diff -Naur dsniff-2.4.orig/Makefile.in dsniff-2.4/Makefile.in --- dsniff-2.4.orig/Makefile.in 2001-03-15 09:34:42.000000000 +0100 +++ dsniff-2.4/Makefile.in 2009-04-01 21:54:20.000000000 +0200 @@ -11,7 +11,7 @@ install_prefix = prefix = @prefix@ exec_prefix = @exec_prefix@ -libdir = @libdir@ +libdir = $(prefix)/lib/dsniff sbindir = @sbindir@ mandir = @mandir@ @@ -37,8 +37,7 @@ X11INC = @X_CFLAGS@ X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@ -INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \ - -I$(srcdir)/missing +INCS = -I. $(X11INC) -I$(srcdir)/missing LIBS = @LIBS@ -L$(srcdir) -lmissing INSTALL = @INSTALL@ diff -Naur dsniff-2.4.orig/arp.c dsniff-2.4/arp.c --- dsniff-2.4.orig/arp.c 2001-03-15 09:32:58.000000000 +0100 +++ dsniff-2.4/arp.c 2009-04-01 21:54:20.000000000 +0200 @@ -34,12 +34,13 @@ #include #include #include +#include #include "arp.h" #ifdef BSD int -arp_cache_lookup(in_addr_t ip, struct ether_addr *ether) +arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf) { int mib[6]; size_t len; @@ -91,7 +92,7 @@ #endif int -arp_cache_lookup(in_addr_t ip, struct ether_addr *ether) +arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* lif) { int sock; struct arpreq ar; @@ -99,7 +100,7 @@ memset((char *)&ar, 0, sizeof(ar)); #ifdef __linux__ - strncpy(ar.arp_dev, "eth0", sizeof(ar.arp_dev)); /* XXX - *sigh* */ + strncpy(ar.arp_dev, lif, strlen(lif)); #endif sin = (struct sockaddr_in *)&ar.arp_pa; sin->sin_family = AF_INET; diff -Naur dsniff-2.4.orig/arp.h dsniff-2.4/arp.h --- dsniff-2.4.orig/arp.h 2001-03-15 09:27:08.000000000 +0100 +++ dsniff-2.4/arp.h 2009-04-01 21:54:20.000000000 +0200 @@ -11,6 +11,6 @@ #ifndef _ARP_H_ #define _ARP_H_ -int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether); +int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf); #endif /* _ARP_H_ */ diff -Naur dsniff-2.4.orig/arpspoof.c dsniff-2.4/arpspoof.c --- dsniff-2.4.orig/arpspoof.c 2001-03-15 09:32:58.000000000 +0100 +++ dsniff-2.4/arpspoof.c 2009-04-01 21:54:36.000000000 +0200 @@ -27,8 +27,8 @@ extern char *ether_ntoa(struct ether_addr *); -static struct libnet_link_int *llif; -static struct ether_addr spoof_mac, target_mac; +static libnet_t *l; +static struct libnet_ether_addr spoof_mac, target_mac; static in_addr_t spoof_ip, target_ip; static char *intf; @@ -41,47 +41,49 @@ } static int -arp_send(struct libnet_link_int *llif, char *dev, - int op, u_char *sha, in_addr_t spa, u_char *tha, in_addr_t tpa) +arp_send(libnet_t *l, int op, u_int8_t *sha, + in_addr_t spa, u_int8_t *tha, in_addr_t tpa) { - char ebuf[128]; - u_char pkt[60]; - + int retval; + if (sha == NULL && - (sha = (u_char *)libnet_get_hwaddr(llif, dev, ebuf)) == NULL) { + (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) { return (-1); } if (spa == 0) { - if ((spa = libnet_get_ipaddr(llif, dev, ebuf)) == 0) + if ((spa = libnet_get_ipaddr4(l)) == -1) return (-1); - spa = htonl(spa); /* XXX */ } if (tha == NULL) tha = "\xff\xff\xff\xff\xff\xff"; - libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, pkt); + libnet_autobuild_arp(op, sha, (u_int8_t *)&spa, + tha, (u_int8_t *)&tpa, l); + libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0); - libnet_build_arp(ARPHRD_ETHER, ETHERTYPE_IP, ETHER_ADDR_LEN, 4, - op, sha, (u_char *)&spa, tha, (u_char *)&tpa, - NULL, 0, pkt + ETH_H); - fprintf(stderr, "%s ", ether_ntoa((struct ether_addr *)sha)); if (op == ARPOP_REQUEST) { fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n", ether_ntoa((struct ether_addr *)tha), - libnet_host_lookup(tpa, 0), - libnet_host_lookup(spa, 0)); + libnet_addr2name4(tpa, LIBNET_DONT_RESOLVE), + libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); } else { fprintf(stderr, "%s 0806 42: arp reply %s is-at ", ether_ntoa((struct ether_addr *)tha), - libnet_host_lookup(spa, 0)); + libnet_addr2name4(spa, LIBNET_DONT_RESOLVE)); fprintf(stderr, "%s\n", ether_ntoa((struct ether_addr *)sha)); } - return (libnet_write_link_layer(llif, dev, pkt, sizeof(pkt)) == sizeof(pkt)); + retval = libnet_write(l); + if (retval) + fprintf(stderr, "%s", libnet_geterror(l)); + + libnet_clear_packet(l); + + return retval; } #ifdef __linux__ @@ -113,13 +115,13 @@ int i = 0; do { - if (arp_cache_lookup(ip, mac) == 0) + if (arp_cache_lookup(ip, mac, intf) == 0) return (1); #ifdef __linux__ /* XXX - force the kernel to arp. feh. */ arp_force(ip); #else - arp_send(llif, intf, ARPOP_REQUEST, NULL, 0, NULL, ip); + arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip); #endif sleep(1); } @@ -136,9 +138,9 @@ if (arp_find(spoof_ip, &spoof_mac)) { for (i = 0; i < 3; i++) { /* XXX - on BSD, requires ETHERSPOOF kernel. */ - arp_send(llif, intf, ARPOP_REPLY, - (u_char *)&spoof_mac, spoof_ip, - (target_ip ? (u_char *)&target_mac : NULL), + arp_send(l, ARPOP_REPLY, + (u_int8_t *)&spoof_mac, spoof_ip, + (target_ip ? (u_int8_t *)&target_mac : NULL), target_ip); sleep(1); } @@ -151,7 +153,8 @@ { extern char *optarg; extern int optind; - char ebuf[PCAP_ERRBUF_SIZE]; + char pcap_ebuf[PCAP_ERRBUF_SIZE]; + char libnet_ebuf[LIBNET_ERRBUF_SIZE]; int c; intf = NULL; @@ -163,7 +166,7 @@ intf = optarg; break; case 't': - if ((target_ip = libnet_name_resolve(optarg, 1)) == -1) + if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1) usage(); break; default: @@ -176,26 +179,26 @@ if (argc != 1) usage(); - if ((spoof_ip = libnet_name_resolve(argv[0], 1)) == -1) + if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1) usage(); - if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL) - errx(1, "%s", ebuf); + if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL) + errx(1, "%s", pcap_ebuf); - if ((llif = libnet_open_link_interface(intf, ebuf)) == 0) - errx(1, "%s", ebuf); + if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL) + errx(1, "%s", libnet_ebuf); if (target_ip != 0 && !arp_find(target_ip, &target_mac)) errx(1, "couldn't arp for host %s", - libnet_host_lookup(target_ip, 0)); + libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE)); signal(SIGHUP, cleanup); signal(SIGINT, cleanup); signal(SIGTERM, cleanup); for (;;) { - arp_send(llif, intf, ARPOP_REPLY, NULL, spoof_ip, - (target_ip ? (u_char *)&target_mac : NULL), + arp_send(l, ARPOP_REPLY, NULL, spoof_ip, + (target_ip ? (u_int8_t *)&target_mac : NULL), target_ip); sleep(2); } diff -Naur dsniff-2.4.orig/buf.c dsniff-2.4/buf.c --- dsniff-2.4.orig/buf.c 2001-03-15 09:32:59.000000000 +0100 +++ dsniff-2.4/buf.c 2009-04-01 21:54:20.000000000 +0200 @@ -17,6 +17,7 @@ #include #include #include +#include #include "buf.h" diff -Naur dsniff-2.4.orig/config.guess dsniff-2.4/config.guess --- dsniff-2.4.orig/config.guess 1970-01-01 01:00:00.000000000 +0100 +++ dsniff-2.4/config.guess 2009-04-01 21:54:20.000000000 +0200 @@ -0,0 +1,1516 @@ +#! /bin/sh +# Attempt to guess a canonical system name. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, +# Inc. + +timestamp='2007-03-06' + +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Originally written by Per Bothner . +# Please send patches to . Submit a context +# diff and a properly formatted ChangeLog entry. +# +# This script attempts to guess a canonical system name similar to +# config.sub. If it succeeds, it prints the system name on stdout, and +# exits with 0. Otherwise, it exits with 1. +# +# The plan is that this can be called by configure scripts if you +# don't specify an explicit build system type. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] + +Output the configuration name of the system \`$me' is run on. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.guess ($timestamp) + +Originally written by Per Bothner. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 +Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" >&2 + exit 1 ;; + * ) + break ;; + esac +done + +if test $# != 0; then + echo "$me: too many arguments$help" >&2 + exit 1 +fi + +trap 'exit 1' 1 2 15 + +# CC_FOR_BUILD -- compiler used by this script. Note that the use of a +# compiler to aid in system detection is discouraged as it requires +# temporary files to be created and, as you can see below, it is a +# headache to deal with in a portable fashion. + +# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still +# use `HOST_CC' if defined, but it is deprecated. + +# Portable tmp directory creation inspired by the Autoconf team. + +set_cc_for_build=' +trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; +trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; +: ${TMPDIR=/tmp} ; + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; +dummy=$tmp/dummy ; +tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; +case $CC_FOR_BUILD,$HOST_CC,$CC in + ,,) echo "int x;" > $dummy.c ; + for c in cc gcc c89 c99 ; do + if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then + CC_FOR_BUILD="$c"; break ; + fi ; + done ; + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found ; + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; +esac ; set_cc_for_build= ;' + +# This is needed to find uname on a Pyramid OSx when run in the BSD universe. +# (ghazi@noc.rutgers.edu 1994-08-24) +if (test -f /.attbin/uname) >/dev/null 2>&1 ; then + PATH=$PATH:/.attbin ; export PATH +fi + +UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown +UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown + +# Note: order is significant - the case branches are not exclusive. + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in + *:NetBSD:*:*) + # NetBSD (nbsd) targets should (where applicable) match one or + # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently + # switched to ELF, *-*-netbsd* would select the old + # object file format. This provides both forward + # compatibility and a consistent mechanism for selecting the + # object file format. + # + # Note: NetBSD doesn't particularly care about the vendor + # portion of the name. We always set it to "unknown". + sysctl="sysctl -n hw.machine_arch" + UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ + /usr/sbin/$sysctl 2>/dev/null || echo unknown)` + case "${UNAME_MACHINE_ARCH}" in + armeb) machine=armeb-unknown ;; + arm*) machine=arm-unknown ;; + sh3el) machine=shl-unknown ;; + sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; + *) machine=${UNAME_MACHINE_ARCH}-unknown ;; + esac + # The Operating System including object format, if it has switched + # to ELF recently, or will in the future. + case "${UNAME_MACHINE_ARCH}" in + arm*|i386|m68k|ns32k|sh3*|sparc|vax) + eval $set_cc_for_build + if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep __ELF__ >/dev/null + then + # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). + # Return netbsd for either. FIX? + os=netbsd + else + os=netbsdelf + fi + ;; + *) + os=netbsd + ;; + esac + # The OS release + # Debian GNU/NetBSD machines have a different userland, and + # thus, need a distinct triplet. However, they do not need + # kernel version information, so it can be replaced with a + # suitable tag, in the style of linux-gnu. + case "${UNAME_VERSION}" in + Debian*) + release='-gnu' + ;; + *) + release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + ;; + esac + # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: + # contains redundant information, the shorter form: + # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. + echo "${machine}-${os}${release}" + exit ;; + *:OpenBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} + exit ;; + *:ekkoBSD:*:*) + echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} + exit ;; + *:SolidBSD:*:*) + echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} + exit ;; + macppc:MirBSD:*:*) + echo powerpc-unknown-mirbsd${UNAME_RELEASE} + exit ;; + *:MirBSD:*:*) + echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} + exit ;; + alpha:OSF1:*:*) + case $UNAME_RELEASE in + *4.0) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` + ;; + *5.*) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + ;; + esac + # According to Compaq, /usr/sbin/psrinfo has been available on + # OSF/1 and Tru64 systems produced since 1995. I hope that + # covers most systems running today. This code pipes the CPU + # types through head -n 1, so we only detect the type of CPU 0. + ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` + case "$ALPHA_CPU_TYPE" in + "EV4 (21064)") + UNAME_MACHINE="alpha" ;; + "EV4.5 (21064)") + UNAME_MACHINE="alpha" ;; + "LCA4 (21066/21068)") + UNAME_MACHINE="alpha" ;; + "EV5 (21164)") + UNAME_MACHINE="alphaev5" ;; + "EV5.6 (21164A)") + UNAME_MACHINE="alphaev56" ;; + "EV5.6 (21164PC)") + UNAME_MACHINE="alphapca56" ;; + "EV5.7 (21164PC)") + UNAME_MACHINE="alphapca57" ;; + "EV6 (21264)") + UNAME_MACHINE="alphaev6" ;; + "EV6.7 (21264A)") + UNAME_MACHINE="alphaev67" ;; + "EV6.8CB (21264C)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8AL (21264B)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8CX (21264D)") + UNAME_MACHINE="alphaev68" ;; + "EV6.9A (21264/EV69A)") + UNAME_MACHINE="alphaev69" ;; + "EV7 (21364)") + UNAME_MACHINE="alphaev7" ;; + "EV7.9 (21364A)") + UNAME_MACHINE="alphaev79" ;; + esac + # A Pn.n version is a patched version. + # A Vn.n version is a released version. + # A Tn.n version is a released field test version. + # A Xn.n version is an unreleased experimental baselevel. + # 1.2 uses "1.2" for uname -r. + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + exit ;; + Alpha\ *:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # Should we change UNAME_MACHINE based on the output of uname instead + # of the specific Alpha model? + echo alpha-pc-interix + exit ;; + 21064:Windows_NT:50:3) + echo alpha-dec-winnt3.5 + exit ;; + Amiga*:UNIX_System_V:4.0:*) + echo m68k-unknown-sysv4 + exit ;; + *:[Aa]miga[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-amigaos + exit ;; + *:[Mm]orph[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-morphos + exit ;; + *:OS/390:*:*) + echo i370-ibm-openedition + exit ;; + *:z/VM:*:*) + echo s390-ibm-zvmoe + exit ;; + *:OS400:*:*) + echo powerpc-ibm-os400 + exit ;; + arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) + echo arm-acorn-riscix${UNAME_RELEASE} + exit ;; + arm:riscos:*:*|arm:RISCOS:*:*) + echo arm-unknown-riscos + exit ;; + SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) + echo hppa1.1-hitachi-hiuxmpp + exit ;; + Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) + # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. + if test "`(/bin/universe) 2>/dev/null`" = att ; then + echo pyramid-pyramid-sysv3 + else + echo pyramid-pyramid-bsd + fi + exit ;; + NILE*:*:*:dcosx) + echo pyramid-pyramid-svr4 + exit ;; + DRS?6000:unix:4.0:6*) + echo sparc-icl-nx6 + exit ;; + DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) + case `/usr/bin/uname -p` in + sparc) echo sparc-icl-nx7; exit ;; + esac ;; + sun4H:SunOS:5.*:*) + echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) + echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + i86pc:SunOS:5.*:*) + echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:6*:*) + # According to config.sub, this is the proper way to canonicalize + # SunOS6. Hard to guess exactly what SunOS6 will be like, but + # it's likely to be more like Solaris than SunOS4. + echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:*:*) + case "`/usr/bin/arch -k`" in + Series*|S4*) + UNAME_RELEASE=`uname -v` + ;; + esac + # Japanese Language versions have a version number like `4.1.3-JL'. + echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` + exit ;; + sun3*:SunOS:*:*) + echo m68k-sun-sunos${UNAME_RELEASE} + exit ;; + sun*:*:4.2BSD:*) + UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 + case "`/bin/arch`" in + sun3) + echo m68k-sun-sunos${UNAME_RELEASE} + ;; + sun4) + echo sparc-sun-sunos${UNAME_RELEASE} + ;; + esac + exit ;; + aushp:SunOS:*:*) + echo sparc-auspex-sunos${UNAME_RELEASE} + exit ;; + # The situation for MiNT is a little confusing. The machine name + # can be virtually everything (everything which is not + # "atarist" or "atariste" at least should have a processor + # > m68000). The system name ranges from "MiNT" over "FreeMiNT" + # to the lowercase version "mint" (or "freemint"). Finally + # the system name "TOS" denotes a system which is actually not + # MiNT. But MiNT is downward compatible to TOS, so this should + # be no problem. + atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; + hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; + *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; + m68k:machten:*:*) + echo m68k-apple-machten${UNAME_RELEASE} + exit ;; + powerpc:machten:*:*) + echo powerpc-apple-machten${UNAME_RELEASE} + exit ;; + RISC*:Mach:*:*) + echo mips-dec-mach_bsd4.3 + exit ;; + RISC*:ULTRIX:*:*) + echo mips-dec-ultrix${UNAME_RELEASE} + exit ;; + VAX*:ULTRIX*:*:*) + echo vax-dec-ultrix${UNAME_RELEASE} + exit ;; + 2020:CLIX:*:* | 2430:CLIX:*:*) + echo clipper-intergraph-clix${UNAME_RELEASE} + exit ;; + mips:*:*:UMIPS | mips:*:*:RISCos) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c +#ifdef __cplusplus +#include /* for printf() prototype */ + int main (int argc, char *argv[]) { +#else + int main (argc, argv) int argc; char *argv[]; { +#endif + #if defined (host_mips) && defined (MIPSEB) + #if defined (SYSTYPE_SYSV) + printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_SVR4) + printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) + printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); + #endif + #endif + exit (-1); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && + dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && + SYSTEM_NAME=`$dummy $dummyarg` && + { echo "$SYSTEM_NAME"; exit; } + echo mips-mips-riscos${UNAME_RELEASE} + exit ;; + Motorola:PowerMAX_OS:*:*) + echo powerpc-motorola-powermax + exit ;; + Motorola:*:4.3:PL8-*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:Power_UNIX:*:*) + echo powerpc-harris-powerunix + exit ;; + m88k:CX/UX:7*:*) + echo m88k-harris-cxux7 + exit ;; + m88k:*:4*:R4*) + echo m88k-motorola-sysv4 + exit ;; + m88k:*:3*:R3*) + echo m88k-motorola-sysv3 + exit ;; + AViiON:dgux:*:*) + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` + if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] + then + if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ + [ ${TARGET_BINARY_INTERFACE}x = x ] + then + echo m88k-dg-dgux${UNAME_RELEASE} + else + echo m88k-dg-dguxbcs${UNAME_RELEASE} + fi + else + echo i586-dg-dgux${UNAME_RELEASE} + fi + exit ;; + M88*:DolphinOS:*:*) # DolphinOS (SVR3) + echo m88k-dolphin-sysv3 + exit ;; + M88*:*:R3*:*) + # Delta 88k system running SVR3 + echo m88k-motorola-sysv3 + exit ;; + XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) + echo m88k-tektronix-sysv3 + exit ;; + Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) + echo m68k-tektronix-bsd + exit ;; + *:IRIX*:*:*) + echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` + exit ;; + ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + i*86:AIX:*:*) + echo i386-ibm-aix + exit ;; + ia64:AIX:*:*) + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} + exit ;; + *:AIX:2:3) + if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + + main() + { + if (!__power_pc()) + exit(1); + puts("powerpc-ibm-aix3.2.5"); + exit(0); + } +EOF + if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` + then + echo "$SYSTEM_NAME" + else + echo rs6000-ibm-aix3.2.5 + fi + elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then + echo rs6000-ibm-aix3.2.4 + else + echo rs6000-ibm-aix3.2 + fi + exit ;; + *:AIX:*:[45]) + IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` + if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then + IBM_ARCH=rs6000 + else + IBM_ARCH=powerpc + fi + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${IBM_ARCH}-ibm-aix${IBM_REV} + exit ;; + *:AIX:*:*) + echo rs6000-ibm-aix + exit ;; + ibmrt:4.4BSD:*|romp-ibm:BSD:*) + echo romp-ibm-bsd4.4 + exit ;; + ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and + echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to + exit ;; # report: romp-ibm BSD 4.3 + *:BOSX:*:*) + echo rs6000-bull-bosx + exit ;; + DPX/2?00:B.O.S.:*:*) + echo m68k-bull-sysv3 + exit ;; + 9000/[34]??:4.3bsd:1.*:*) + echo m68k-hp-bsd + exit ;; + hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) + echo m68k-hp-bsd4.4 + exit ;; + 9000/[34678]??:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + case "${UNAME_MACHINE}" in + 9000/31? ) HP_ARCH=m68000 ;; + 9000/[34]?? ) HP_ARCH=m68k ;; + 9000/[678][0-9][0-9]) + if [ -x /usr/bin/getconf ]; then + sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; + '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 + esac ;; + esac + fi + if [ "${HP_ARCH}" = "" ]; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + + #define _HPUX_SOURCE + #include + #include + + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); + + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } +EOF + (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` + test -z "$HP_ARCH" && HP_ARCH=hppa + fi ;; + esac + if [ ${HP_ARCH} = "hppa2.0w" ] + then + eval $set_cc_for_build + + # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating + # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler + # generating 64-bit code. GNU and HP use different nomenclature: + # + # $ CC_FOR_BUILD=cc ./config.guess + # => hppa2.0w-hp-hpux11.23 + # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess + # => hppa64-hp-hpux11.23 + + if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | + grep __LP64__ >/dev/null + then + HP_ARCH="hppa2.0w" + else + HP_ARCH="hppa64" + fi + fi + echo ${HP_ARCH}-hp-hpux${HPUX_REV} + exit ;; + ia64:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + echo ia64-hp-hpux${HPUX_REV} + exit ;; + 3050*:HI-UX:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + int + main () + { + long cpu = sysconf (_SC_CPU_VERSION); + /* The order matters, because CPU_IS_HP_MC68K erroneously returns + true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct + results, however. */ + if (CPU_IS_PA_RISC (cpu)) + { + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; + case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; + default: puts ("hppa-hitachi-hiuxwe2"); break; + } + } + else if (CPU_IS_HP_MC68K (cpu)) + puts ("m68k-hitachi-hiuxwe2"); + else puts ("unknown-hitachi-hiuxwe2"); + exit (0); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + echo unknown-hitachi-hiuxwe2 + exit ;; + 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) + echo hppa1.1-hp-bsd + exit ;; + 9000/8??:4.3bsd:*:*) + echo hppa1.0-hp-bsd + exit ;; + *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) + echo hppa1.0-hp-mpeix + exit ;; + hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) + echo hppa1.1-hp-osf + exit ;; + hp8??:OSF1:*:*) + echo hppa1.0-hp-osf + exit ;; + i*86:OSF1:*:*) + if [ -x /usr/sbin/sysversion ] ; then + echo ${UNAME_MACHINE}-unknown-osf1mk + else + echo ${UNAME_MACHINE}-unknown-osf1 + fi + exit ;; + parisc*:Lites*:*:*) + echo hppa1.1-hp-lites + exit ;; + C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) + echo c1-convex-bsd + exit ;; + C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) + echo c34-convex-bsd + exit ;; + C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) + echo c38-convex-bsd + exit ;; + C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) + echo c4-convex-bsd + exit ;; + CRAY*Y-MP:*:*:*) + echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*[A-Z]90:*:*:*) + echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ + | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ + -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ + -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*TS:*:*:*) + echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*T3E:*:*:*) + echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*SV1:*:*:*) + echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + *:UNICOS/mp:*:*) + echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) + FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + 5000:UNIX_System_V:4.*:*) + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) + echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} + exit ;; + sparc*:BSD/OS:*:*) + echo sparc-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:BSD/OS:*:*) + echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:FreeBSD:*:*) + case ${UNAME_MACHINE} in + pc98) + echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + amd64) + echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + *) + echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + esac + exit ;; + i*:CYGWIN*:*) + echo ${UNAME_MACHINE}-pc-cygwin + exit ;; + *:MINGW*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit ;; + i*:windows32*:*) + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 + exit ;; + i*:PW*:*) + echo ${UNAME_MACHINE}-pc-pw32 + exit ;; + *:Interix*:[3456]*) + case ${UNAME_MACHINE} in + x86) + echo i586-pc-interix${UNAME_RELEASE} + exit ;; + EM64T | authenticamd) + echo x86_64-unknown-interix${UNAME_RELEASE} + exit ;; + esac ;; + [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) + echo i${UNAME_MACHINE}-pc-mks + exit ;; + i*:Windows_NT*:* | Pentium*:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we + # UNAME_MACHINE based on the output of uname instead of i386? + echo i586-pc-interix + exit ;; + i*:UWIN*:*) + echo ${UNAME_MACHINE}-pc-uwin + exit ;; + amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) + echo x86_64-unknown-cygwin + exit ;; + p*:CYGWIN*:*) + echo powerpcle-unknown-cygwin + exit ;; + prep*:SunOS:5.*:*) + echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + *:GNU:*:*) + # the GNU system + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + exit ;; + *:GNU/*:*:*) + # other systems with GNU libc and userland + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + exit ;; + i*86:Minix:*:*) + echo ${UNAME_MACHINE}-pc-minix + exit ;; + arm*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + avr32*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + cris:Linux:*:*) + echo cris-axis-linux-gnu + exit ;; + crisv32:Linux:*:*) + echo crisv32-axis-linux-gnu + exit ;; + frv:Linux:*:*) + echo frv-unknown-linux-gnu + exit ;; + ia64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m32r*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m68*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + mips:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef mips + #undef mipsel + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=mipsel + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=mips + #else + CPU= + #endif + #endif +EOF + eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' + /^CPU/{ + s: ::g + p + }'`" + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + ;; + mips64:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef mips64 + #undef mips64el + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=mips64el + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=mips64 + #else + CPU= + #endif + #endif +EOF + eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' + /^CPU/{ + s: ::g + p + }'`" + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + ;; + or32:Linux:*:*) + echo or32-unknown-linux-gnu + exit ;; + ppc:Linux:*:*) + echo powerpc-unknown-linux-gnu + exit ;; + ppc64:Linux:*:*) + echo powerpc64-unknown-linux-gnu + exit ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; + EV56) UNAME_MACHINE=alphaev56 ;; + PCA56) UNAME_MACHINE=alphapca56 ;; + PCA57) UNAME_MACHINE=alphapca56 ;; + EV6) UNAME_MACHINE=alphaev6 ;; + EV67) UNAME_MACHINE=alphaev67 ;; + EV68*) UNAME_MACHINE=alphaev68 ;; + esac + objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null + if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi + echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + exit ;; + parisc:Linux:*:* | hppa:Linux:*:*) + # Look for CPU level + case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in + PA7*) echo hppa1.1-unknown-linux-gnu ;; + PA8*) echo hppa2.0-unknown-linux-gnu ;; + *) echo hppa-unknown-linux-gnu ;; + esac + exit ;; + parisc64:Linux:*:* | hppa64:Linux:*:*) + echo hppa64-unknown-linux-gnu + exit ;; + s390:Linux:*:* | s390x:Linux:*:*) + echo ${UNAME_MACHINE}-ibm-linux + exit ;; + sh64*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sh*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sparc:Linux:*:* | sparc64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + vax:Linux:*:*) + echo ${UNAME_MACHINE}-dec-linux-gnu + exit ;; + x86_64:Linux:*:*) + echo x86_64-unknown-linux-gnu + exit ;; + xtensa:Linux:*:*) + echo xtensa-unknown-linux-gnu + exit ;; + i*86:Linux:*:*) + # The BFD linker knows what the default object file format is, so + # first see if it will tell us. cd to the root directory to prevent + # problems with other programs or directories called `ld' in the path. + # Set LC_ALL=C to ensure ld outputs messages in English. + ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \ + | sed -ne '/supported targets:/!d + s/[ ][ ]*/ /g + s/.*supported targets: *// + s/ .*// + p'` + case "$ld_supported_targets" in + elf32-i386) + TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" + ;; + a.out-i386-linux) + echo "${UNAME_MACHINE}-pc-linux-gnuaout" + exit ;; + coff-i386) + echo "${UNAME_MACHINE}-pc-linux-gnucoff" + exit ;; + "") + # Either a pre-BFD a.out linker (linux-gnuoldld) or + # one that does not give us useful --help. + echo "${UNAME_MACHINE}-pc-linux-gnuoldld" + exit ;; + esac + # Determine whether the default compiler is a.out or elf + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + #ifdef __ELF__ + # ifdef __GLIBC__ + # if __GLIBC__ >= 2 + LIBC=gnu + # else + LIBC=gnulibc1 + # endif + # else + LIBC=gnulibc1 + # endif + #else + #if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) + LIBC=gnu + #else + LIBC=gnuaout + #endif + #endif + #ifdef __dietlibc__ + LIBC=dietlibc + #endif +EOF + eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' + /^LIBC/{ + s: ::g + p + }'`" + test x"${LIBC}" != x && { + echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + exit + } + test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; } + ;; + i*86:DYNIX/ptx:4*:*) + # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. + # earlier versions are messed up and put the nodename in both + # sysname and nodename. + echo i386-sequent-sysv4 + exit ;; + i*86:UNIX_SV:4.2MP:2.*) + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, + # I just have to hope. -- rms. + # Use sysv4.2uw... so that sysv4* matches it. + echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} + exit ;; + i*86:OS/2:*:*) + # If we were able to find `uname', then EMX Unix compatibility + # is probably installed. + echo ${UNAME_MACHINE}-pc-os2-emx + exit ;; + i*86:XTS-300:*:STOP) + echo ${UNAME_MACHINE}-unknown-stop + exit ;; + i*86:atheos:*:*) + echo ${UNAME_MACHINE}-unknown-atheos + exit ;; + i*86:syllable:*:*) + echo ${UNAME_MACHINE}-pc-syllable + exit ;; + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) + echo i386-unknown-lynxos${UNAME_RELEASE} + exit ;; + i*86:*DOS:*:*) + echo ${UNAME_MACHINE}-pc-msdosdjgpp + exit ;; + i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) + UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` + if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then + echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} + else + echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} + fi + exit ;; + i*86:*:5:[678]*) + # UnixWare 7.x, OpenUNIX and OpenServer 6. + case `/bin/uname -X | grep "^Machine"` in + *486*) UNAME_MACHINE=i486 ;; + *Pentium) UNAME_MACHINE=i586 ;; + *Pent*|*Celeron) UNAME_MACHINE=i686 ;; + esac + echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + exit ;; + i*86:*:3.2:*) + if test -f /usr/options/cb.name; then + UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then + UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` + (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ + && UNAME_MACHINE=i586 + (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ + && UNAME_MACHINE=i686 + echo ${UNAME_MACHINE}-pc-sco$UNAME_REL + else + echo ${UNAME_MACHINE}-pc-sysv32 + fi + exit ;; + pc:*:*:*) + # Left here for compatibility: + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i386. + echo i386-pc-msdosdjgpp + exit ;; + Intel:Mach:3*:*) + echo i386-pc-mach3 + exit ;; + paragon:*:*:*) + echo i860-intel-osf1 + exit ;; + i860:*:4.*:*) # i860-SVR4 + if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then + echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 + else # Add other i860-SVR4 vendors below as they are discovered. + echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 + fi + exit ;; + mini*:CTIX:SYS*5:*) + # "miniframe" + echo m68010-convergent-sysv + exit ;; + mc68k:UNIX:SYSTEM5:3.51m) + echo m68k-convergent-sysv + exit ;; + M680?0:D-NIX:5.3:*) + echo m68k-diab-dnix + exit ;; + M68*:*:R3V[5678]*:*) + test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; + 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) + OS_REL='' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; + m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) + echo m68k-unknown-lynxos${UNAME_RELEASE} + exit ;; + mc68030:UNIX_System_V:4.*:*) + echo m68k-atari-sysv4 + exit ;; + TSUNAMI:LynxOS:2.*:*) + echo sparc-unknown-lynxos${UNAME_RELEASE} + exit ;; + rs6000:LynxOS:2.*:*) + echo rs6000-unknown-lynxos${UNAME_RELEASE} + exit ;; + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) + echo powerpc-unknown-lynxos${UNAME_RELEASE} + exit ;; + SM[BE]S:UNIX_SV:*:*) + echo mips-dde-sysv${UNAME_RELEASE} + exit ;; + RM*:ReliantUNIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + RM*:SINIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + *:SINIX-*:*:*) + if uname -p 2>/dev/null >/dev/null ; then + UNAME_MACHINE=`(uname -p) 2>/dev/null` + echo ${UNAME_MACHINE}-sni-sysv4 + else + echo ns32k-sni-sysv + fi + exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; + *:UNIX_System_V:4*:FTX*) + # From Gerald Hewes . + # How about differentiating between stratus architectures? -djm + echo hppa1.1-stratus-sysv4 + exit ;; + *:*:*:FTX*) + # From seanf@swdc.stratus.com. + echo i860-stratus-sysv4 + exit ;; + i*86:VOS:*:*) + # From Paul.Green@stratus.com. + echo ${UNAME_MACHINE}-stratus-vos + exit ;; + *:VOS:*:*) + # From Paul.Green@stratus.com. + echo hppa1.1-stratus-vos + exit ;; + mc68*:A/UX:*:*) + echo m68k-apple-aux${UNAME_RELEASE} + exit ;; + news*:NEWS-OS:6*:*) + echo mips-sony-newsos6 + exit ;; + R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) + if [ -d /usr/nec ]; then + echo mips-nec-sysv${UNAME_RELEASE} + else + echo mips-unknown-sysv${UNAME_RELEASE} + fi + exit ;; + BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. + echo powerpc-be-beos + exit ;; + BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. + echo powerpc-apple-beos + exit ;; + BePC:BeOS:*:*) # BeOS running on Intel PC compatible. + echo i586-pc-beos + exit ;; + SX-4:SUPER-UX:*:*) + echo sx4-nec-superux${UNAME_RELEASE} + exit ;; + SX-5:SUPER-UX:*:*) + echo sx5-nec-superux${UNAME_RELEASE} + exit ;; + SX-6:SUPER-UX:*:*) + echo sx6-nec-superux${UNAME_RELEASE} + exit ;; + SX-7:SUPER-UX:*:*) + echo sx7-nec-superux${UNAME_RELEASE} + exit ;; + SX-8:SUPER-UX:*:*) + echo sx8-nec-superux${UNAME_RELEASE} + exit ;; + SX-8R:SUPER-UX:*:*) + echo sx8r-nec-superux${UNAME_RELEASE} + exit ;; + Power*:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Rhapsody:*:*) + echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Darwin:*:*) + UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown + case $UNAME_PROCESSOR in + unknown) UNAME_PROCESSOR=powerpc ;; + esac + echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} + exit ;; + *:procnto*:*:* | *:QNX:[0123456789]*:*) + UNAME_PROCESSOR=`uname -p` + if test "$UNAME_PROCESSOR" = "x86"; then + UNAME_PROCESSOR=i386 + UNAME_MACHINE=pc + fi + echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} + exit ;; + *:QNX:*:4*) + echo i386-pc-qnx + exit ;; + NSE-?:NONSTOP_KERNEL:*:*) + echo nse-tandem-nsk${UNAME_RELEASE} + exit ;; + NSR-?:NONSTOP_KERNEL:*:*) + echo nsr-tandem-nsk${UNAME_RELEASE} + exit ;; + *:NonStop-UX:*:*) + echo mips-compaq-nonstopux + exit ;; + BS2000:POSIX*:*:*) + echo bs2000-siemens-sysv + exit ;; + DS/*:UNIX_System_V:*:*) + echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} + exit ;; + *:Plan9:*:*) + # "uname -m" is not consistent, so use $cputype instead. 386 + # is converted to i386 for consistency with other x86 + # operating systems. + if test "$cputype" = "386"; then + UNAME_MACHINE=i386 + else + UNAME_MACHINE="$cputype" + fi + echo ${UNAME_MACHINE}-unknown-plan9 + exit ;; + *:TOPS-10:*:*) + echo pdp10-unknown-tops10 + exit ;; + *:TENEX:*:*) + echo pdp10-unknown-tenex + exit ;; + KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) + echo pdp10-dec-tops20 + exit ;; + XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) + echo pdp10-xkl-tops20 + exit ;; + *:TOPS-20:*:*) + echo pdp10-unknown-tops20 + exit ;; + *:ITS:*:*) + echo pdp10-unknown-its + exit ;; + SEI:*:*:SEIUX) + echo mips-sei-seiux${UNAME_RELEASE} + exit ;; + *:DragonFly:*:*) + echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + exit ;; + *:*VMS:*:*) + UNAME_MACHINE=`(uname -p) 2>/dev/null` + case "${UNAME_MACHINE}" in + A*) echo alpha-dec-vms ; exit ;; + I*) echo ia64-dec-vms ; exit ;; + V*) echo vax-dec-vms ; exit ;; + esac ;; + *:XENIX:*:SysV) + echo i386-pc-xenix + exit ;; + i*86:skyos:*:*) + echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' + exit ;; + i*86:rdos:*:*) + echo ${UNAME_MACHINE}-pc-rdos + exit ;; +esac + +#echo '(No uname command or uname output not recognized.)' 1>&2 +#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 + +eval $set_cc_for_build +cat >$dummy.c < +# include +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (__arm) && defined (__acorn) && defined (__unix) + printf ("arm-acorn-riscix\n"); exit (0); +#endif + +#if defined (hp300) && !defined (hpux) + printf ("m68k-hp-bsd\n"); exit (0); +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + if (version < 4) + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + else + printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); + +#endif + +#if defined (vax) +# if !defined (ultrix) +# include +# if defined (BSD) +# if BSD == 43 + printf ("vax-dec-bsd4.3\n"); exit (0); +# else +# if BSD == 199006 + printf ("vax-dec-bsd4.3reno\n"); exit (0); +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# endif +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# else + printf ("vax-dec-ultrix\n"); exit (0); +# endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + +# Apollos put the system type in the environment. + +test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } + +# Convex versions that predate uname can use getsysinfo(1) + +if [ -x /usr/convex/getsysinfo ] +then + case `getsysinfo -f cpu_type` in + c1*) + echo c1-convex-bsd + exit ;; + c2*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + c34*) + echo c34-convex-bsd + exit ;; + c38*) + echo c38-convex-bsd + exit ;; + c4*) + echo c4-convex-bsd + exit ;; + esac +fi + +cat >&2 < in order to provide the needed +information to handle your system. + +config.guess timestamp = $timestamp + +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null` + +hostinfo = `(hostinfo) 2>/dev/null` +/bin/universe = `(/bin/universe) 2>/dev/null` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` +/bin/arch = `(/bin/arch) 2>/dev/null` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` + +UNAME_MACHINE = ${UNAME_MACHINE} +UNAME_RELEASE = ${UNAME_RELEASE} +UNAME_SYSTEM = ${UNAME_SYSTEM} +UNAME_VERSION = ${UNAME_VERSION} +EOF + +exit 1 + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff -Naur dsniff-2.4.orig/config.sub dsniff-2.4/config.sub --- dsniff-2.4.orig/config.sub 1970-01-01 01:00:00.000000000 +0100 +++ dsniff-2.4/config.sub 2009-04-01 21:54:20.000000000 +0200 @@ -0,0 +1,1622 @@ +#! /bin/sh +# Configuration validation subroutine script. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, +# Inc. + +timestamp='2007-01-18' + +# This file is (in principle) common to ALL GNU software. +# The presence of a machine in this file suggests that SOME GNU software +# can handle that machine. It does not imply ALL GNU software can. +# +# This file is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Please send patches to . Submit a context +# diff and a properly formatted ChangeLog entry. +# +# Configuration subroutine to validate and canonicalize a configuration type. +# Supply the specified configuration type as an argument. +# If it is invalid, we print an error message on stderr and exit with code 1. +# Otherwise, we print the canonical config type on stdout and succeed. + +# This file is supposed to be the same for all GNU packages +# and recognize all the CPU types, system types and aliases +# that are meaningful with *any* GNU software. +# Each package is responsible for reporting which valid configurations +# it does not support. The user should be able to distinguish +# a failure to support a valid configuration from a meaningless +# configuration. + +# The goal of this file is to map all the various variations of a given +# machine specification into a single specification in the form: +# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM +# or in some cases, the newer four-part form: +# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM +# It is wrong to echo any other type of specification. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] CPU-MFR-OPSYS + $0 [OPTION] ALIAS + +Canonicalize a configuration name. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.sub ($timestamp) + +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 +Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" + exit 1 ;; + + *local*) + # First pass through any local machine types. + echo $1 + exit ;; + + * ) + break ;; + esac +done + +case $# in + 0) echo "$me: missing argument$help" >&2 + exit 1;; + 1) ;; + *) echo "$me: too many arguments$help" >&2 + exit 1;; +esac + +# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). +# Here we must recognize all the valid KERNEL-OS combinations. +maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` +case $maybe_os in + nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ + uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ + storm-chaos* | os2-emx* | rtmk-nova*) + os=-$maybe_os + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` + ;; + *) + basic_machine=`echo $1 | sed 's/-[^-]*$//'` + if [ $basic_machine != $1 ] + then os=`echo $1 | sed 's/.*-/-/'` + else os=; fi + ;; +esac + +### Let's recognize common machines as not being operating systems so +### that things like config.sub decstation-3100 work. We also +### recognize some manufacturers as not being operating systems, so we +### can provide default operating systems below. +case $os in + -sun*os*) + # Prevent following clause from handling this invalid input. + ;; + -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ + -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ + -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ + -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ + -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ + -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ + -apple | -axis | -knuth | -cray) + os= + basic_machine=$1 + ;; + -sim | -cisco | -oki | -wec | -winbond) + os= + basic_machine=$1 + ;; + -scout) + ;; + -wrs) + os=-vxworks + basic_machine=$1 + ;; + -chorusos*) + os=-chorusos + basic_machine=$1 + ;; + -chorusrdb) + os=-chorusrdb + basic_machine=$1 + ;; + -hiux*) + os=-hiuxwe2 + ;; + -sco6) + os=-sco5v6 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5) + os=-sco3.2v5 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco4) + os=-sco3.2v4 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2.[4-9]*) + os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2v[4-9]*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco*) + os=-sco3.2v2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -udk*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -isc) + os=-isc2.2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -clix*) + basic_machine=clipper-intergraph + ;; + -isc*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -lynx*) + os=-lynxos + ;; + -ptx*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` + ;; + -windowsnt*) + os=`echo $os | sed -e 's/windowsnt/winnt/'` + ;; + -psos*) + os=-psos + ;; + -mint | -mint[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; +esac + +# Decode aliases for certain CPU-COMPANY combinations. +case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. + 1750a | 580 \ + | a29k \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ + | am33_2.0 \ + | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ + | bfin \ + | c4x | clipper \ + | d10v | d30v | dlx | dsp16xx \ + | fido | fr30 | frv \ + | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | i370 | i860 | i960 | ia64 \ + | ip2k | iq2000 \ + | m32c | m32r | m32rle | m68000 | m68k | m88k \ + | maxq | mb | microblaze | mcore | mep \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64el \ + | mips64vr | mips64vrel \ + | mips64orion | mips64orionel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipstx39 | mipstx39el \ + | mn10200 | mn10300 \ + | mt \ + | msp430 \ + | nios | nios2 \ + | ns16k | ns32k \ + | or32 \ + | pdp10 | pdp11 | pj | pjl \ + | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ + | pyramid \ + | score \ + | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ + | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ + | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ + | spu | strongarm \ + | tahoe | thumb | tic4x | tic80 | tron \ + | v850 | v850e \ + | we32k \ + | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ + | z8k) + basic_machine=$basic_machine-unknown + ;; + m6811 | m68hc11 | m6812 | m68hc12) + # Motorola 68HC11/12. + basic_machine=$basic_machine-unknown + os=-none + ;; + m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) + ;; + ms1) + basic_machine=mt-unknown + ;; + + # We use `pc' rather than `unknown' + # because (1) that's what they normally are, and + # (2) the word "unknown" tends to confuse beginning users. + i*86 | x86_64) + basic_machine=$basic_machine-pc + ;; + # Object if more than one company name word. + *-*-*) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; + # Recognize the basic CPU types with company name. + 580-* \ + | a29k-* \ + | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ + | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ + | avr-* | avr32-* \ + | bfin-* | bs2000-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ + | clipper-* | craynv-* | cydra-* \ + | d10v-* | d30v-* | dlx-* \ + | elxsi-* \ + | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ + | h8300-* | h8500-* \ + | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | i*86-* | i860-* | i960-* | ia64-* \ + | ip2k-* | iq2000-* \ + | m32c-* | m32r-* | m32rle-* \ + | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ + | m88110-* | m88k-* | maxq-* | mcore-* \ + | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ + | mips16-* \ + | mips64-* | mips64el-* \ + | mips64vr-* | mips64vrel-* \ + | mips64orion-* | mips64orionel-* \ + | mips64vr4100-* | mips64vr4100el-* \ + | mips64vr4300-* | mips64vr4300el-* \ + | mips64vr5000-* | mips64vr5000el-* \ + | mips64vr5900-* | mips64vr5900el-* \ + | mipsisa32-* | mipsisa32el-* \ + | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa64-* | mipsisa64el-* \ + | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64sb1-* | mipsisa64sb1el-* \ + | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipstx39-* | mipstx39el-* \ + | mmix-* \ + | mt-* \ + | msp430-* \ + | nios-* | nios2-* \ + | none-* | np1-* | ns16k-* | ns32k-* \ + | orion-* \ + | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ + | pyramid-* \ + | romp-* | rs6000-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ + | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ + | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ + | sparclite-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ + | tahoe-* | thumb-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tron-* \ + | v850-* | v850e-* | vax-* \ + | we32k-* \ + | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ + | xstormy16-* | xtensa-* \ + | ymp-* \ + | z8k-*) + ;; + # Recognize the various machine names and aliases which stand + # for a CPU type and a company and sometimes even an OS. + 386bsd) + basic_machine=i386-unknown + os=-bsd + ;; + 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) + basic_machine=m68000-att + ;; + 3b*) + basic_machine=we32k-att + ;; + a29khif) + basic_machine=a29k-amd + os=-udi + ;; + abacus) + basic_machine=abacus-unknown + ;; + adobe68k) + basic_machine=m68010-adobe + os=-scout + ;; + alliant | fx80) + basic_machine=fx80-alliant + ;; + altos | altos3068) + basic_machine=m68k-altos + ;; + am29k) + basic_machine=a29k-none + os=-bsd + ;; + amd64) + basic_machine=x86_64-pc + ;; + amd64-*) + basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + amdahl) + basic_machine=580-amdahl + os=-sysv + ;; + amiga | amiga-*) + basic_machine=m68k-unknown + ;; + amigaos | amigados) + basic_machine=m68k-unknown + os=-amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + os=-sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + os=-sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + os=-bsd + ;; + aux) + basic_machine=m68k-apple + os=-aux + ;; + balance) + basic_machine=ns32k-sequent + os=-dynix + ;; + c90) + basic_machine=c90-cray + os=-unicos + ;; + convex-c1) + basic_machine=c1-convex + os=-bsd + ;; + convex-c2) + basic_machine=c2-convex + os=-bsd + ;; + convex-c32) + basic_machine=c32-convex + os=-bsd + ;; + convex-c34) + basic_machine=c34-convex + os=-bsd + ;; + convex-c38) + basic_machine=c38-convex + os=-bsd + ;; + cray | j90) + basic_machine=j90-cray + os=-unicos + ;; + craynv) + basic_machine=craynv-cray + os=-unicosmp + ;; + cr16c) + basic_machine=cr16c-unknown + os=-elf + ;; + crds | unos) + basic_machine=m68k-crds + ;; + crisv32 | crisv32-* | etraxfs*) + basic_machine=crisv32-axis + ;; + cris | cris-* | etrax*) + basic_machine=cris-axis + ;; + crx) + basic_machine=crx-unknown + os=-elf + ;; + da30 | da30-*) + basic_machine=m68k-da30 + ;; + decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) + basic_machine=mips-dec + ;; + decsystem10* | dec10*) + basic_machine=pdp10-dec + os=-tops10 + ;; + decsystem20* | dec20*) + basic_machine=pdp10-dec + os=-tops20 + ;; + delta | 3300 | motorola-3300 | motorola-delta \ + | 3300-motorola | delta-motorola) + basic_machine=m68k-motorola + ;; + delta88) + basic_machine=m88k-motorola + os=-sysv3 + ;; + djgpp) + basic_machine=i586-pc + os=-msdosdjgpp + ;; + dpx20 | dpx20-*) + basic_machine=rs6000-bull + os=-bosx + ;; + dpx2* | dpx2*-bull) + basic_machine=m68k-bull + os=-sysv3 + ;; + ebmon29k) + basic_machine=a29k-amd + os=-ebmon + ;; + elxsi) + basic_machine=elxsi-elxsi + os=-bsd + ;; + encore | umax | mmax) + basic_machine=ns32k-encore + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + os=-ose + ;; + fx2800) + basic_machine=i860-alliant + ;; + genix) + basic_machine=ns32k-ns + ;; + gmicro) + basic_machine=tron-gmicro + os=-sysv + ;; + go32) + basic_machine=i386-pc + os=-go32 + ;; + h3050r* | hiux*) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + h8300hms) + basic_machine=h8300-hitachi + os=-hms + ;; + h8300xray) + basic_machine=h8300-hitachi + os=-xray + ;; + h8500hms) + basic_machine=h8500-hitachi + os=-hms + ;; + harris) + basic_machine=m88k-harris + os=-sysv3 + ;; + hp300-*) + basic_machine=m68k-hp + ;; + hp300bsd) + basic_machine=m68k-hp + os=-bsd + ;; + hp300hpux) + basic_machine=m68k-hp + os=-hpux + ;; + hp3k9[0-9][0-9] | hp9[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k2[0-9][0-9] | hp9k31[0-9]) + basic_machine=m68000-hp + ;; + hp9k3[2-9][0-9]) + basic_machine=m68k-hp + ;; + hp9k6[0-9][0-9] | hp6[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k7[0-79][0-9] | hp7[0-79][0-9]) + basic_machine=hppa1.1-hp + ;; + hp9k78[0-9] | hp78[0-9]) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][13679] | hp8[0-9][13679]) + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][0-9] | hp8[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hppa-next) + os=-nextstep3 + ;; + hppaosf) + basic_machine=hppa1.1-hp + os=-osf + ;; + hppro) + basic_machine=hppa1.1-hp + os=-proelf + ;; + i370-ibm* | ibm*) + basic_machine=i370-ibm + ;; +# I'm not sure what "Sysv32" means. Should this be sysv3.2? + i*86v32) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv32 + ;; + i*86v4*) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv4 + ;; + i*86v) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv + ;; + i*86sol2) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-solaris2 + ;; + i386mach) + basic_machine=i386-mach + os=-mach + ;; + i386-vsta | vsta) + basic_machine=i386-unknown + os=-vsta + ;; + iris | iris4d) + basic_machine=mips-sgi + case $os in + -irix*) + ;; + *) + os=-irix4 + ;; + esac + ;; + isi68 | isi) + basic_machine=m68k-isi + os=-sysv + ;; + m88k-omron*) + basic_machine=m88k-omron + ;; + magnum | m3230) + basic_machine=mips-mips + os=-sysv + ;; + merlin) + basic_machine=ns32k-utek + os=-sysv + ;; + mingw32) + basic_machine=i386-pc + os=-mingw32 + ;; + miniframe) + basic_machine=m68000-convergent + ;; + *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; + mips3*-*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` + ;; + mips3*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown + ;; + monitor) + basic_machine=m68k-rom68k + os=-coff + ;; + morphos) + basic_machine=powerpc-unknown + os=-morphos + ;; + msdos) + basic_machine=i386-pc + os=-msdos + ;; + ms1-*) + basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` + ;; + mvs) + basic_machine=i370-ibm + os=-mvs + ;; + ncr3000) + basic_machine=i486-ncr + os=-sysv4 + ;; + netbsd386) + basic_machine=i386-unknown + os=-netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + os=-linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + os=-newsos + ;; + news1000) + basic_machine=m68030-sony + os=-newsos + ;; + news-3600 | risc-news) + basic_machine=mips-sony + os=-newsos + ;; + necv70) + basic_machine=v70-nec + os=-sysv + ;; + next | m*-next ) + basic_machine=m68k-next + case $os in + -nextstep* ) + ;; + -ns2*) + os=-nextstep2 + ;; + *) + os=-nextstep3 + ;; + esac + ;; + nh3000) + basic_machine=m68k-harris + os=-cxux + ;; + nh[45]000) + basic_machine=m88k-harris + os=-cxux + ;; + nindy960) + basic_machine=i960-intel + os=-nindy + ;; + mon960) + basic_machine=i960-intel + os=-mon960 + ;; + nonstopux) + basic_machine=mips-compaq + os=-nonstopux + ;; + np1) + basic_machine=np1-gould + ;; + nsr-tandem) + basic_machine=nsr-tandem + ;; + op50n-* | op60c-*) + basic_machine=hppa1.1-oki + os=-proelf + ;; + openrisc | openrisc-*) + basic_machine=or32-unknown + ;; + os400) + basic_machine=powerpc-ibm + os=-os400 + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + os=-ose + ;; + os68k) + basic_machine=m68k-none + os=-os68k + ;; + pa-hitachi) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + paragon) + basic_machine=i860-intel + os=-osf + ;; + pbd) + basic_machine=sparc-tti + ;; + pbb) + basic_machine=m68k-tti + ;; + pc532 | pc532-*) + basic_machine=ns32k-pc532 + ;; + pc98) + basic_machine=i386-pc + ;; + pc98-*) + basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium | p5 | k5 | k6 | nexgen | viac3) + basic_machine=i586-pc + ;; + pentiumpro | p6 | 6x86 | athlon | athlon_*) + basic_machine=i686-pc + ;; + pentiumii | pentium2 | pentiumiii | pentium3) + basic_machine=i686-pc + ;; + pentium4) + basic_machine=i786-pc + ;; + pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) + basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumpro-* | p6-* | 6x86-* | athlon-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium4-*) + basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pn) + basic_machine=pn-gould + ;; + power) basic_machine=power-ibm + ;; + ppc) basic_machine=powerpc-unknown + ;; + ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppcle | powerpclittle | ppc-le | powerpc-little) + basic_machine=powerpcle-unknown + ;; + ppcle-* | powerpclittle-*) + basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64) basic_machine=powerpc64-unknown + ;; + ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64le | powerpc64little | ppc64-le | powerpc64-little) + basic_machine=powerpc64le-unknown + ;; + ppc64le-* | powerpc64little-*) + basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ps2) + basic_machine=i386-ibm + ;; + pw32) + basic_machine=i586-unknown + os=-pw32 + ;; + rdos) + basic_machine=i386-pc + os=-rdos + ;; + rom68k) + basic_machine=m68k-rom68k + os=-coff + ;; + rm[46]00) + basic_machine=mips-siemens + ;; + rtpc | rtpc-*) + basic_machine=romp-ibm + ;; + s390 | s390-*) + basic_machine=s390-ibm + ;; + s390x | s390x-*) + basic_machine=s390x-ibm + ;; + sa29200) + basic_machine=a29k-amd + os=-udi + ;; + sb1) + basic_machine=mipsisa64sb1-unknown + ;; + sb1el) + basic_machine=mipsisa64sb1el-unknown + ;; + sde) + basic_machine=mipsisa32-sde + os=-elf + ;; + sei) + basic_machine=mips-sei + os=-seiux + ;; + sequent) + basic_machine=i386-sequent + ;; + sh) + basic_machine=sh-hitachi + os=-hms + ;; + sh5el) + basic_machine=sh5le-unknown + ;; + sh64) + basic_machine=sh64-unknown + ;; + sparclite-wrs | simso-wrs) + basic_machine=sparclite-wrs + os=-vxworks + ;; + sps7) + basic_machine=m68k-bull + os=-sysv2 + ;; + spur) + basic_machine=spur-unknown + ;; + st2000) + basic_machine=m68k-tandem + ;; + stratus) + basic_machine=i860-stratus + os=-sysv4 + ;; + sun2) + basic_machine=m68000-sun + ;; + sun2os3) + basic_machine=m68000-sun + os=-sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + os=-sunos4 + ;; + sun3os3) + basic_machine=m68k-sun + os=-sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + os=-sunos4 + ;; + sun4os3) + basic_machine=sparc-sun + os=-sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + os=-sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + os=-solaris2 + ;; + sun3 | sun3-*) + basic_machine=m68k-sun + ;; + sun4) + basic_machine=sparc-sun + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + ;; + sv1) + basic_machine=sv1-cray + os=-unicos + ;; + symmetry) + basic_machine=i386-sequent + os=-dynix + ;; + t3e) + basic_machine=alphaev5-cray + os=-unicos + ;; + t90) + basic_machine=t90-cray + os=-unicos + ;; + tic54x | c54x*) + basic_machine=tic54x-unknown + os=-coff + ;; + tic55x | c55x*) + basic_machine=tic55x-unknown + os=-coff + ;; + tic6x | c6x*) + basic_machine=tic6x-unknown + os=-coff + ;; + tx39) + basic_machine=mipstx39-unknown + ;; + tx39el) + basic_machine=mipstx39el-unknown + ;; + toad1) + basic_machine=pdp10-xkl + os=-tops20 + ;; + tower | tower-32) + basic_machine=m68k-ncr + ;; + tpf) + basic_machine=s390x-ibm + os=-tpf + ;; + udi29k) + basic_machine=a29k-amd + os=-udi + ;; + ultra3) + basic_machine=a29k-nyu + os=-sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + os=-none + ;; + vaxv) + basic_machine=vax-dec + os=-sysv + ;; + vms) + basic_machine=vax-dec + os=-vms + ;; + vpp*|vx|vx-*) + basic_machine=f301-fujitsu + ;; + vxworks960) + basic_machine=i960-wrs + os=-vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + os=-vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + os=-vxworks + ;; + w65*) + basic_machine=w65-wdc + os=-none + ;; + w89k-*) + basic_machine=hppa1.1-winbond + os=-proelf + ;; + xbox) + basic_machine=i686-pc + os=-mingw32 + ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; + ymp) + basic_machine=ymp-cray + os=-unicos + ;; + z8k-*-coff) + basic_machine=z8k-unknown + os=-sim + ;; + none) + basic_machine=none-none + os=-none + ;; + +# Here we handle the default manufacturer of certain CPU types. It is in +# some cases the only manufacturer, in others, it is the most popular. + w89k) + basic_machine=hppa1.1-winbond + ;; + op50n) + basic_machine=hppa1.1-oki + ;; + op60c) + basic_machine=hppa1.1-oki + ;; + romp) + basic_machine=romp-ibm + ;; + mmix) + basic_machine=mmix-knuth + ;; + rs6000) + basic_machine=rs6000-ibm + ;; + vax) + basic_machine=vax-dec + ;; + pdp10) + # there are many clones, so DEC is not a safe bet + basic_machine=pdp10-unknown + ;; + pdp11) + basic_machine=pdp11-dec + ;; + we32k) + basic_machine=we32k-att + ;; + sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) + basic_machine=sh-unknown + ;; + sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) + basic_machine=sparc-sun + ;; + cydra) + basic_machine=cydra-cydrome + ;; + orion) + basic_machine=orion-highlevel + ;; + orion105) + basic_machine=clipper-highlevel + ;; + mac | mpw | mac-mpw) + basic_machine=m68k-apple + ;; + pmac | pmac-mpw) + basic_machine=powerpc-apple + ;; + *-unknown) + # Make sure to match an already-canonicalized machine name. + ;; + *) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; +esac + +# Here we canonicalize certain aliases for manufacturers. +case $basic_machine in + *-digital*) + basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` + ;; + *-commodore*) + basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` + ;; + *) + ;; +esac + +# Decode manufacturer-specific aliases for certain operating systems. + +if [ x"$os" != x"" ] +then +case $os in + # First match some system type aliases + # that might get confused with valid system types. + # -solaris* is a basic system type, with this one exception. + -solaris1 | -solaris1.*) + os=`echo $os | sed -e 's|solaris1|sunos4|'` + ;; + -solaris) + os=-solaris2 + ;; + -svr4*) + os=-sysv4 + ;; + -unixware*) + os=-sysv4.2uw + ;; + -gnu/linux*) + os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` + ;; + # First accept the basic system types. + # The portable systems comes first. + # Each alternative MUST END IN A *, to match a version number. + # -sysv* is not here because it comes later, after sysvr4. + -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ + | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ + | -aos* \ + | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ + | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ + | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ + | -openbsd* | -solidbsd* \ + | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ + | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ + | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ + | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ + | -chorusos* | -chorusrdb* \ + | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ + | -uxpv* | -beos* | -mpeix* | -udk* \ + | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ + | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ + | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ + | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ + | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ + | -skyos* | -haiku* | -rdos* | -toppers* | -drops*) + # Remember, each alternative MUST END IN *, to match a version number. + ;; + -qnx*) + case $basic_machine in + x86-* | i*86-*) + ;; + *) + os=-nto$os + ;; + esac + ;; + -nto-qnx*) + ;; + -nto*) + os=`echo $os | sed -e 's|nto|nto-qnx|'` + ;; + -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ + | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) + ;; + -mac*) + os=`echo $os | sed -e 's|mac|macos|'` + ;; + -linux-dietlibc) + os=-linux-dietlibc + ;; + -linux*) + os=`echo $os | sed -e 's|linux|linux-gnu|'` + ;; + -sunos5*) + os=`echo $os | sed -e 's|sunos5|solaris2|'` + ;; + -sunos6*) + os=`echo $os | sed -e 's|sunos6|solaris3|'` + ;; + -opened*) + os=-openedition + ;; + -os400*) + os=-os400 + ;; + -wince*) + os=-wince + ;; + -osfrose*) + os=-osfrose + ;; + -osf*) + os=-osf + ;; + -utek*) + os=-bsd + ;; + -dynix*) + os=-bsd + ;; + -acis*) + os=-aos + ;; + -atheos*) + os=-atheos + ;; + -syllable*) + os=-syllable + ;; + -386bsd) + os=-bsd + ;; + -ctix* | -uts*) + os=-sysv + ;; + -nova*) + os=-rtmk-nova + ;; + -ns2 ) + os=-nextstep2 + ;; + -nsk*) + os=-nsk + ;; + # Preserve the version number of sinix5. + -sinix5.*) + os=`echo $os | sed -e 's|sinix|sysv|'` + ;; + -sinix*) + os=-sysv4 + ;; + -tpf*) + os=-tpf + ;; + -triton*) + os=-sysv3 + ;; + -oss*) + os=-sysv3 + ;; + -svr4) + os=-sysv4 + ;; + -svr3) + os=-sysv3 + ;; + -sysvr4) + os=-sysv4 + ;; + # This must come after -sysvr4. + -sysv*) + ;; + -ose*) + os=-ose + ;; + -es1800*) + os=-ose + ;; + -xenix) + os=-xenix + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + os=-mint + ;; + -aros*) + os=-aros + ;; + -kaos*) + os=-kaos + ;; + -zvmoe) + os=-zvmoe + ;; + -none) + ;; + *) + # Get rid of the `-' at the beginning of $os. + os=`echo $os | sed 's/[^-]*-//'` + echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 + exit 1 + ;; +esac +else + +# Here we handle the default operating systems that come with various machines. +# The value should be what the vendor currently ships out the door with their +# machine or put another way, the most popular os provided with the machine. + +# Note that if you're going to try to match "-MANUFACTURER" here (say, +# "-sun"), then you have to tell the case statement up towards the top +# that MANUFACTURER isn't an operating system. Otherwise, code above +# will signal an error saying that MANUFACTURER isn't an operating +# system, and we'll never get to this point. + +case $basic_machine in + score-*) + os=-elf + ;; + spu-*) + os=-elf + ;; + *-acorn) + os=-riscix1.2 + ;; + arm*-rebel) + os=-linux + ;; + arm*-semi) + os=-aout + ;; + c4x-* | tic4x-*) + os=-coff + ;; + # This must come before the *-dec entry. + pdp10-*) + os=-tops20 + ;; + pdp11-*) + os=-none + ;; + *-dec | vax-*) + os=-ultrix4.2 + ;; + m68*-apollo) + os=-domain + ;; + i386-sun) + os=-sunos4.0.2 + ;; + m68000-sun) + os=-sunos3 + # This also exists in the configure program, but was not the + # default. + # os=-sunos4 + ;; + m68*-cisco) + os=-aout + ;; + mep-*) + os=-elf + ;; + mips*-cisco) + os=-elf + ;; + mips*-*) + os=-elf + ;; + or32-*) + os=-coff + ;; + *-tti) # must be before sparc entry or we get the wrong os. + os=-sysv3 + ;; + sparc-* | *-sun) + os=-sunos4.1.1 + ;; + *-be) + os=-beos + ;; + *-haiku) + os=-haiku + ;; + *-ibm) + os=-aix + ;; + *-knuth) + os=-mmixware + ;; + *-wec) + os=-proelf + ;; + *-winbond) + os=-proelf + ;; + *-oki) + os=-proelf + ;; + *-hp) + os=-hpux + ;; + *-hitachi) + os=-hiux + ;; + i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) + os=-sysv + ;; + *-cbm) + os=-amigaos + ;; + *-dg) + os=-dgux + ;; + *-dolphin) + os=-sysv3 + ;; + m68k-ccur) + os=-rtu + ;; + m88k-omron*) + os=-luna + ;; + *-next ) + os=-nextstep + ;; + *-sequent) + os=-ptx + ;; + *-crds) + os=-unos + ;; + *-ns) + os=-genix + ;; + i370-*) + os=-mvs + ;; + *-next) + os=-nextstep3 + ;; + *-gould) + os=-sysv + ;; + *-highlevel) + os=-bsd + ;; + *-encore) + os=-bsd + ;; + *-sgi) + os=-irix + ;; + *-siemens) + os=-sysv4 + ;; + *-masscomp) + os=-rtu + ;; + f30[01]-fujitsu | f700-fujitsu) + os=-uxpv + ;; + *-rom68k) + os=-coff + ;; + *-*bug) + os=-coff + ;; + *-apple) + os=-macos + ;; + *-atari*) + os=-mint + ;; + *) + os=-none + ;; +esac +fi + +# Here we handle the case where we know the os, and the CPU type, but not the +# manufacturer. We pick the logical manufacturer. +vendor=unknown +case $basic_machine in + *-unknown) + case $os in + -riscix*) + vendor=acorn + ;; + -sunos*) + vendor=sun + ;; + -aix*) + vendor=ibm + ;; + -beos*) + vendor=be + ;; + -hpux*) + vendor=hp + ;; + -mpeix*) + vendor=hp + ;; + -hiux*) + vendor=hitachi + ;; + -unos*) + vendor=crds + ;; + -dgux*) + vendor=dg + ;; + -luna*) + vendor=omron + ;; + -genix*) + vendor=ns + ;; + -mvs* | -opened*) + vendor=ibm + ;; + -os400*) + vendor=ibm + ;; + -ptx*) + vendor=sequent + ;; + -tpf*) + vendor=ibm + ;; + -vxsim* | -vxworks* | -windiss*) + vendor=wrs + ;; + -aux*) + vendor=apple + ;; + -hms*) + vendor=hitachi + ;; + -mpw* | -macos*) + vendor=apple + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + vendor=atari + ;; + -vos*) + vendor=stratus + ;; + esac + basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` + ;; +esac + +echo $basic_machine$os +exit + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff -Naur dsniff-2.4.orig/configure dsniff-2.4/configure --- dsniff-2.4.orig/configure 2001-03-19 07:52:37.000000000 +0100 +++ dsniff-2.4/configure 2009-04-01 21:54:20.000000000 +0200 @@ -2667,15 +2667,62 @@ echo "$ac_t""no" 1>&6 fi +echo $ac_n "checking for __dn_expand in -lresolv""... $ac_c" 1>&6 +echo "configure:2672: checking for __dn_expand in -lresolv" >&5 +ac_lib_var=`echo resolv'_'__dn_expand | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lresolv $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo resolv | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + for ac_func in dirname strlcpy strlcat strsep do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2674: checking for $ac_func" >&5 +echo "configure:2721: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:2749: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2728,12 +2775,12 @@ for ac_func in MD5Update do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2732: checking for $ac_func" >&5 +echo "configure:2779: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:2807: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2788,12 +2835,12 @@ for ac_func in warnx do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2792: checking for $ac_func" >&5 +echo "configure:2839: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:2867: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2848,12 +2895,12 @@ for ac_func in ether_ntoa do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2852: checking for $ac_func" >&5 +echo "configure:2899: checking for $ac_func" >&5 if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:2927: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -2912,7 +2959,7 @@ fi echo $ac_n "checking for Berkeley DB with 1.85 compatibility""... $ac_c" 1>&6 -echo "configure:2916: checking for Berkeley DB with 1.85 compatibility" >&5 +echo "configure:2963: checking for Berkeley DB with 1.85 compatibility" >&5 # Check whether --with-db or --without-db was given. if test "${with_db+set}" = set; then withval="$with_db" @@ -3015,7 +3062,7 @@ echo $ac_n "checking for libpcap""... $ac_c" 1>&6 -echo "configure:3019: checking for libpcap" >&5 +echo "configure:3066: checking for libpcap" >&5 # Check whether --with-libpcap or --without-libpcap was given. if test "${with_libpcap+set}" = set; then withval="$with_libpcap" @@ -3063,7 +3110,7 @@ echo $ac_n "checking for libnet""... $ac_c" 1>&6 -echo "configure:3067: checking for libnet" >&5 +echo "configure:3114: checking for libnet" >&5 # Check whether --with-libnet or --without-libnet was given. if test "${with_libnet+set}" = set; then withval="$with_libnet" @@ -3110,7 +3157,7 @@ echo $ac_n "checking for libnids""... $ac_c" 1>&6 -echo "configure:3114: checking for libnids" >&5 +echo "configure:3161: checking for libnids" >&5 # Check whether --with-libnids or --without-libnids was given. if test "${with_libnids+set}" = set; then withval="$with_libnids" @@ -3152,9 +3199,9 @@ save_cppflags="$CPPFLAGS" CPPFLAGS="$NIDSINC" echo $ac_n "checking whether libnids version is good""... $ac_c" 1>&6 -echo "configure:3156: checking whether libnids version is good" >&5 +echo "configure:3203: checking whether libnids version is good" >&5 cat > conftest.$ac_ext < EOF @@ -3173,7 +3220,7 @@ echo $ac_n "checking for OpenSSL""... $ac_c" 1>&6 -echo "configure:3177: checking for OpenSSL" >&5 +echo "configure:3224: checking for OpenSSL" >&5 # Check whether --with-openssl or --without-openssl was given. if test "${with_openssl+set}" = set; then withval="$with_openssl" diff -Naur dsniff-2.4.orig/configure.in dsniff-2.4/configure.in --- dsniff-2.4.orig/configure.in 2000-12-20 17:31:21.000000000 +0100 +++ dsniff-2.4/configure.in 2009-04-01 21:54:20.000000000 +0200 @@ -57,6 +57,7 @@ AC_CHECK_LIB(nsl, gethostbyname) dnl XXX - feh, everything except OpenBSD sux. AC_CHECK_LIB(resolv, dn_expand) +AC_CHECK_LIB(resolv, __dn_expand) AC_REPLACE_FUNCS(dirname strlcpy strlcat strsep) needmd5=no AC_CHECK_FUNCS(MD5Update, , [needmd5=yes]) diff -Naur dsniff-2.4.orig/decode.c dsniff-2.4/decode.c --- dsniff-2.4.orig/decode.c 2001-03-15 09:32:59.000000000 +0100 +++ dsniff-2.4/decode.c 2009-04-01 21:54:20.000000000 +0200 @@ -63,7 +63,8 @@ { "http", decode_http }, { "ospf", decode_ospf }, { "poppass", decode_poppass }, - { "pop", decode_pop }, + { "pop2", decode_pop }, + { "pop3", decode_pop }, { "nntp", decode_nntp }, { "smb", decode_smb }, { "imap", decode_imap }, diff -Naur dsniff-2.4.orig/decode_aim.c dsniff-2.4/decode_aim.c --- dsniff-2.4.orig/decode_aim.c 2001-03-15 09:32:59.000000000 +0100 +++ dsniff-2.4/decode_aim.c 2009-04-01 21:54:20.000000000 +0200 @@ -14,6 +14,7 @@ #include #include +#include #include "hex.h" #include "buf.h" diff -Naur dsniff-2.4.orig/decode_mmxp.c dsniff-2.4/decode_mmxp.c --- dsniff-2.4.orig/decode_mmxp.c 2001-03-15 09:33:01.000000000 +0100 +++ dsniff-2.4/decode_mmxp.c 2009-04-01 21:54:20.000000000 +0200 @@ -21,6 +21,7 @@ #include #include +#include #include "buf.h" #include "decode.h" diff -Naur dsniff-2.4.orig/decode_nntp.c dsniff-2.4/decode_nntp.c --- dsniff-2.4.orig/decode_nntp.c 2001-03-15 09:33:01.000000000 +0100 +++ dsniff-2.4/decode_nntp.c 2009-04-01 21:54:20.000000000 +0200 @@ -15,6 +15,7 @@ #include #include +#include #include "base64.h" #include "decode.h" diff -Naur dsniff-2.4.orig/decode_pop.c dsniff-2.4/decode_pop.c --- dsniff-2.4.orig/decode_pop.c 2001-03-15 09:33:02.000000000 +0100 +++ dsniff-2.4/decode_pop.c 2009-04-01 21:54:20.000000000 +0200 @@ -14,6 +14,7 @@ #include #include +#include #include "base64.h" #include "options.h" diff -Naur dsniff-2.4.orig/decode_pptp.c dsniff-2.4/decode_pptp.c --- dsniff-2.4.orig/decode_pptp.c 2001-03-15 09:33:02.000000000 +0100 +++ dsniff-2.4/decode_pptp.c 2009-04-01 21:54:20.000000000 +0200 @@ -16,6 +16,7 @@ #include #include +#include #include "buf.h" #include "decode.h" diff -Naur dsniff-2.4.orig/decode_rlogin.c dsniff-2.4/decode_rlogin.c --- dsniff-2.4.orig/decode_rlogin.c 2001-03-15 09:33:02.000000000 +0100 +++ dsniff-2.4/decode_rlogin.c 2009-04-01 21:54:20.000000000 +0200 @@ -14,6 +14,8 @@ #include #include +#include +#include #include "options.h" #include "decode.h" diff -Naur dsniff-2.4.orig/decode_smb.c dsniff-2.4/decode_smb.c --- dsniff-2.4.orig/decode_smb.c 2001-03-15 09:33:02.000000000 +0100 +++ dsniff-2.4/decode_smb.c 2009-04-01 21:54:20.000000000 +0200 @@ -15,6 +15,7 @@ #include #include +#include #include "decode.h" diff -Naur dsniff-2.4.orig/decode_smtp.c dsniff-2.4/decode_smtp.c --- dsniff-2.4.orig/decode_smtp.c 2001-03-15 09:33:02.000000000 +0100 +++ dsniff-2.4/decode_smtp.c 2009-04-01 21:54:20.000000000 +0200 @@ -14,6 +14,7 @@ #include #include +#include #include "base64.h" #include "options.h" diff -Naur dsniff-2.4.orig/decode_sniffer.c dsniff-2.4/decode_sniffer.c --- dsniff-2.4.orig/decode_sniffer.c 2001-03-15 09:33:02.000000000 +0100 +++ dsniff-2.4/decode_sniffer.c 2009-04-01 21:54:20.000000000 +0200 @@ -15,6 +15,8 @@ #include #include +#include +#include #include "base64.h" #include "decode.h" diff -Naur dsniff-2.4.orig/decode_socks.c dsniff-2.4/decode_socks.c --- dsniff-2.4.orig/decode_socks.c 2001-03-15 09:33:02.000000000 +0100 +++ dsniff-2.4/decode_socks.c 2009-04-01 21:54:20.000000000 +0200 @@ -14,6 +14,7 @@ #include #include +#include #include "decode.h" diff -Naur dsniff-2.4.orig/decode_tds.c dsniff-2.4/decode_tds.c --- dsniff-2.4.orig/decode_tds.c 2001-03-15 09:33:02.000000000 +0100 +++ dsniff-2.4/decode_tds.c 2009-04-01 21:54:20.000000000 +0200 @@ -18,6 +18,8 @@ #include #include +#include +#include #include "decode.h" diff -Naur dsniff-2.4.orig/decode_telnet.c dsniff-2.4/decode_telnet.c --- dsniff-2.4.orig/decode_telnet.c 2001-03-15 09:33:03.000000000 +0100 +++ dsniff-2.4/decode_telnet.c 2009-04-01 21:54:20.000000000 +0200 @@ -14,6 +14,7 @@ #include #include +#include #include "options.h" #include "decode.h" diff -Naur dsniff-2.4.orig/decode_vrrp.c dsniff-2.4/decode_vrrp.c --- dsniff-2.4.orig/decode_vrrp.c 2001-03-15 09:33:03.000000000 +0100 +++ dsniff-2.4/decode_vrrp.c 2009-04-01 21:54:20.000000000 +0200 @@ -15,6 +15,7 @@ #include #include +#include #include "buf.h" #include "decode.h" diff -Naur dsniff-2.4.orig/decode_x11.c dsniff-2.4/decode_x11.c --- dsniff-2.4.orig/decode_x11.c 2001-03-15 09:33:03.000000000 +0100 +++ dsniff-2.4/decode_x11.c 2009-04-01 21:54:20.000000000 +0200 @@ -14,6 +14,8 @@ #include #include +#include +#include #include "decode.h" diff -Naur dsniff-2.4.orig/dnsspoof.8 dsniff-2.4/dnsspoof.8 --- dsniff-2.4.orig/dnsspoof.8 2000-11-14 16:51:07.000000000 +0100 +++ dsniff-2.4/dnsspoof.8 2009-04-01 21:54:20.000000000 +0200 @@ -31,7 +31,7 @@ address queries on the LAN with an answer of the local machine's IP address. .SH FILES -.IP \fI/usr/local/lib/dnsspoof.hosts\fR +.IP \fI/usr/lib/dsniff/dnsspoof.hosts\fR Sample hosts file. .SH "SEE ALSO" dsniff(8), hosts(5) diff -Naur dsniff-2.4.orig/dnsspoof.c dsniff-2.4/dnsspoof.c --- dsniff-2.4.orig/dnsspoof.c 2001-03-15 09:33:03.000000000 +0100 +++ dsniff-2.4/dnsspoof.c 2009-04-01 21:54:20.000000000 +0200 @@ -20,6 +20,7 @@ #include #include #include +#include #include #include #include @@ -38,7 +39,7 @@ pcap_t *pcap_pd = NULL; int pcap_off = -1; -int lnet_sock = -1; +libnet_t *l; u_long lnet_ip = -1; static void @@ -90,19 +91,18 @@ dns_init(char *dev, char *filename) { FILE *f; - struct libnet_link_int *llif; + libnet_t *l; + char libnet_ebuf[LIBNET_ERRBUF_SIZE]; struct dnsent *de; char *ip, *name, buf[1024]; - if ((llif = libnet_open_link_interface(dev, buf)) == NULL) - errx(1, "%s", buf); + if ((l = libnet_init(LIBNET_LINK, dev, libnet_ebuf)) == NULL) + errx(1, "%s", libnet_ebuf); - if ((lnet_ip = libnet_get_ipaddr(llif, dev, buf)) == -1) - errx(1, "%s", buf); + if ((lnet_ip = libnet_get_ipaddr4(l)) == -1) + errx(1, "%s", libnet_geterror(l)); - lnet_ip = htonl(lnet_ip); - - libnet_close_link_interface(llif); + libnet_destroy(l); SLIST_INIT(&dns_entries); @@ -180,7 +180,7 @@ static void dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, const u_char *pkt) { - struct libnet_ip_hdr *ip; + struct libnet_ipv4_hdr *ip; struct libnet_udp_hdr *udp; HEADER *dns; char name[MAXHOSTNAMELEN]; @@ -189,7 +189,7 @@ in_addr_t dst; u_short type, class; - ip = (struct libnet_ip_hdr *)(pkt + pcap_off); + ip = (struct libnet_ipv4_hdr *)(pkt + pcap_off); udp = (struct libnet_udp_hdr *)(pkt + pcap_off + (ip->ip_hl * 4)); dns = (HEADER *)(udp + 1); p = (u_char *)(dns + 1); @@ -212,7 +212,7 @@ if (class != C_IN) return; - p = buf + IP_H + UDP_H + dnslen; + p = buf + dnslen; if (type == T_A) { if ((dst = dns_lookup_a(name)) == -1) @@ -234,38 +234,38 @@ anslen += 12; } else return; - - libnet_build_ip(UDP_H + dnslen + anslen, 0, libnet_get_prand(PRu16), - 0, 64, IPPROTO_UDP, ip->ip_dst.s_addr, - ip->ip_src.s_addr, NULL, 0, buf); - - libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), - NULL, dnslen + anslen, buf + IP_H); - memcpy(buf + IP_H + UDP_H, (u_char *)dns, dnslen); + memcpy(buf, (u_char *)dns, dnslen); - dns = (HEADER *)(buf + IP_H + UDP_H); + dns = (HEADER *)buf; dns->qr = dns->ra = 1; if (type == T_PTR) dns->aa = 1; dns->ancount = htons(1); dnslen += anslen; + + libnet_clear_packet(l); + libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport), + LIBNET_UDP_H + dnslen, 0, + (u_int8_t *)buf, dnslen, l, 0); + + libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_UDP_H + dnslen, 0, + libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_UDP, 0, + ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, l, 0); - libnet_do_checksum(buf, IPPROTO_UDP, UDP_H + dnslen); - - if (libnet_write_ip(lnet_sock, buf, IP_H + UDP_H + dnslen) < 0) + if (libnet_write(l) < 0) warn("write"); fprintf(stderr, "%s.%d > %s.%d: %d+ %s? %s\n", - libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), - libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), + libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport), + libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport), ntohs(dns->id), type == T_A ? "A" : "PTR", name); } static void cleanup(int sig) { - libnet_close_raw_sock(lnet_sock); + libnet_destroy(l); pcap_close(pcap_pd); exit(0); } @@ -276,6 +276,7 @@ extern char *optarg; extern int optind; char *p, *dev, *hosts, buf[1024]; + char ebuf[LIBNET_ERRBUF_SIZE]; int i; dev = hosts = NULL; @@ -306,7 +307,7 @@ strlcpy(buf, p, sizeof(buf)); } else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s", - libnet_host_lookup(lnet_ip, 0)); + libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE)); if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL) errx(1, "couldn't initialize sniffing"); @@ -314,10 +315,10 @@ if ((pcap_off = pcap_dloff(pcap_pd)) < 0) errx(1, "couldn't determine link layer offset"); - if ((lnet_sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) + if ((l = libnet_init(LIBNET_RAW4, dev, ebuf)) == NULL) errx(1, "couldn't initialize sending"); - libnet_seed_prand(); + libnet_seed_prand(l); signal(SIGHUP, cleanup); signal(SIGINT, cleanup); diff -Naur dsniff-2.4.orig/dsniff.8 dsniff-2.4/dsniff.8 --- dsniff-2.4.orig/dsniff.8 2000-12-15 17:05:36.000000000 +0100 +++ dsniff-2.4/dsniff.8 2009-04-01 21:54:20.000000000 +0200 @@ -10,7 +10,7 @@ .nf .fi \fBdsniff\fR [\fB-c\fR] [\fB-d\fR] [\fB-m\fR] [\fB-n\fR] [\fB-i -\fIinterface\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] +\fIinterface\fR | \fB-p \fIpcapfile\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR] [\fB-t \fItrigger[,...]\fR]] [\fB-r\fR|\fB-w\fR \fIsavefile\fR] [\fIexpression\fR] .SH DESCRIPTION @@ -45,6 +45,9 @@ Do not resolve IP addresses to hostnames. .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. +.IP "\fB-p \fIpcapfile\fR" +Rather than processing the contents of packets observed upon the network +process the given PCAP capture file. .IP "\fB-s \fIsnaplen\fR" Analyze at most the first \fIsnaplen\fR bytes of each TCP connection, rather than the default of 1024. @@ -65,9 +68,9 @@ On a hangup signal \fBdsniff\fR will dump its current trigger table to \fIdsniff.services\fR. .SH FILES -.IP \fI/usr/local/lib/dsniff.services\fR +.IP \fI/usr/lib/dsniff/dsniff.services\fR Default trigger table -.IP \fI/usr/local/lib/dsniff.magic\fR +.IP \fI/usr/lib/dsniff/dsniff.magic\fR Network protocol magic .SH "SEE ALSO" arpspoof(8), libnids(3), services(5), magic(5) diff -Naur dsniff-2.4.orig/dsniff.c dsniff-2.4/dsniff.c --- dsniff-2.4.orig/dsniff.c 2001-03-15 09:33:03.000000000 +0100 +++ dsniff-2.4/dsniff.c 2009-04-01 21:54:20.000000000 +0200 @@ -46,8 +46,9 @@ usage(void) { fprintf(stderr, "Version: " VERSION "\n" - "Usage: dsniff [-cdmn] [-i interface] [-s snaplen] [-f services]\n" - " [-t trigger[,...]] [-r|-w savefile] [expression]\n"); + "Usage: dsniff [-cdmn] [-i interface | -p pcapfile] [-s snaplen]\n" + " [-f services] [-t trigger[,...]] [-r|-w savefile]\n" + " [expression]\n"); exit(1); } @@ -69,6 +70,80 @@ { } + +static int get_all_ifaces(struct ifreq **, int *); +static unsigned int get_addr_from_ifreq(struct ifreq *); + +int all_local_ipaddrs_chksum_disable() +{ + struct ifreq *ifaces; + int ifaces_count; + int i, ind = 0; + struct nids_chksum_ctl *ctlp; + unsigned int tmp; + + if (!get_all_ifaces(&ifaces, &ifaces_count)) + return -1; + ctlp = + (struct nids_chksum_ctl *) malloc(ifaces_count * + sizeof(struct + nids_chksum_ctl)); + if (!ctlp) + return -1; + for (i = 0; i < ifaces_count; i++) { + tmp = get_addr_from_ifreq(ifaces + i); + if (tmp) { + ctlp[ind].netaddr = tmp; + ctlp[ind].mask = inet_addr("255.255.255.255"); + ctlp[ind].action = NIDS_DONT_CHKSUM; + ind++; + } + } + free(ifaces); + nids_register_chksum_ctl(ctlp, ind); +} + +/* helper functions for Example 2 */ +unsigned int get_addr_from_ifreq(struct ifreq *iface) +{ + if (iface->ifr_addr.sa_family == AF_INET) + return ((struct sockaddr_in *) &(iface->ifr_addr))-> + sin_addr.s_addr; + return 0; +} + +static int get_all_ifaces(struct ifreq **ifaces, int *count) +{ + int ifaces_size = 8 * sizeof(struct ifreq); + struct ifconf param; + int sock; + unsigned int i; + + *ifaces = malloc(ifaces_size); + sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); + if (sock <= 0) + return 0; + for (;;) { + param.ifc_len = ifaces_size; + param.ifc_req = *ifaces; + if (ioctl(sock, SIOCGIFCONF, ¶m)) + goto err; + if (param.ifc_len < ifaces_size) + break; + free(*ifaces); + ifaces_size *= 2; + ifaces = malloc(ifaces_size); + } + *count = param.ifc_len / sizeof(struct ifreq); + close(sock); + return 1; + err: + close(sock); + return 0; +} + + + int main(int argc, char *argv[]) { @@ -79,7 +154,7 @@ services = savefile = triggers = NULL; - while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) { + while ((c = getopt(argc, argv, "cdf:i:mnp:r:s:t:w:h?V")) != -1) { switch (c) { case 'c': Opt_client = 1; @@ -99,6 +174,9 @@ case 'n': Opt_dns = 0; break; + case 'p': + nids_params.filename = optarg; + break; case 'r': Opt_read = 1; savefile = optarg; @@ -168,10 +246,25 @@ else nids_register_tcp(trigger_tcp); if (nids_params.pcap_filter != NULL) { - warnx("listening on %s [%s]", nids_params.device, - nids_params.pcap_filter); + if (nids_params.filename == NULL) { + warnx("listening on %s [%s]", nids_params.device, + nids_params.pcap_filter); + } + else { + warnx("using %s [%s]", nids_params.filename, + nids_params.pcap_filter); + } } - else warnx("listening on %s", nids_params.device); + else { + if (nids_params.filename == NULL) { + warnx("listening on %s", nids_params.device); + } + else { + warnx("using %s", nids_params.filename); + } + } + + all_local_ipaddrs_chksum_disable(); nids_run(); diff -Naur dsniff-2.4.orig/dsniff.services dsniff-2.4/dsniff.services --- dsniff-2.4.orig/dsniff.services 2000-12-15 21:10:58.000000000 +0100 +++ dsniff-2.4/dsniff.services 2009-04-01 21:54:20.000000000 +0200 @@ -10,8 +10,8 @@ ospf 89/ip http 98/tcp poppass 106/tcp -pop 109/tcp -pop 110/tcp +pop2 109/tcp +pop3 110/tcp portmap 111/tcp portmap -111/tcp portmap 111/udp diff -Naur dsniff-2.4.orig/filesnarf.8 dsniff-2.4/filesnarf.8 --- dsniff-2.4.orig/filesnarf.8 2000-11-19 07:23:33.000000000 +0100 +++ dsniff-2.4/filesnarf.8 2009-04-01 21:54:20.000000000 +0200 @@ -9,7 +9,7 @@ .na .nf .fi -\fBfilesnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] +\fBfilesnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi @@ -18,6 +18,8 @@ .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. +.IP "\fB-p \fIpcapfile\fR" +Process packets from the specified PCAP capture file instead of the network. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching files. diff -Naur dsniff-2.4.orig/filesnarf.c dsniff-2.4/filesnarf.c --- dsniff-2.4.orig/filesnarf.c 2001-03-15 09:33:03.000000000 +0100 +++ dsniff-2.4/filesnarf.c 2009-04-01 21:54:20.000000000 +0200 @@ -51,7 +51,7 @@ usage(void) { fprintf(stderr, "Version: " VERSION "\n" - "Usage: filesnarf [-i interface] [[-v] pattern [expression]]\n"); + "Usage: filesnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); exit(1); } @@ -134,8 +134,8 @@ int fd; warnx("%s.%d > %s.%d: %s (%d@%d)", - libnet_host_lookup(addr->daddr, 0), addr->dest, - libnet_host_lookup(addr->saddr, 0), addr->source, + libnet_addr2name4(addr->daddr, LIBNET_DONT_RESOLVE), addr->dest, + libnet_addr2name4(addr->saddr, LIBNET_DONT_RESOLVE), addr->source, ma->filename, len, ma->offset); if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) { @@ -353,7 +353,7 @@ } static void -decode_udp_nfs(struct libnet_ip_hdr *ip) +decode_udp_nfs(struct libnet_ipv4_hdr *ip) { static struct tuple4 addr; struct libnet_udp_hdr *udp; @@ -464,11 +464,14 @@ extern int optind; int c; - while ((c = getopt(argc, argv, "i:vh?V")) != -1) { + while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; + case 'p': + nids_params.filename = optarg; + break; case 'v': Opt_invert = 1; break; @@ -498,11 +501,24 @@ nids_register_ip(decode_udp_nfs); nids_register_tcp(decode_tcp_nfs); - if (nids_params.pcap_filter != NULL) { - warnx("listening on %s [%s]", nids_params.device, - nids_params.pcap_filter); - } - else warnx("listening on %s", nids_params.device); + if (nids_params.pcap_filter != NULL) { + if (nids_params.filename == NULL) { + warnx("listening on %s [%s]", nids_params.device, + nids_params.pcap_filter); + } + else { + warnx("using %s [%s]", nids_params.filename, + nids_params.pcap_filter); + } + } + else { + if (nids_params.filename == NULL) { + warnx("listening on %s", nids_params.device); + } + else { + warnx("using %s", nids_params.filename); + } + } nids_run(); diff -Naur dsniff-2.4.orig/macof.c dsniff-2.4/macof.c --- dsniff-2.4.orig/macof.c 2001-03-15 09:33:04.000000000 +0100 +++ dsniff-2.4/macof.c 2009-04-01 21:54:20.000000000 +0200 @@ -48,8 +48,8 @@ static void gen_mac(u_char *mac) { - *((in_addr_t *)mac) = libnet_get_prand(PRu32); - *((u_short *)(mac + 4)) = libnet_get_prand(PRu16); + *((in_addr_t *)mac) = libnet_get_prand(LIBNET_PRu32); + *((u_short *)(mac + 4)) = libnet_get_prand(LIBNET_PRu16); } int @@ -59,22 +59,23 @@ extern int optind; int c, i; struct libnet_link_int *llif; - char ebuf[PCAP_ERRBUF_SIZE]; + char pcap_ebuf[PCAP_ERRBUF_SIZE]; + char libnet_ebuf[LIBNET_ERRBUF_SIZE]; u_char sha[ETHER_ADDR_LEN], tha[ETHER_ADDR_LEN]; in_addr_t src, dst; u_short sport, dport; u_int32_t seq; - u_char pkt[ETH_H + IP_H + TCP_H]; + libnet_t *l; while ((c = getopt(argc, argv, "vs:d:e:x:y:i:n:h?V")) != -1) { switch (c) { case 'v': break; case 's': - Src = libnet_name_resolve(optarg, 0); + Src = libnet_name2addr4(l, optarg, 0); break; case 'd': - Dst = libnet_name_resolve(optarg, 0); + Dst = libnet_name2addr4(l, optarg, 0); break; case 'e': Tha = (u_char *)ether_aton(optarg); @@ -101,13 +102,13 @@ if (argc != 0) usage(); - if (!Intf && (Intf = pcap_lookupdev(ebuf)) == NULL) - errx(1, "%s", ebuf); + if (!Intf && (Intf = pcap_lookupdev(pcap_ebuf)) == NULL) + errx(1, "%s", pcap_ebuf); - if ((llif = libnet_open_link_interface(Intf, ebuf)) == 0) - errx(1, "%s", ebuf); + if ((l = libnet_init(LIBNET_LINK, Intf, libnet_ebuf)) == NULL) + errx(1, "%s", libnet_ebuf); - libnet_seed_prand(); + libnet_seed_prand(l); for (i = 0; i != Repeat; i++) { @@ -117,39 +118,39 @@ else memcpy(tha, Tha, sizeof(tha)); if (Src != 0) src = Src; - else src = libnet_get_prand(PRu32); + else src = libnet_get_prand(LIBNET_PRu32); if (Dst != 0) dst = Dst; - else dst = libnet_get_prand(PRu32); + else dst = libnet_get_prand(LIBNET_PRu32); if (Sport != 0) sport = Sport; - else sport = libnet_get_prand(PRu16); + else sport = libnet_get_prand(LIBNET_PRu16); if (Dport != 0) dport = Dport; - else dport = libnet_get_prand(PRu16); + else dport = libnet_get_prand(LIBNET_PRu16); - seq = libnet_get_prand(PRu32); - - libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, pkt); - - libnet_build_ip(TCP_H, 0, libnet_get_prand(PRu16), 0, 64, - IPPROTO_TCP, src, dst, NULL, 0, pkt + ETH_H); + seq = libnet_get_prand(LIBNET_PRu32); libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512, - 0, NULL, 0, pkt + ETH_H + IP_H); + 0, 0, LIBNET_TCP_H, NULL, 0, l, 0); - libnet_do_checksum(pkt + ETH_H, IPPROTO_IP, IP_H); - libnet_do_checksum(pkt + ETH_H, IPPROTO_TCP, TCP_H); + libnet_build_ipv4(LIBNET_TCP_H, 0, + libnet_get_prand(LIBNET_PRu16), 0, 64, + IPPROTO_TCP, 0, src, dst, NULL, 0, l, 0); - if (libnet_write_link_layer(llif, Intf, pkt, sizeof(pkt)) < 0) + libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, l, 0); + + if (libnet_write(l) < 0) errx(1, "write"); + libnet_clear_packet(l); + fprintf(stderr, "%s ", ether_ntoa((struct ether_addr *)sha)); fprintf(stderr, "%s %s.%d > %s.%d: S %u:%u(0) win 512\n", ether_ntoa((struct ether_addr *)tha), - libnet_host_lookup(Src, 0), sport, - libnet_host_lookup(Dst, 0), dport, seq, seq); + libnet_addr2name4(Src, 0), sport, + libnet_addr2name4(Dst, 0), dport, seq, seq); } exit(0); } diff -Naur dsniff-2.4.orig/magic.c dsniff-2.4/magic.c --- dsniff-2.4.orig/magic.c 2001-03-15 09:33:04.000000000 +0100 +++ dsniff-2.4/magic.c 2009-04-01 21:54:20.000000000 +0200 @@ -36,6 +36,7 @@ #include #include #include +#include #include #include #include diff -Naur dsniff-2.4.orig/mailsnarf.8 dsniff-2.4/mailsnarf.8 --- dsniff-2.4.orig/mailsnarf.8 2000-11-19 07:09:28.000000000 +0100 +++ dsniff-2.4/mailsnarf.8 2009-04-01 21:54:20.000000000 +0200 @@ -9,7 +9,7 @@ .na .nf .fi -\fBmailsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] +\fBmailsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi @@ -19,6 +19,8 @@ .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. +.IP "\fB-p \fIpcapfile\fR" +Process packets from the specified PCAP capture file instead of the network. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching messages. diff -Naur dsniff-2.4.orig/mailsnarf.c dsniff-2.4/mailsnarf.c --- dsniff-2.4.orig/mailsnarf.c 2001-03-15 09:33:04.000000000 +0100 +++ dsniff-2.4/mailsnarf.c 2009-04-01 21:54:20.000000000 +0200 @@ -59,7 +59,7 @@ usage(void) { fprintf(stderr, "Version: " VERSION "\n" - "Usage: mailsnarf [-i interface] [[-v] pattern [expression]]\n"); + "Usage: mailsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); exit(1); } @@ -178,7 +178,7 @@ if (smtp->state != SMTP_DATA) { while ((i = buf_index(&buf, "\r\n", 2)) >= 0) { line = buf_tok(&buf, NULL, i + 2); - line->base[line->end] = '\0'; + line->base[line->end-1] = '\0'; p = buf_ptr(line); if (strncasecmp(p, "RSET", 4) == 0) { @@ -344,11 +344,14 @@ extern int optind; int c; - while ((c = getopt(argc, argv, "i:vh?V")) != -1) { + while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; + case 'p': + nids_params.filename = optarg; + break; case 'v': Opt_invert = 1; break; @@ -378,10 +381,23 @@ nids_register_tcp(sniff_pop_session); if (nids_params.pcap_filter != NULL) { - warnx("listening on %s [%s]", nids_params.device, - nids_params.pcap_filter); - } - else warnx("listening on %s", nids_params.device); + if (nids_params.filename == NULL) { + warnx("listening on %s [%s]", nids_params.device, + nids_params.pcap_filter); + } + else { + warnx("using %s [%s]", nids_params.filename, + nids_params.pcap_filter); + } + } + else { + if (nids_params.filename == NULL) { + warnx("listening on %s", nids_params.device); + } + else { + warnx("using %s", nids_params.filename); + } + } nids_run(); diff -Naur dsniff-2.4.orig/missing/strlcat.h dsniff-2.4/missing/strlcat.h --- dsniff-2.4.orig/missing/strlcat.h 1970-01-01 01:00:00.000000000 +0100 +++ dsniff-2.4/missing/strlcat.h 2009-04-01 21:54:20.000000000 +0200 @@ -0,0 +1 @@ +size_t strlcat(char *dst, const char *src, size_t siz); diff -Naur dsniff-2.4.orig/missing/strlcpy.h dsniff-2.4/missing/strlcpy.h --- dsniff-2.4.orig/missing/strlcpy.h 1970-01-01 01:00:00.000000000 +0100 +++ dsniff-2.4/missing/strlcpy.h 2009-04-01 21:54:20.000000000 +0200 @@ -0,0 +1 @@ +size_t strlcpy(char *dst, const char *src, size_t siz); diff -Naur dsniff-2.4.orig/msgsnarf.8 dsniff-2.4/msgsnarf.8 --- dsniff-2.4.orig/msgsnarf.8 2000-11-19 07:10:50.000000000 +0100 +++ dsniff-2.4/msgsnarf.8 2009-04-01 21:54:20.000000000 +0200 @@ -9,7 +9,7 @@ .na .nf .fi -\fBmsgsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] +\fBmsgsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi @@ -19,6 +19,8 @@ .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. +.IP "\fB-p \fIpcapfile\fR" +Process packets from the specified PCAP capture file instead of the network. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching messages. diff -Naur dsniff-2.4.orig/msgsnarf.c dsniff-2.4/msgsnarf.c --- dsniff-2.4.orig/msgsnarf.c 2001-03-15 09:33:04.000000000 +0100 +++ dsniff-2.4/msgsnarf.c 2009-04-01 21:54:20.000000000 +0200 @@ -23,6 +23,7 @@ #include #include #include +#include #include "buf.h" #include "decode.h" @@ -44,7 +45,7 @@ usage(void) { fprintf(stderr, "Version: " VERSION "\n" - "Usage: msgsnarf [-i interface] [[-v] pattern [expression]]\n"); + "Usage: msgsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); exit(1); } @@ -632,11 +633,14 @@ extern int optind; int c; - while ((c = getopt(argc, argv, "i:hv?V")) != -1) { + while ((c = getopt(argc, argv, "i:p:hv?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; + case 'p': + nids_params.filename = optarg; + break; case 'v': Opt_invert = 1; break; @@ -665,11 +669,24 @@ nids_register_tcp(sniff_msgs); - if (nids_params.pcap_filter != NULL) { - warnx("listening on %s [%s]", nids_params.device, - nids_params.pcap_filter); - } - else warnx("listening on %s", nids_params.device); + if (nids_params.pcap_filter != NULL) { + if (nids_params.filename == NULL) { + warnx("listening on %s [%s]", nids_params.device, + nids_params.pcap_filter); + } + else { + warnx("using %s [%s]", nids_params.filename, + nids_params.pcap_filter); + } + } + else { + if (nids_params.filename == NULL) { + warnx("listening on %s", nids_params.device); + } + else { + warnx("using %s", nids_params.filename); + } + } nids_run(); diff -Naur dsniff-2.4.orig/pathnames.h dsniff-2.4/pathnames.h --- dsniff-2.4.orig/pathnames.h 2001-03-15 09:33:06.000000000 +0100 +++ dsniff-2.4/pathnames.h 2009-04-01 21:54:20.000000000 +0200 @@ -12,7 +12,7 @@ #define PATHNAMES_H #ifndef DSNIFF_LIBDIR -#define DSNIFF_LIBDIR "/usr/local/lib/" +#define DSNIFF_LIBDIR "/usr/lib/dsniff/" #endif #define DSNIFF_SERVICES "dsniff.services" diff -Naur dsniff-2.4.orig/record.c dsniff-2.4/record.c --- dsniff-2.4.orig/record.c 2001-03-15 09:33:04.000000000 +0100 +++ dsniff-2.4/record.c 2009-04-01 21:54:20.000000000 +0200 @@ -65,8 +65,8 @@ tm = localtime(&rec->time); strftime(tstr, sizeof(tstr), "%x %X", tm); - srcp = libnet_host_lookup(rec->src, Opt_dns); - dstp = libnet_host_lookup(rec->dst, Opt_dns); + srcp = libnet_addr2name4(rec->src, Opt_dns); + dstp = libnet_addr2name4(rec->dst, Opt_dns); if ((pr = getprotobynumber(rec->proto)) == NULL) protop = "unknown"; diff -Naur dsniff-2.4.orig/ssh.c dsniff-2.4/ssh.c --- dsniff-2.4.orig/ssh.c 2001-03-15 09:33:04.000000000 +0100 +++ dsniff-2.4/ssh.c 2009-04-01 21:54:20.000000000 +0200 @@ -16,12 +16,14 @@ #include #include #include +#include #include #include #include #include #include +#include #include #include "hex.h" diff -Naur dsniff-2.4.orig/sshcrypto.c dsniff-2.4/sshcrypto.c --- dsniff-2.4.orig/sshcrypto.c 2001-03-15 09:33:04.000000000 +0100 +++ dsniff-2.4/sshcrypto.c 2009-04-01 21:54:20.000000000 +0200 @@ -14,6 +14,8 @@ #include #include +#include +#include #include #include diff -Naur dsniff-2.4.orig/sshmitm.c dsniff-2.4/sshmitm.c --- dsniff-2.4.orig/sshmitm.c 2001-03-15 09:33:04.000000000 +0100 +++ dsniff-2.4/sshmitm.c 2009-04-01 21:54:20.000000000 +0200 @@ -24,6 +24,7 @@ #include #include #include +#include #include "buf.h" #include "record.h" @@ -389,7 +390,7 @@ if (argc < 1) usage(); - if ((ip = libnet_name_resolve(argv[0], 1)) == -1) + if ((ip = libnet_name2addr4(NULL, argv[0], LIBNET_RESOLVE)) == -1) usage(); if (argc == 2 && (rport = atoi(argv[1])) == 0) diff -Naur dsniff-2.4.orig/sshow.8 dsniff-2.4/sshow.8 --- dsniff-2.4.orig/sshow.8 2001-03-17 06:37:47.000000000 +0100 +++ dsniff-2.4/sshow.8 2009-04-01 21:54:20.000000000 +0200 @@ -9,7 +9,7 @@ .na .nf .fi -\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR] [\fIexpression\fR] +\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [\fIexpression\fR] .SH DESCRIPTION .ad .fi @@ -28,6 +28,8 @@ Enable verbose debugging output. .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. +.IP "\fB-p \fIpcapfile\fR" +Process packets from the specified PCAP capture file instead of the network. .IP "\fIexpression\fR" Specify a tcpdump(8) filter expression to select traffic to sniff. .SH "SEE ALSO" diff -Naur dsniff-2.4.orig/sshow.c dsniff-2.4/sshow.c --- dsniff-2.4.orig/sshow.c 2001-03-19 07:52:15.000000000 +0100 +++ dsniff-2.4/sshow.c 2009-04-01 21:54:20.000000000 +0200 @@ -15,6 +15,7 @@ #include #include +#include #include #include @@ -81,7 +82,7 @@ static void usage(void) { - fprintf(stderr, "Usage: sshow [-d] [-i interface]\n"); + fprintf(stderr, "Usage: sshow [-d] [-i interface | -p pcapfile]\n"); exit(1); } @@ -216,13 +217,14 @@ { clock_t delay; int payload; + long CLK_TCK= sysconf(_SC_CLK_TCK); delay = add_history(session, 0, cipher_size, plain_range); if (debug) printf("- %s -> %s: DATA (%s bytes, %.2f seconds)\n", s_saddr(ts), s_daddr(ts), s_range(plain_range), - (float)delay / CLK_TCK); + (float)delay / CLOCKS_PER_SEC); if (debug > 1) print_data(&ts->server, cipher_size); @@ -264,13 +266,14 @@ clock_t delay; int skip; range string_range; + long CLK_TCK= sysconf(_SC_CLK_TCK); delay = add_history(session, 1, cipher_size, plain_range); if (debug) printf("- %s <- %s: DATA (%s bytes, %.2f seconds)\n", s_saddr(ts), s_daddr(ts), s_range(plain_range), - (float)delay / CLK_TCK); + (float)delay / CLOCKS_PER_SEC); if (debug > 1) print_data(&ts->client, cipher_size); @@ -299,7 +302,7 @@ if (session->state == 1 && #ifdef USE_TIMING - now - get_history(session, 2)->timestamp >= CLK_TCK && + now - get_history(session, 2)->timestamp >= CLOCKS_PER_SEC && #endif session->protocol == 1 && (session->history.directions & 7) == 5 && @@ -615,7 +618,7 @@ extern int optind; int c; - while ((c = getopt(argc, argv, "di:h?")) != -1) { + while ((c = getopt(argc, argv, "di:p:h?")) != -1) { switch (c) { case 'd': debug++; @@ -623,6 +626,9 @@ case 'i': nids_params.device = optarg; break; + case 'p': + nids_params.filename = optarg; + break; default: usage(); break; @@ -651,11 +657,24 @@ nids_register_tcp(process_event); - if (nids_params.pcap_filter != NULL) { - warnx("listening on %s [%s]", nids_params.device, - nids_params.pcap_filter); - } - else warnx("listening on %s", nids_params.device); + if (nids_params.pcap_filter != NULL) { + if (nids_params.filename == NULL) { + warnx("listening on %s [%s]", nids_params.device, + nids_params.pcap_filter); + } + else { + warnx("using %s [%s]", nids_params.filename, + nids_params.pcap_filter); + } + } + else { + if (nids_params.filename == NULL) { + warnx("listening on %s", nids_params.device); + } + else { + warnx("using %s", nids_params.filename); + } + } nids_run(); diff -Naur dsniff-2.4.orig/sshow.c~ dsniff-2.4/sshow.c~ --- dsniff-2.4.orig/sshow.c~ 1970-01-01 01:00:00.000000000 +0100 +++ dsniff-2.4/sshow.c~ 2009-04-01 21:54:20.000000000 +0200 @@ -0,0 +1,682 @@ +/* + * sshow.c + * + * Passive SSH traffic analysis. + * + * http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt + * + * Copyright (c) 2000-2001 Solar Designer + * Copyright (c) 2000 Dug Song + * + * $Id: sshow.c,v 1.2 2001/03/19 06:52:15 dugsong Exp $ + */ + +#include "config.h" + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "pcaputil.h" + +#if !defined(NIDS_MAJOR) || (NIDS_MAJOR == 1 && NIDS_MINOR < 15) +#error This program requires libnids 1.15+ +#endif + +#define HISTORY_SIZE 16 + +typedef struct { + u_int min, max; +} range; + +typedef struct { + int direction; /* 0 for client to server */ + clock_t timestamp; /* timestamp of this packet */ + u_int cipher_size; /* ciphertext size */ + range plain_range; /* possible plaintext sizes */ +} record; + +struct history { + record packets[HISTORY_SIZE]; /* recent packets (circular list) */ + int index; /* next (free) index into packets[] */ + u_int directions; /* recent directions (bitmask) */ + clock_t timestamps[2]; /* last timestamps in each direction */ +}; + +struct line { + int input_count; /* input packets (client to server) */ + int input_size; /* input size (estimated) */ + int input_last; /* last input packet size */ + int echo_count; /* echo packets (server to client) */ +}; + +struct session { + int protocol; /* -1 not SSH, 0 unknown, 1 or 2 once known */ + int state; /* 1 after username, 2 after authentication */ + int compressed; /* whether compression is known to be used */ + struct history history; /* session history */ + struct line line; /* current command line */ +}; + +static int debug = 0; + +static clock_t now; + +static void +usage(void) +{ + fprintf(stderr, "Usage: sshow [-d] [-i interface | -p pcapfile]\n"); + exit(1); +} + +static clock_t +add_history(struct session *session, int direction, + u_int cipher_size, range *plain_range) +{ + record *current; + clock_t delay; + + current = &session->history.packets[session->history.index++]; + session->history.index %= HISTORY_SIZE; + + current->direction = direction; + current->timestamp = now; + current->cipher_size = cipher_size; + current->plain_range = *plain_range; + + session->history.directions <<= 1; + session->history.directions |= direction; + + delay = now - session->history.timestamps[direction]; + session->history.timestamps[direction] = now; + + return (delay); +} + +static record * +get_history(struct session *session, int age) +{ + int index; + + index = session->history.index + (HISTORY_SIZE - 1) - age; + index %= HISTORY_SIZE; + + return (&session->history.packets[index]); +} + +static char * +s_saddr(struct tcp_stream *ts) +{ + static char output[32]; + + snprintf(output, sizeof(output), "%s:%u", + inet_ntoa(*((struct in_addr *)&ts->addr.saddr)), + ts->addr.source); + return (output); +} + +static char * +s_daddr(struct tcp_stream *ts) +{ + static char output[32]; + + snprintf(output, sizeof(output), "%s:%u", + inet_ntoa(*((struct in_addr *)&ts->addr.daddr)), + ts->addr.dest); + return (output); +} + +static char * +s_range(range *range) +{ + static char output[32]; + + snprintf(output, sizeof(output), + range->min == range->max ? "%u" : "%u to %u", + range->min, range->max); + return (output); +} + +static void +print_data(struct half_stream *stream, u_int count) +{ + u_int i; + int printable; + + printable = 1; + for (i = 0; i < count; i++) { + printf("%02x%c", (int)(u_char)stream->data[i], + i < count - 1 && i % 24 != 23 + ? ' ' : '\n'); + printable &= + isprint(stream->data[i]) || + stream->data[i] == '\n'; + } + if (printable && count >= 4 && !memcmp(stream->data, "SSH-", 4)) + fwrite(stream->data, count, 1, stdout); +} + +static u_int +ssh1_plain_size(struct half_stream *stream) +{ + if (stream->count_new < 4) return (0); + + return (u_int)(u_char)stream->data[3] | + ((u_int)(u_char)stream->data[2] << 8) | + ((u_int)(u_char)stream->data[1] << 16) | + ((u_int)(u_char)stream->data[0] << 24); +} + +static u_int +ssh1_cipher_size(struct half_stream *stream) +{ + return (4 + ((ssh1_plain_size(stream) + 8) & ~7)); +} + +static range * +ssh1_plain_range(struct half_stream *stream) +{ + static range output; + + output.min = output.max = ssh1_plain_size(stream) - 5; + return (&output); +} + +static range * +ssh2_plain_range(struct half_stream *stream) +{ + static range output; + + output.max = stream->count_new - 16; + /* Assume min padding + 8-byte cipher blocksize */ + output.min = output.max - 7; + if ((int)output.min < 0) output.min = 0; + return (&output); +} + +static void +client_to_server(struct tcp_stream *ts, struct session *session, + u_int cipher_size, range *plain_range) +{ + clock_t delay; + int payload; + long CLK_TCK= sysconf(_SC_CLK_TCK); + + delay = add_history(session, 0, cipher_size, plain_range); + + if (debug) + printf("- %s -> %s: DATA (%s bytes, %.2f seconds)\n", + s_saddr(ts), s_daddr(ts), s_range(plain_range), + (float)delay / CLK_TCK); + if (debug > 1) + print_data(&ts->server, cipher_size); + + payload = plain_range->min; + if (session->state == 2 && payload > 0) { + session->line.input_count++; + session->line.input_last = payload; + if (session->protocol == 1) + payload -= 4; + else { + payload -= 20 + 1; + /* Assume several SSH-2 packets in this IP packet */ + if (payload % 44 == 0) { + session->line.input_count += payload / 44; + /* One character per SSH-2 packet (typical) */ + payload += payload / 44; + payload %= 44; + } + payload++; + } + if (payload <= 0) { + if (payload < 0 && !session->compressed && + session->protocol == 1) { + session->compressed = 1; + printf("+ %s -> %s: Compression detected, " + "guesses will be much less reliable\n", + s_saddr(ts), s_daddr(ts)); + } + payload = 1; + } + session->line.input_size += payload; + } +} + +static void +server_to_client(struct tcp_stream *ts, struct session *session, + u_int cipher_size, range *plain_range) +{ + clock_t delay; + int skip; + range string_range; + long CLK_TCK= sysconf(_SC_CLK_TCK); + + delay = add_history(session, 1, cipher_size, plain_range); + + if (debug) + printf("- %s <- %s: DATA (%s bytes, %.2f seconds)\n", + s_saddr(ts), s_daddr(ts), s_range(plain_range), + (float)delay / CLK_TCK); + if (debug > 1) + print_data(&ts->client, cipher_size); + +/* + * Some of the checks may want to skip over multiple server responses. + * For example, there's a debugging packet sent for every option found + * in authorized_keys, but we can't use those packets in our pattern. + */ + skip = 0; + while (((session->history.directions >> skip) & 3) == 3) + if (++skip > HISTORY_SIZE - 5) break; + + if (session->state == 0 && + session->protocol == 1 && + ((session->history.directions >> skip) & 7) == 5 && + plain_range->min == 0 && + get_history(session, skip + 1)->plain_range.min > 4 && + get_history(session, skip + 2)->plain_range.min == 0) { + session->state = 1; + string_range = get_history(session, skip + 1)->plain_range; + string_range.min -= 4; string_range.max -= 4; + printf("+ %s -> %s: GUESS: Username length is %s\n", + s_saddr(ts), s_daddr(ts), s_range(&string_range)); + return; + } + + if (session->state == 1 && +#ifdef USE_TIMING + now - get_history(session, 2)->timestamp >= CLK_TCK && +#endif + session->protocol == 1 && + (session->history.directions & 7) == 5 && + plain_range->min == 0 && + get_history(session, 1)->plain_range.min > 4 && + get_history(session, 2)->plain_range.min == 0) { + session->state = 2; + string_range = get_history(session, 1)->plain_range; + string_range.min -= 4; string_range.max -= 4; + printf("+ %s -> %s: GUESS: Password authentication, " + "password length %s %s%s\n", + s_saddr(ts), s_daddr(ts), + string_range.min == 32 ? "appears to be" : "is", + s_range(&string_range), + string_range.min == 32 ? " (padded?)" : ""); + } + + if (session->state == 0 && + session->protocol == 2 && + (session->history.directions & 7) == 5) { + if (plain_range->min == 4 + 9) { + string_range = get_history(session, 1)->plain_range; + + if (string_range.min > 500 && string_range.min < 600) { + session->state = 2; + printf("+ %s -> %s: GUESS: DSA " + "authentication accepted\n", + s_saddr(ts), s_daddr(ts)); + } else + if (string_range.min > 42 + 9) { + session->state = 2; + printf("+ %s -> %s: GUESS: Password " + "authentication accepted\n", + s_saddr(ts), s_daddr(ts)); + } + } else if (plain_range->min > 12 + 9 && + plain_range->min < 56 + 9) { + string_range = get_history(session, 1)->plain_range; + + if (string_range.min > 500 && string_range.min < 600) + printf("+ %s -> %s: GUESS: DSA " + "authentication failed\n", + s_saddr(ts), s_daddr(ts)); + else if (string_range.min > 42 + 9) + printf("+ %s -> %s: GUESS: Password " + "authentication failed\n", + s_saddr(ts), s_daddr(ts)); + } + } + + if (session->state == 1 && + session->protocol == 1 && + (session->history.directions & 3) == 1 && + plain_range->min == 0 && + get_history(session, 1)->plain_range.min == 130) { + printf("+ %s -> %s: GUESS: RSA authentication refused\n", + s_saddr(ts), s_daddr(ts)); + } + + if (session->state == 1 && + session->protocol == 1 && + skip >= 1 && + ((session->history.directions >> (skip - 1)) & 037) == 013 && + plain_range->min == 0 && + get_history(session, skip - 1 + 2)->plain_range.min == 16 && + get_history(session, skip - 1 + 3)->plain_range.min == 130 && + get_history(session, skip - 1 + 4)->plain_range.min == 130) { + char *what; + + switch (get_history(session, 1)->plain_range.min - 4) { + case 28: + /* "RSA authentication accepted." */ + session->state = 2; + if (skip > 1 && (what = alloca(64))) { + snprintf(what, 64, "accepted " + "(%d+ authorized_keys option%s)", + skip - 1, skip - 1 == 1 ? "" : "s"); + break; + } + what = "accepted"; + break; + + case 47: + /* "Wrong response to RSA authentication challenge." */ + what = "failed"; + break; + + default: + what = "???"; + } + printf("+ %s -> %s: GUESS: RSA authentication %s\n", + s_saddr(ts), s_daddr(ts), what); + } + + if (session->state == 2) { + session->line.echo_count++; + + /* Check for backspace */ + if (session->protocol == 1 && !session->compressed && + plain_range->min == 4 + 3 && + session->line.input_size >= 2) + session->line.input_size -= 2; + + if (plain_range->min > 4 + session->line.input_last && + session->line.input_count >= 2 && + session->line.input_size >= 2) { + int size; + char *what; + + size = session->line.input_size; + if (session->line.echo_count + 1 >= + session->line.input_count && + size <= (session->line.input_count << 2) && + size < 0x100) { + what = "(command) line"; + } + else { + if (session->line.echo_count <= 2 && + size <= (session->line.input_count << 1) && + size >= 2 + 1 && size <= 40 + 1) { + what = "password"; + } + else what = NULL; + } + if (debug) { + printf("- %s -> %s: sent %d packets " + "(%d characters), seen %d replies\n", + s_saddr(ts), s_daddr(ts), + session->line.input_count, size, + session->line.echo_count); + } + if (what) { + printf("+ %s -> %s: GUESS: " + "a %s of %d character%s\n", + s_saddr(ts), s_daddr(ts), + what, size - 1, size == 2 ? "" : "s"); + } + } + if (plain_range->min <= 0 || + plain_range->min > 4 + session->line.input_last) { + session->line.input_count = 0; + session->line.input_size = 0; + session->line.echo_count = 0; + } + } +} + +static void +process_data(struct tcp_stream *ts, struct session *session) +{ + u_int have, need; + char *lf; + + if (session->protocol < 0) return; + + if (ts->client.count_new && + (have = ts->client.count - ts->client.offset)) { + switch (session->protocol) { + case 1: + if (have < (need = ssh1_cipher_size(&ts->client))) { + if (debug) { + printf("- %s <- %s: got %u of " + "%u bytes\n", s_saddr(ts), + s_daddr(ts), have, need); + } + nids_discard(ts, 0); + return; + } + if (have != need && debug) { + printf("- %s <- %s: left %u bytes\n", + s_saddr(ts), s_daddr(ts), + have - need); + } + nids_discard(ts, need); + server_to_client(ts, session, need, + ssh1_plain_range(&ts->client)); + return; + + case 2: + server_to_client(ts, session, have, + ssh2_plain_range(&ts->client)); + return; + + default: + break; + } + } + if (ts->server.count_new && + (have = ts->server.count - ts->server.offset)) { + if (!session->protocol) { + lf = (char *)memchr(ts->server.data, '\n', have); + if (have < 7 || (!lf && have < 0x100)) { + nids_discard(ts, 0); + return; + } + if (lf && !memcmp(ts->server.data, "SSH-", 4)) + session->protocol = ts->server.data[4] - '0'; + /* some clients announce SSH-1.99 instead of SSH-2.0 */ + if (session->protocol == 1 && + ts->server.data[5] == '.' && + ts->server.data[6] == '9') { + session->protocol = 2; + } + if (session->protocol != 1 && session->protocol != 2) { + session->protocol = -1; + if (debug) { + printf("- %s -> %s: not SSH\n", + s_saddr(ts), s_daddr(ts)); + } + return; + } + need = lf - ts->server.data + 1; + nids_discard(ts, need); + printf("+ %s -> %s: SSH protocol %d\n", + s_saddr(ts), s_daddr(ts), session->protocol); + if (debug) + print_data(&ts->server, have); + return; + } + + switch (session->protocol) { + case 1: + if (have < (need = ssh1_cipher_size(&ts->server))) { + if (debug) { + printf("- %s -> %s: got %u of " + "%u bytes\n", s_saddr(ts), + s_daddr(ts), have, need); + } + nids_discard(ts, 0); + return; + } + if (have != need && debug) { + printf("- %s -> %s: left %u bytes\n", + s_saddr(ts), s_daddr(ts), + have - need); + } + nids_discard(ts, need); + client_to_server(ts, session, need, + ssh1_plain_range(&ts->server)); + return; + + case 2: + client_to_server(ts, session, have, + ssh2_plain_range(&ts->server)); + } + } +} + +static void +process_event(struct tcp_stream *ts, struct session **session) +{ + struct tms buf; + char *what; + + now = times(&buf); + what = NULL; + + switch (ts->nids_state) { + case NIDS_JUST_EST: + ts->client.collect = 1; + ts->server.collect = 1; + if (debug) { + printf("- %s -> %s: ESTABLISHED\n", + s_saddr(ts), s_daddr(ts)); + } + if (!(*session = calloc(1, sizeof(**session)))) { + err(1, "calloc"); + } + (*session)->history.timestamps[0] = now; + (*session)->history.timestamps[1] = now; + return; + + case NIDS_CLOSE: + what = "CLOSED"; + + case NIDS_RESET: + if (!what) what = "RESET"; + + case NIDS_TIMED_OUT: + if (!what) what = "TIMED OUT"; + if ((*session)->protocol > 0) { + printf("+ %s -- %s: %s\n", + s_saddr(ts), s_daddr(ts), what); + } + else if (debug) { + printf("- %s -- %s: %s\n", + s_saddr(ts), s_daddr(ts), what); + } + free(*session); + return; + + case NIDS_DATA: + process_data(ts, *session); + return; + } +} + +static void +null_syslog(int type, int errnum, struct ip *iph, void *data) +{ +} + +static void +cleanup(int signum) +{ + exit(0); /* Just so that atexit(3) jobs are called */ +} + +int +main(int argc, char *argv[]) +{ + extern char *optarg; + extern int optind; + int c; + + while ((c = getopt(argc, argv, "di:p:h?")) != -1) { + switch (c) { + case 'd': + debug++; + break; + case 'i': + nids_params.device = optarg; + break; + case 'p': + nids_params.filename = optarg; + break; + default: + usage(); + break; + } + } + argc -= optind; + argv += optind; + + signal(SIGTERM, cleanup); + signal(SIGINT, cleanup); + signal(SIGHUP, cleanup); + + setlinebuf(stdout); + + if (argc > 0) { + nids_params.pcap_filter = copy_argv(argv); + } + else nids_params.pcap_filter = "tcp"; + + nids_params.syslog = null_syslog; + nids_params.scan_num_hosts = 0; + nids_params.one_loop_less = 1; + + if (!nids_init()) + errx(1, "nids_init: %s", nids_errbuf); + + nids_register_tcp(process_event); + + if (nids_params.pcap_filter != NULL) { + if (nids_params.filename == NULL) { + warnx("listening on %s [%s]", nids_params.device, + nids_params.pcap_filter); + } + else { + warnx("using %s [%s]", nids_params.filename, + nids_params.pcap_filter); + } + } + else { + if (nids_params.filename == NULL) { + warnx("listening on %s", nids_params.device); + } + else { + warnx("using %s", nids_params.filename); + } + } + + nids_run(); + + return (0); +} diff -Naur dsniff-2.4.orig/svn-commit.tmp dsniff-2.4/svn-commit.tmp --- dsniff-2.4.orig/svn-commit.tmp 1970-01-01 01:00:00.000000000 +0100 +++ dsniff-2.4/svn-commit.tmp 2009-04-01 21:54:20.000000000 +0200 @@ -0,0 +1,5 @@ +fixing #442643 +--This line, and those below, will be ignored-- + +M debian/control +M debian/changelog diff -Naur dsniff-2.4.orig/tcp_raw.c dsniff-2.4/tcp_raw.c --- dsniff-2.4.orig/tcp_raw.c 2001-03-15 09:33:04.000000000 +0100 +++ dsniff-2.4/tcp_raw.c 2009-04-01 21:54:20.000000000 +0200 @@ -119,7 +119,7 @@ } struct iovec * -tcp_raw_input(struct libnet_ip_hdr *ip, struct libnet_tcp_hdr *tcp, int len) +tcp_raw_input(struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp, int len) { struct tha tha; struct tcp_conn *conn; @@ -131,7 +131,7 @@ /* Verify TCP checksum. */ cksum = tcp->th_sum; - libnet_do_checksum((u_char *) ip, IPPROTO_TCP, len); + libnet_do_checksum(NULL, (u_char *) ip, IPPROTO_TCP, len); if (cksum != tcp->th_sum) return (NULL); diff -Naur dsniff-2.4.orig/tcp_raw.h dsniff-2.4/tcp_raw.h --- dsniff-2.4.orig/tcp_raw.h 2001-03-15 09:33:06.000000000 +0100 +++ dsniff-2.4/tcp_raw.h 2009-04-01 21:54:20.000000000 +0200 @@ -15,7 +15,7 @@ u_short sport, u_short dport, u_char *buf, int len); -struct iovec *tcp_raw_input(struct libnet_ip_hdr *ip, +struct iovec *tcp_raw_input(struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp, int len); void tcp_raw_timeout(int timeout, tcp_raw_callback_t callback); diff -Naur dsniff-2.4.orig/tcpkill.c dsniff-2.4/tcpkill.c --- dsniff-2.4.orig/tcpkill.c 2001-03-17 09:10:43.000000000 +0100 +++ dsniff-2.4/tcpkill.c 2009-04-01 21:54:20.000000000 +0200 @@ -39,17 +39,18 @@ static void tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) { - struct libnet_ip_hdr *ip; + struct libnet_ipv4_hdr *ip; struct libnet_tcp_hdr *tcp; - u_char ctext[64], buf[IP_H + TCP_H]; + u_char ctext[64]; u_int32_t seq, win; - int i, *sock, len; + int i, len; + libnet_t *l; - sock = (int *)user; + l = (libnet_t *)user; pkt += pcap_off; len = pcap->caplen - pcap_off; - ip = (struct libnet_ip_hdr *)pkt; + ip = (struct libnet_ipv4_hdr *)pkt; if (ip->ip_p != IPPROTO_TCP) return; @@ -57,34 +58,31 @@ if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST)) return; - libnet_build_ip(TCP_H, 0, 0, 0, 64, IPPROTO_TCP, - ip->ip_dst.s_addr, ip->ip_src.s_addr, - NULL, 0, buf); - - libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), - 0, 0, TH_RST, 0, 0, NULL, 0, buf + IP_H); - seq = ntohl(tcp->th_ack); win = ntohs(tcp->th_win); snprintf(ctext, sizeof(ctext), "%s:%d > %s:%d:", - libnet_host_lookup(ip->ip_src.s_addr, 0), + libnet_addr2name4(ip->ip_src.s_addr, LIBNET_DONT_RESOLVE), ntohs(tcp->th_sport), - libnet_host_lookup(ip->ip_dst.s_addr, 0), + libnet_addr2name4(ip->ip_dst.s_addr, LIBNET_DONT_RESOLVE), ntohs(tcp->th_dport)); - ip = (struct libnet_ip_hdr *)buf; - tcp = (struct libnet_tcp_hdr *)(ip + 1); - for (i = 0; i < Opt_severity; i++) { - ip->ip_id = libnet_get_prand(PRu16); seq += (i * win); - tcp->th_seq = htonl(seq); - libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); + libnet_clear_packet(l); + + libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport), + seq, 0, TH_RST, 0, 0, 0, LIBNET_TCP_H, + NULL, 0, l, 0); + + libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H, 0, + libnet_get_prand(LIBNET_PRu16), 0, 64, + IPPROTO_TCP, 0, ip->ip_dst.s_addr, + ip->ip_src.s_addr, NULL, 0, l, 0); - if (libnet_write_ip(*sock, buf, sizeof(buf)) < 0) - warn("write_ip"); + if (libnet_write(l) < 0) + warn("write"); fprintf(stderr, "%s R %lu:%lu(0) win 0\n", ctext, seq, seq); } @@ -95,8 +93,10 @@ { extern char *optarg; extern int optind; - int c, sock; + int c; char *p, *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; + char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + libnet_t *l; pcap_t *pd; intf = NULL; @@ -136,14 +136,14 @@ if ((pcap_off = pcap_dloff(pd)) < 0) errx(1, "couldn't determine link layer offset"); - if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) + if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) errx(1, "couldn't initialize sending"); - libnet_seed_prand(); + libnet_seed_prand(l); warnx("listening on %s [%s]", intf, filter); - pcap_loop(pd, -1, tcp_kill_cb, (u_char *)&sock); + pcap_loop(pd, -1, tcp_kill_cb, (u_char *)l); /* NOTREACHED */ diff -Naur dsniff-2.4.orig/tcpnice.c dsniff-2.4/tcpnice.c --- dsniff-2.4.orig/tcpnice.c 2001-03-17 08:41:51.000000000 +0100 +++ dsniff-2.4/tcpnice.c 2009-04-01 21:54:20.000000000 +0200 @@ -41,107 +41,106 @@ } static void -send_tcp_window_advertisement(int sock, struct libnet_ip_hdr *ip, +send_tcp_window_advertisement(libnet_t *l, struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp) { int len; ip->ip_hl = 5; - ip->ip_len = htons(IP_H + TCP_H); - ip->ip_id = libnet_get_prand(PRu16); - memcpy(buf, (u_char *)ip, IP_H); + ip->ip_len = htons(LIBNET_IPV4_H + LIBNET_TCP_H); + ip->ip_id = libnet_get_prand(LIBNET_PRu16); + memcpy(buf, (u_char *)ip, LIBNET_IPV4_H); tcp->th_off = 5; tcp->th_win = htons(MIN_WIN); - memcpy(buf + IP_H, (u_char *)tcp, TCP_H); + memcpy(buf + LIBNET_IPV4_H, (u_char *)tcp, LIBNET_TCP_H); - libnet_do_checksum(buf, IPPROTO_TCP, TCP_H); + libnet_do_checksum(l, buf, IPPROTO_TCP, LIBNET_TCP_H); - len = IP_H + TCP_H; + len = LIBNET_IPV4_H + LIBNET_TCP_H; - if (libnet_write_ip(sock, buf, len) != len) + if (libnet_write_raw_ipv4(l, buf, len) != len) warn("write"); fprintf(stderr, "%s:%d > %s:%d: . ack %lu win %d\n", - libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), - libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), + libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport), + libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport), ntohl(tcp->th_ack), 1); } static void -send_icmp_source_quench(int sock, struct libnet_ip_hdr *ip) +send_icmp_source_quench(libnet_t *l, struct libnet_ipv4_hdr *ip) { - struct libnet_icmp_hdr *icmp; + struct libnet_icmpv4_hdr *icmp; int len; len = (ip->ip_hl * 4) + 8; - libnet_build_ip(ICMP_ECHO_H + len, 0, libnet_get_prand(PRu16), - 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, - ip->ip_src.s_addr, NULL, 0, buf); - - icmp = (struct libnet_icmp_hdr *)(buf + IP_H); + icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); icmp->icmp_type = ICMP_SOURCEQUENCH; icmp->icmp_code = 0; - memcpy((u_char *)icmp + ICMP_ECHO_H, (u_char *)ip, len); + memcpy((u_char *)icmp + LIBNET_ICMPV4_ECHO_H, (u_char *)ip, len); - libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_ECHO_H + len); + len += LIBNET_ICMPV4_ECHO_H; - len += (IP_H + ICMP_ECHO_H); + libnet_build_ipv4(LIBNET_IPV4_H + len, 0, + libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, + 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, + (u_int8_t *) icmp, len, l, 0); - if (libnet_write_ip(sock, buf, len) != len) + if (libnet_write(l) != len) warn("write"); fprintf(stderr, "%s > %s: icmp: source quench\n", - libnet_host_lookup(ip->ip_dst.s_addr, 0), - libnet_host_lookup(ip->ip_src.s_addr, 0)); + libnet_addr2name4(ip->ip_dst.s_addr, 0), + libnet_addr2name4(ip->ip_src.s_addr, 0)); } static void -send_icmp_frag_needed(int sock, struct libnet_ip_hdr *ip) +send_icmp_frag_needed(libnet_t *l, struct libnet_ipv4_hdr *ip) { - struct libnet_icmp_hdr *icmp; + struct libnet_icmpv4_hdr *icmp; int len; len = (ip->ip_hl * 4) + 8; - libnet_build_ip(ICMP_MASK_H + len, 4, libnet_get_prand(PRu16), - 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr, - ip->ip_src.s_addr, NULL, 0, buf); - - icmp = (struct libnet_icmp_hdr *)(buf + IP_H); + icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H); icmp->icmp_type = ICMP_UNREACH; icmp->icmp_code = ICMP_UNREACH_NEEDFRAG; icmp->hun.frag.pad = 0; icmp->hun.frag.mtu = htons(MIN_MTU); - memcpy((u_char *)icmp + ICMP_MASK_H, (u_char *)ip, len); + memcpy((u_char *)icmp + LIBNET_ICMPV4_MASK_H, (u_char *)ip, len); - libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_MASK_H + len); - - len += (IP_H + ICMP_MASK_H); + len += LIBNET_ICMPV4_MASK_H; + + libnet_build_ipv4(LIBNET_IPV4_H + len, 4, + libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP, + 0, ip->ip_dst.s_addr, ip->ip_src.s_addr, + (u_int8_t *) icmp, len, l, 0); - if (libnet_write_ip(sock, buf, len) != len) + if (libnet_write(l) != len) warn("write"); fprintf(stderr, "%s > %s: icmp: ", - libnet_host_lookup(ip->ip_dst.s_addr, 0), - libnet_host_lookup(ip->ip_src.s_addr, 0)); + libnet_addr2name4(ip->ip_dst.s_addr, 0), + libnet_addr2name4(ip->ip_src.s_addr, 0)); fprintf(stderr, "%s unreachable - need to frag (mtu %d)\n", - libnet_host_lookup(ip->ip_src.s_addr, 0), MIN_MTU); + libnet_addr2name4(ip->ip_src.s_addr, 0), MIN_MTU); } static void tcp_nice_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt) { - struct libnet_ip_hdr *ip; + struct libnet_ipv4_hdr *ip; struct libnet_tcp_hdr *tcp; - int *sock, len; + int len; + libnet_t *l; - sock = (int *)user; + l = (libnet_t *)user; pkt += pcap_off; len = pcap->caplen - pcap_off; - ip = (struct libnet_ip_hdr *)pkt; + ip = (struct libnet_ipv4_hdr *)pkt; if (ip->ip_p != IPPROTO_TCP) return; @@ -151,11 +150,11 @@ if (ntohs(ip->ip_len) > (ip->ip_hl << 2) + (tcp->th_off << 2)) { if (Opt_icmp) - send_icmp_source_quench(*sock, ip); + send_icmp_source_quench(l, ip); if (Opt_win) - send_tcp_window_advertisement(*sock, ip, tcp); + send_tcp_window_advertisement(l, ip, tcp); if (Opt_pmtu) - send_icmp_frag_needed(*sock, ip); + send_icmp_frag_needed(l, ip); } } @@ -164,8 +163,10 @@ { extern char *optarg; extern int optind; - int c, sock; + int c; char *intf, *filter, ebuf[PCAP_ERRBUF_SIZE]; + char libnet_ebuf[LIBNET_ERRBUF_SIZE]; + libnet_t *l; pcap_t *pd; intf = NULL; @@ -209,14 +210,14 @@ if ((pcap_off = pcap_dloff(pd)) < 0) errx(1, "couldn't determine link layer offset"); - if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1) + if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL) errx(1, "couldn't initialize sending"); - libnet_seed_prand(); + libnet_seed_prand(l); warnx("listening on %s [%s]", intf, filter); - pcap_loop(pd, -1, tcp_nice_cb, (u_char *)&sock); + pcap_loop(pd, -1, tcp_nice_cb, (u_char *)l); /* NOTREACHED */ diff -Naur dsniff-2.4.orig/trigger.c dsniff-2.4/trigger.c --- dsniff-2.4.orig/trigger.c 2001-03-15 09:33:05.000000000 +0100 +++ dsniff-2.4/trigger.c 2009-04-01 21:54:20.000000000 +0200 @@ -276,7 +276,7 @@ } void -trigger_ip(struct libnet_ip_hdr *ip) +trigger_ip(struct libnet_ipv4_hdr *ip) { struct trigger *t, tr; u_char *buf; @@ -305,7 +305,7 @@ /* libnids needs a nids_register_udp()... */ void -trigger_udp(struct libnet_ip_hdr *ip) +trigger_udp(struct libnet_ipv4_hdr *ip) { struct trigger *t, tr; struct libnet_udp_hdr *udp; @@ -437,7 +437,7 @@ } void -trigger_tcp_raw(struct libnet_ip_hdr *ip) +trigger_tcp_raw(struct libnet_ipv4_hdr *ip) { struct trigger *t, tr; struct libnet_tcp_hdr *tcp; diff -Naur dsniff-2.4.orig/trigger.h dsniff-2.4/trigger.h --- dsniff-2.4.orig/trigger.h 2001-03-15 09:33:06.000000000 +0100 +++ dsniff-2.4/trigger.h 2009-04-01 21:54:20.000000000 +0200 @@ -24,10 +24,10 @@ int trigger_set_tcp(int port, char *name); int trigger_set_rpc(int program, char *name); -void trigger_ip(struct libnet_ip_hdr *ip); -void trigger_udp(struct libnet_ip_hdr *ip); +void trigger_ip(struct libnet_ipv4_hdr *ip); +void trigger_udp(struct libnet_ipv4_hdr *ip); void trigger_tcp(struct tcp_stream *ts, void **conn_save); -void trigger_tcp_raw(struct libnet_ip_hdr *ip); +void trigger_tcp_raw(struct libnet_ipv4_hdr *ip); void trigger_tcp_raw_timeout(int signal); void trigger_rpc(int program, int proto, int port); diff -Naur dsniff-2.4.orig/urlsnarf.8 dsniff-2.4/urlsnarf.8 --- dsniff-2.4.orig/urlsnarf.8 2000-11-19 07:24:51.000000000 +0100 +++ dsniff-2.4/urlsnarf.8 2009-04-01 21:54:20.000000000 +0200 @@ -9,7 +9,7 @@ .na .nf .fi -\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] +\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]] .SH DESCRIPTION .ad .fi @@ -21,6 +21,9 @@ .IP \fB-n\fR Do not resolve IP addresses to hostnames. .IP "\fB-i \fIinterface\fR" +Specify the interface to listen on. +.IP "\fB-p \fIpcapfile\fR" +Process packets from the specified PCAP capture file instead of the network. .IP \fB-v\fR "Versus" mode. Invert the sense of matching, to select non-matching URLs. diff -Naur dsniff-2.4.orig/urlsnarf.c dsniff-2.4/urlsnarf.c --- dsniff-2.4.orig/urlsnarf.c 2001-03-15 10:26:13.000000000 +0100 +++ dsniff-2.4/urlsnarf.c 2009-04-01 21:54:20.000000000 +0200 @@ -41,7 +41,7 @@ usage(void) { fprintf(stderr, "Version: " VERSION "\n" - "Usage: urlsnarf [-n] [-i interface] [[-v] pattern [expression]]\n"); + "Usage: urlsnarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); exit(1); } @@ -68,7 +68,7 @@ t->tm_hour - gmt.tm_hour); tz = hours * 60 + t->tm_min - gmt.tm_min; - len = strftime(tstr, sizeof(tstr), "%e/%b/%Y:%X", t); + len = strftime(tstr, sizeof(tstr), "%d/%b/%Y:%X", t); if (len < 0 || len > sizeof(tstr) - 5) return (NULL); @@ -84,6 +84,43 @@ return (tstr); } +static char * +escape_log_entry(char *string) +{ + char *out; + unsigned char *c, *o; + size_t len; + + if (!string) + return NULL; + + /* Determine needed length */ + for (c = string, len = 0; *c; c++) { + if ((*c < 32) || (*c >= 128)) + len += 4; + else if ((*c == '"') || (*c =='\\')) + len += 2; + else + len++; + } + out = malloc(len+1); + if (!out) + return NULL; + for (c = string, o = out; *c; c++, o++) { + if ((*c < 32) || (*c >= 128)) { + snprintf(o, 5, "\\x%02x", *c); + o += 3; + } else if ((*c == '"') || ((*c =='\\'))) { + *(o++) = '\\'; + *o = *c; + } else { + *o = *c; + } + } + out[len]='\0'; + return out; +} + static int process_http_request(struct tuple4 *addr, u_char *data, int len) { @@ -142,18 +179,26 @@ buf_tok(NULL, NULL, i); } } - if (user == NULL) - user = "-"; - if (vhost == NULL) - vhost = libnet_host_lookup(addr->daddr, Opt_dns); - if (referer == NULL) - referer = "-"; - if (agent == NULL) - agent = "-"; - + user = escape_log_entry(user); + vhost = escape_log_entry(vhost); + uri = escape_log_entry(uri); + referer = escape_log_entry(referer); + agent = escape_log_entry(agent); + printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n", - libnet_host_lookup(addr->saddr, Opt_dns), - user, timestamp(), req, vhost, uri, referer, agent); + libnet_addr2name4(addr->saddr, Opt_dns), + (user?user:"-"), + timestamp(), req, + (vhost?vhost:libnet_addr2name4(addr->daddr, Opt_dns)), + uri, + (referer?referer:"-"), + (agent?agent:"-")); + + free(user); + free(vhost); + free(uri); + free(referer); + free(agent); } fflush(stdout); @@ -200,12 +245,16 @@ extern char *optarg; extern int optind; int c; + struct nids_chksum_ctl chksum_ctl; - while ((c = getopt(argc, argv, "i:nvh?V")) != -1) { + while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; + case 'p': + nids_params.filename = optarg; + break; case 'n': Opt_dns = 0; break; @@ -238,8 +287,30 @@ nids_register_tcp(sniff_http_client); - warnx("listening on %s [%s]", nids_params.device, - nids_params.pcap_filter); + if (nids_params.pcap_filter != NULL) { + if (nids_params.filename == NULL) { + warnx("listening on %s [%s]", nids_params.device, + nids_params.pcap_filter); + } + else { + warnx("using %s [%s]", nids_params.filename, + nids_params.pcap_filter); + } + } + else { + if (nids_params.filename == NULL) { + warnx("listening on %s", nids_params.device); + } + else { + warnx("using %s", nids_params.filename); + } + } + + chksum_ctl.netaddr = 0; + chksum_ctl.mask = 0; + chksum_ctl.action = NIDS_DONT_CHKSUM; + + nids_register_chksum_ctl(&chksum_ctl, 1); nids_run(); diff -Naur dsniff-2.4.orig/urlsnarf.c~ dsniff-2.4/urlsnarf.c~ --- dsniff-2.4.orig/urlsnarf.c~ 1970-01-01 01:00:00.000000000 +0100 +++ dsniff-2.4/urlsnarf.c~ 2009-04-01 21:54:20.000000000 +0200 @@ -0,0 +1,275 @@ +/* + * urlsnarf.c + * + * Sniff the network for HTTP request URLs, output in CLF format. + * + * Copyright (c) 1999 Dug Song + * + * $Id: urlsnarf.c,v 1.35 2001/03/15 09:26:13 dugsong Exp $ + */ + +#include "config.h" + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "pcaputil.h" +#include "buf.h" +#include "base64.h" +#include "version.h" + +#define DEFAULT_PCAP_FILTER "tcp port 80 or port 8080 or port 3128" + +u_short Opt_dns = 1; +int Opt_invert = 0; +regex_t *pregex = NULL; + +static void +usage(void) +{ + fprintf(stderr, "Version: " VERSION "\n" + "Usage: urlsnarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]\n"); + exit(1); +} + +static int +regex_match(char *string) +{ + return (pregex == NULL || + ((regexec(pregex, string, 0, NULL, 0) == 0) ^ Opt_invert)); +} + +static char * +timestamp(void) +{ + static char tstr[32], sign; + struct tm *t, gmt; + time_t tt = time(NULL); + int days, hours, tz, len; + + gmt = *gmtime(&tt); + t = localtime(&tt); + + days = t->tm_yday - gmt.tm_yday; + hours = ((days < -1 ? 24 : 1 < days ? -24 : days * 24) + + t->tm_hour - gmt.tm_hour); + tz = hours * 60 + t->tm_min - gmt.tm_min; + + len = strftime(tstr, sizeof(tstr), "%d/%b/%Y:%X", t); + if (len < 0 || len > sizeof(tstr) - 5) + return (NULL); + + if (tz < 0) { + sign = '-'; + tz = -tz; + } + else sign = '+'; + + snprintf(tstr + len, sizeof(tstr) - len, " %c%.2d%.2d", + sign, tz / 60, tz % 60); + + return (tstr); +} + +static int +process_http_request(struct tuple4 *addr, u_char *data, int len) +{ + struct buf *msg, buf; + char *p, *req, *uri, *user, *vhost, *referer, *agent; + int i; + + buf_init(&buf, data, len); + + while ((i = buf_index(&buf, "\r\n\r\n", 4)) >= 0) { + msg = buf_tok(&buf, NULL, i); + msg->base[msg->end] = '\0'; + buf_skip(&buf, 4); + + if (!regex_match(buf_ptr(msg))) + continue; + + if ((req = strtok(buf_ptr(msg), "\r\n")) == NULL) + continue; + + if (strncmp(req, "GET ", 4) != 0 && + strncmp(req, "POST ", 5) != 0 && + strncmp(req, "CONNECT ", 8) != 0) + continue; + + if ((uri = strchr(req, ' ')) == NULL) + continue; + + *uri++ = '\0'; + if (strncmp(uri, "http://", 7) == 0) { + for (uri += 7; *uri != '/'; uri++) + ; + } + user = vhost = referer = agent = NULL; + + while ((p = strtok(NULL, "\r\n")) != NULL) { + if (strncasecmp(p, "Authorization: Basic ", 21) == 0) { + p += 21; + i = base64_pton(p, p, strlen(p)); + p[i] = '\0'; + user = p; + if ((p = strchr(p, ':')) != NULL) + *p = '\0'; + } + else if (strncasecmp(p, "Host: ", 6) == 0) { + vhost = p + 6; + } + else if (strncasecmp(p, "Referer: ", 9) == 0) { + referer = p + 9; + } + else if (strncasecmp(p, "User-Agent: ", 12) == 0) { + agent = p + 12; + } + else if (strncasecmp(p, "Content-length: ", 16) == 0) { + i = atoi(p + 16); + buf_tok(NULL, NULL, i); + } + } + if (user == NULL) + user = "-"; + if (vhost == NULL) + vhost = libnet_addr2name4(addr->daddr, Opt_dns); + if (referer == NULL) + referer = "-"; + if (agent == NULL) + agent = "-"; + + printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n", + libnet_addr2name4(addr->saddr, Opt_dns), + user, timestamp(), req, vhost, uri, referer, agent); + } + fflush(stdout); + + return (len - buf_len(&buf)); +} + +static void +sniff_http_client(struct tcp_stream *ts, void **yoda) +{ + int i; + + switch (ts->nids_state) { + + case NIDS_JUST_EST: + ts->server.collect = 1; + + case NIDS_DATA: + if (ts->server.count_new != 0) { + i = process_http_request(&ts->addr, ts->server.data, + ts->server.count - + ts->server.offset); + nids_discard(ts, i); + } + break; + + default: + if (ts->server.count != 0) { + process_http_request(&ts->addr, ts->server.data, + ts->server.count - + ts->server.offset); + } + break; + } +} + +static void +null_syslog(int type, int errnum, struct ip *iph, void *data) +{ +} + +int +main(int argc, char *argv[]) +{ + extern char *optarg; + extern int optind; + int c; + struct nids_chksum_ctl chksum_ctl; + + while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) { + switch (c) { + case 'i': + nids_params.device = optarg; + break; + case 'p': + nids_params.filename = optarg; + break; + case 'n': + Opt_dns = 0; + break; + case 'v': + Opt_invert = 1; + break; + default: + usage(); + } + } + argc -= optind; + argv += optind; + + if (argc > 0 && strlen(argv[0])) { + if ((pregex = (regex_t *) malloc(sizeof(*pregex))) == NULL) + err(1, "malloc"); + if (regcomp(pregex, argv[0], REG_EXTENDED|REG_NOSUB) != 0) + errx(1, "invalid regular expression"); + } + if (argc > 1) { + nids_params.pcap_filter = copy_argv(argv + 1); + } + else nids_params.pcap_filter = DEFAULT_PCAP_FILTER; + + nids_params.scan_num_hosts = 0; + nids_params.syslog = null_syslog; + + if (!nids_init()) + errx(1, "%s", nids_errbuf); + + nids_register_tcp(sniff_http_client); + + if (nids_params.pcap_filter != NULL) { + if (nids_params.filename == NULL) { + warnx("listening on %s [%s]", nids_params.device, + nids_params.pcap_filter); + } + else { + warnx("using %s [%s]", nids_params.filename, + nids_params.pcap_filter); + } + } + else { + if (nids_params.filename == NULL) { + warnx("listening on %s", nids_params.device); + } + else { + warnx("using %s", nids_params.filename); + } + } + + chksum_ctl.netaddr = 0; + chksum_ctl.mask = 0; + chksum_ctl.action = NIDS_DONT_CHKSUM; + + nids_register_chksum_ctl(&chksum_ctl, 1); + + nids_run(); + + /* NOTREACHED */ + + exit(0); +} diff -Naur dsniff-2.4.orig/webmitm.c dsniff-2.4/webmitm.c --- dsniff-2.4.orig/webmitm.c 2001-03-17 09:35:05.000000000 +0100 +++ dsniff-2.4/webmitm.c 2009-04-01 21:54:20.000000000 +0200 @@ -242,7 +242,7 @@ word = buf_tok(&msg, "/", 1); vhost = buf_strdup(word); } - ssin.sin_addr.s_addr = libnet_name_resolve(vhost, 1); + ssin.sin_addr.s_addr = libnet_name2addr4(NULL, vhost, 1); free(vhost); if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) || @@ -510,7 +510,7 @@ argv += optind; if (argc == 1) { - if ((static_host = libnet_name_resolve(argv[0], 1)) == -1) + if ((static_host = libnet_name2addr4(NULL, argv[0], 1)) == -1) usage(); } else if (argc != 0) usage(); diff -Naur dsniff-2.4.orig/webspy.8 dsniff-2.4/webspy.8 --- dsniff-2.4.orig/webspy.8 2000-11-14 16:51:05.000000000 +0100 +++ dsniff-2.4/webspy.8 2009-04-01 21:54:20.000000000 +0200 @@ -9,7 +9,7 @@ .na .nf .fi -\fBwebspy\fR [\fB-i \fIinterface\fR] \fIhost\fR +\fBwebspy\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] \fIhost\fR .SH DESCRIPTION .ad .fi @@ -20,6 +20,8 @@ .SH OPTIONS .IP "\fB-i \fIinterface\fR" Specify the interface to listen on. +.IP "\fB-p \fIpcapfile\fR" +Process packets from the specified PCAP capture file instead of the network. .IP \fIhost\fR Specify the web client to spy on. .SH "SEE ALSO" diff -Naur dsniff-2.4.orig/webspy.c dsniff-2.4/webspy.c --- dsniff-2.4.orig/webspy.c 2001-03-15 09:33:05.000000000 +0100 +++ dsniff-2.4/webspy.c 2009-04-01 21:54:20.000000000 +0200 @@ -42,7 +42,7 @@ usage(void) { fprintf(stderr, "Version: " VERSION "\n" - "Usage: %s [-i interface] host\n", progname); + "Usage: %s [-i interface | -p pcapfile] host\n", progname); exit(1); } @@ -126,7 +126,7 @@ if (auth == NULL) auth = ""; if (vhost == NULL) - vhost = libnet_host_lookup(addr->daddr, 0); + vhost = libnet_addr2name4(addr->daddr, 0); snprintf(cmd, sizeof(cmd), "openURL(http://%s%s%s%s)", auth, *auth ? "@" : "", vhost, uri); @@ -184,11 +184,14 @@ extern int optind; int c; - while ((c = getopt(argc, argv, "i:h?V")) != -1) { + while ((c = getopt(argc, argv, "i:p:h?V")) != -1) { switch (c) { case 'i': nids_params.device = optarg; break; + case 'p': + nids_params.filename = optarg; + break; default: usage(); } @@ -202,7 +205,7 @@ cmdtab[0] = cmd; cmdtab[1] = NULL; - if ((host = libnet_name_resolve(argv[0], 1)) == -1) + if ((host = libnet_name2addr4(NULL, argv[0], 1)) == -1) errx(1, "unknown host"); if ((dpy = XOpenDisplay(NULL)) == NULL) @@ -216,7 +219,13 @@ nids_register_tcp(sniff_http_client); - warnx("listening on %s", nids_params.device); + if (nids_params.filename == NULL) { + warnx("listening on %s", nids_params.device); + } + else { + warnx("using %s", nids_params.filename); + } + nids_run();