat @l_prefix@/var/honeyd/honeyd.pid` - fi + rcService honeyd active no && exit 0 + honeyd_signal TERM %restart -u @l_susr@ rcService honeyd enable yes || exit 0 - if [ -f @l_prefix@/var/honeyd/honeyd.pid ]; then - kill -TERM `cat @l_prefix@/var/honeyd/honeyd.pid` - sleep 2 - fi - @l_prefix@/sbin/honeyd \ - -f @l_prefix@/etc/honeyd/honeyd.conf \ - >/dev/null 2>&1 + rcService honeyd active no && exit 0 + rc honeyd stop + sleep 2 + rc honeyd start %reload -u @l_susr@ rcService honeyd enable yes || exit 0 - if [ -f @l_prefix@/var/honeyd/honeyd.pid ]; then - kill -HUP `cat @l_prefix@/var/honeyd/honeyd.pid` - fi + rcService honeyd active no && exit 0 + honeyd_signal HUP %daily -u @l_susr@ rcService honeyd enable yes || exit 0 @@ -48,6 +62,6 @@ -n ${honeyd_log_numfiles} -s ${honeyd_log_minsize} -d \ -z ${honeyd_log_complevel} -o @l_rusr@ -g @l_rgrp@ -m 644 \ -P "${honeyd_log_prolog}" \ - -E "${honeyd_log_epilog}" \ + -E "${honeyd_log_epilog} && rc honeyd restart" \ @l_prefix@/var/honeyd/honeyd.log diff --git a/honeyd/setenv.c b/honeyd/setenv.c new file mode 100644 index 0000000000..824ee823b7 --- /dev/null +++ b/honeyd/setenv.c @@ -0,0 +1,60 @@ +/* +** setenv.c: ISO C implementation +** Copyright (c) 2003 Michael Schloh von Bennewitz +** Copyright (c) 2003 Cable & Wireless +** +** Permission to use, copy, modify, and distribute this software for +** any purpose with or without fee is hereby granted, provided that +** the above copyright notice and this permission notice appear in all +** copies. +** +** THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +** WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +** MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +** IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +** CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +** SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +** LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +** USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +** OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +** OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +** SUCH DAMAGE. +** +*/ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#ifndef HAVE_SETENV +#include /* For putenv(3) and malloc(3) */ +#include /* For strcpy(3) and strcat(3) */ + + +/* +** Implements setenv C library function for platforms not including it +** +*/ +int setenv(const char *kszName, const char *kszValue, int nOverwrite) +{ + char *szPair = NULL; /* String we will pass to putenv(3) */ + + /* Allocate space for name, value, equals, and string terminator */ + szPair = malloc(strlen(kszName) + strlen(kszValue) + strlen("=") + 1); + + if (szPair == NULL) /* Memory error */ + return 1; /* Unsuccessful */ + + /* Copy the incoming variables */ + strcpy(szPair, kszName); + strcat(szPair, "="); + strcat(szPair, kszValue); + + if (getenv(szPair) != NULL) + putenv(szPair); /* Handoff */ + + return 0; /* Success */ +} +#endif /* !HAVE_SETENV */ + diff --git a/honeyd/setenv.h b/honeyd/setenv.h new file mode 100644 index 0000000000..41572d3e62 --- /dev/null +++ b/honeyd/setenv.h @@ -0,0 +1,29 @@ +/* +** setenv.h: ISO C interface +** Copyright (c) 2003 Michael Schloh von Bennewitz +** Copyright (c) 2003 Cable & Wireless +** +** Permission to use, copy, modify, and distribute this software for +** any purpose with or without fee is hereby granted, provided that +** the above copyright notice and this permission notice appear in all +** copies. +** +** THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +** WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +** MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +** IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +** CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +** SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +** LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +** USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +** OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +** OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +** SUCH DAMAGE. +** +*/ + +#ifndef HOND_SETENV_H +# define HOND_SETENV_H +int setenv(const char *kszName, const char *kszValue, int nOverwrite); +#endif /* not HOND_SETENV_H */