From 5fbf2ebe6a2b21ec429b2e1c531fe8c623c275df Mon Sep 17 00:00:00 2001 From: bms Date: Sun, 23 Jan 2005 00:39:01 +0000 Subject: Mega-commit fixing several outstanding issues with the port. Fix inconsistent configure-time behaviour. Previously, the tcpdump port would look at the base system pcap, then attempt to link against the port. This caused spurious link failures, and should fix build on IA64. Add a new switch, WITH_LIBPCAP_PORT, to force the use of libpcap from ports. Rototile the build-time options for the port, and document them. Fix detection of the OpenSSL libraries; 0.9.7d and later renamed the des_cbc_encrypt function to DES_cbc_encrypt, so deal with this by rebuilding configure after patching configure.in. Incorporate fix for PR bin/76497 suggested by keramida@ (logic error in the PPP IPV6CP parser). Make some stylistic fixes while we're at it, and improve comments. Mark as unbroken on -CURRENT. Bump PORTREVISION. PR: bin/76497 (possibly others) --- net/tcpdump/Makefile | 75 +++++-- net/tcpdump/files/extra-patch-openssl-configure.in | 11 + net/tcpdump/files/patch-print-ppp.c | 227 +++++++++++++++++++++ 3 files changed, 297 insertions(+), 16 deletions(-) create mode 100644 net/tcpdump/files/extra-patch-openssl-configure.in create mode 100644 net/tcpdump/files/patch-print-ppp.c diff --git a/net/tcpdump/Makefile b/net/tcpdump/Makefile index 50ea431ff282..7ad49553527e 100644 --- a/net/tcpdump/Makefile +++ b/net/tcpdump/Makefile @@ -7,7 +7,7 @@ PORTNAME= tcpdump PORTVERSION= 3.8.3 -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= net MASTER_SITES= http://www.tcpdump.org/release/ DISTNAME= ${PORTNAME}-${PORTVERSION} @@ -15,17 +15,18 @@ DISTNAME= ${PORTNAME}-${PORTVERSION} MAINTAINER= bms@FreeBSD.org COMMENT= Ubiquitous network traffic analysis tool -.if defined(TCPDUMP_OVERWRITE_BASE) +# TODO: Add strict sanity check that we're compiling against a +# version of libpcap with which this tcpdump release is compatible. +# +.if defined(TCPDUMP_OVERWRITE_BASE) || defined(WITH_LIBPCAP_PORT) LIB_DEPENDS= pcap.2:${PORTSDIR}/net/libpcap -.else -BUILD_DEPENDS= ${LOCALBASE}/lib/libpcap.a:${PORTSDIR}/net/libpcap .endif WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} MAN1= tcpdump.1 -GNU_CONFIGURE= yes +GNU_CONFIGURE= yes .if defined(TCPDUMP_OVERWRITE_BASE) PREFIX= /usr @@ -40,12 +41,39 @@ PLIST_SUB+= BASE="@comment " PLIST_SUB+= NOTBASE="" .endif -.if !defined(WITHOUT_IPV6) -CONFIGURE_ARGS+= --enable-ipv6 -.endif - +# Compilation Options +# +# Special options: +# TCPDUMP_OVERWRITE_BASE Overwrite the base system's tcpdump binary. +# Implies the use of the libpcap port. +# +# User-definable switches: +# WITHOUT_CRYPTO Build without IPSEC or TCPMD5 decryption. +# WITHOUT_IPV6 Build without IPV6 support. +# WITH_LIBPCAP_PORT Use libpcap from ports instead of the base system. +# WITH_RADIOTAP Build with support for BSD 802.11 Radiotap headers. +# WITH_TCPMD5 Build with support for TCP-MD5 digest verification. +# +# Defaults: WITHOUT_LIBPCAP_PORT WITHOUT_RADIOTAP WITHOUT_TCPMD5 +# WITH_CRYPTO WITH_IPV6 + +# The --without-crypto flag needs to be explicitly specified. The +# configure script gets confused if you specify --with-crypto and +# thinks this means you *don't* want crypto. +# If crypto is requested, then apply a patch to fix the detection +# of OpenSSL versions > 0.9.7d. We assume the installed version is +# at least this recent; this may fail on older systems. +# .if defined(WITHOUT_CRYPTO) CONFIGURE_ARGS+= --without-crypto +.else +USE_OPENSSL= defined +USE_AUTOCONF_VER?= 253 +EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-openssl-configure.in +.endif + +.if !defined(WITHOUT_IPV6) +CONFIGURE_ARGS+= --enable-ipv6 .endif .if defined(WITH_RADIOTAP) @@ -55,13 +83,28 @@ EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-extract.h \ .endif .if defined(WITH_TCPMD5) +.if defined(WITHOUT_CRYPTO) +BROKEN= "The use of WITH_TCPMD5 requires crypto support." +.else EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-tcpmd5-print-tcp.c \ ${PATCHDIR}/extra-patch-tcpmd5-tcp.h .endif +.endif + +# When compiling against the port, it's necessary to force the +# port to look for libpcap in ${LOCALPCAPBASE} first, for both +# the configure and build steps. +# +.if defined(TCPDUMP_OVERWRITE_BASE) || defined(WITH_LIBPCAP_PORT) +LOCALPCAPBASE= ${LOCALBASE} +CONFIGURE_ENV+= CFLAGS="-L${LOCALPCAPBASE}/lib" +.else +LOCALPCAPBASE= /usr +.endif -LOCALPCAPDIR= ${WRKDIR}/libpcap-0.8.1 -LOCALPCAPFILES= include/pcap.h include/pcap-namedb.h include/pcap-bpf.h \ +LOCALPCAPFILES= include/pcap.h include/pcap-namedb.h include/pcap-bpf.h \ lib/libpcap.a +WRKPCAPDIR= ${WRKDIR}/libpcap-0.8.3 .include @@ -69,16 +112,16 @@ LOCALPCAPFILES= include/pcap.h include/pcap-namedb.h include/pcap-bpf.h \ BROKEN= "Build fails on FreeBSD >= 6.x" .endif -# # When building tcpdump against a particular pcap version, it expects to # find a built, untarred source tree in the parent of the work tree. -# Build a symlink farm to produce the files it wants without requiring -# pcap to be untarred. +# Build a symlink farm which points to the installed versions of the +# required files, in order to produce the files it wants without +# requiring that the libpcap distfile be untarred. # pre-configure: - ${MKDIR} ${LOCALPCAPDIR} + ${MKDIR} ${WRKPCAPDIR} .for i in ${LOCALPCAPFILES} - ${LN} -s ${LOCALBASE}/$i ${LOCALPCAPDIR} + ${LN} -s ${LOCALPCAPBASE}/$i ${WRKPCAPDIR} .endfor .if defined(TCPDUMP_OVERWRITE_BASE) diff --git a/net/tcpdump/files/extra-patch-openssl-configure.in b/net/tcpdump/files/extra-patch-openssl-configure.in new file mode 100644 index 000000000000..a3e078a36173 --- /dev/null +++ b/net/tcpdump/files/extra-patch-openssl-configure.in @@ -0,0 +1,11 @@ +--- configure.in.orig Sat Jan 22 23:59:33 2005 ++++ configure.in Sun Jan 23 00:00:19 2005 +@@ -732,7 +732,7 @@ + if test -f $ac_cv_ssleay_path/lib/librsaref.a; then + LIBS="$LIBS -lrsaref" + fi +- AC_CHECK_LIB(crypto, des_cbc_encrypt) ++ AC_CHECK_LIB(crypto, DES_cbc_encrypt) + + CPPFLAGS="$CPPFLAGS $V_INCLS" + AC_CHECK_HEADERS(openssl/evp.h) diff --git a/net/tcpdump/files/patch-print-ppp.c b/net/tcpdump/files/patch-print-ppp.c new file mode 100644 index 000000000000..f8161fdd822a --- /dev/null +++ b/net/tcpdump/files/patch-print-ppp.c @@ -0,0 +1,227 @@ +--- print-ppp.c.orig Wed Mar 24 03:32:43 2004 ++++ print-ppp.c Sun Jan 23 00:26:26 2005 +@@ -89,6 +89,7 @@ + { PPP_IPXCP, "IPXCP" }, + { PPP_STIICP, "STIICP" }, + { PPP_VINESCP, "VINESCP" }, ++ { PPP_IPV6CP, "IP6CP" }, + { PPP_MPLSCP, "MPLSCP" }, + + { PPP_LCP, "LCP" }, +@@ -211,7 +212,6 @@ + "PPP-Muxing", /* (30) */ + }; + +-/* IPV6CP - to be supported */ + /* ECP - to be supported */ + + /* CCP Config Options */ +@@ -275,17 +275,36 @@ + /* SDCP - to be supported */ + + /* IPCP Config Options */ +- + #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */ + #define IPCPOPT_IPCOMP 2 /* RFC1332 */ + #define IPCPOPT_ADDR 3 /* RFC1332 */ + #define IPCPOPT_MOBILE4 4 /* RFC2290 */ +- + #define IPCPOPT_PRIDNS 129 /* RFC1877 */ + #define IPCPOPT_PRINBNS 130 /* RFC1877 */ + #define IPCPOPT_SECDNS 131 /* RFC1877 */ + #define IPCPOPT_SECNBNS 132 /* RFC1877 */ + ++struct tok ipcpopt_values[] = { ++ { IPCPOPT_2ADDR, "IP-Addrs" }, ++ { IPCPOPT_IPCOMP, "IP-Comp" }, ++ { IPCPOPT_ADDR, "IP-Addr" }, ++ { IPCPOPT_MOBILE4, "Home-Addr" }, ++ { IPCPOPT_PRIDNS, "Pri-DNS" }, ++ { IPCPOPT_PRINBNS, "Pri-NBNS" }, ++ { IPCPOPT_SECDNS, "Sec-DNS" }, ++ { IPCPOPT_SECNBNS, "Sec-NBNS" }, ++ { 0, NULL } ++}; ++ ++ ++/* IP6CP Config Options */ ++#define IP6CP_IFID 1 ++ ++struct tok ip6cpopt_values[] = { ++ { IP6CP_IFID, "Interface-ID" }, ++ { 0, NULL } ++}; ++ + /* ATCP - to be supported */ + /* OSINLCP - to be supported */ + /* BVCP - to be supported */ +@@ -366,6 +385,7 @@ + static void handle_bap (const u_char *p, int length); + static int print_lcp_config_options (const u_char *p, int); + static int print_ipcp_config_options (const u_char *p, int); ++static int print_ip6cp_config_options (const u_char *p, int); + static int print_ccp_config_options (const u_char *p, int); + static int print_bacp_config_options (const u_char *p, int); + static void handle_ppp (u_int proto, const u_char *p, int length); +@@ -382,7 +402,7 @@ + + tptr=pptr; + +- typestr = tok2str(ppptype2str, "unknown", proto); ++ typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto); + printf("%s, ",typestr); + + if (length < 4) /* FIXME weak boundary checking */ +@@ -401,7 +421,7 @@ + tptr += 2; + + if (length <= 4) +- return; /* there may be a NULL confreq etc. */ ++ goto print_len_and_return; /* there may be a NULL confreq etc. */ + + switch (code) { + case CPCODES_VEXT: +@@ -427,6 +447,9 @@ + case PPP_IPCP: + pfunc = print_ipcp_config_options; + break; ++ case PPP_IPV6CP: ++ pfunc = print_ip6cp_config_options; ++ break; + case PPP_CCP: + pfunc = print_ccp_config_options; + break; +@@ -492,6 +515,8 @@ + print_unknown_data(pptr-2,"\n\t",length+2); + break; + } ++ ++ print_len_and_return: + printf(", length %u", length); + + if (vflag >1) +@@ -902,61 +927,41 @@ + opt = p[0]; + if (length < len) + return 0; ++ ++ printf(", %s (0x%02x) ", ++ tok2str(ipcpopt_values,"unknown",opt), ++ opt); ++ + switch (opt) { + case IPCPOPT_2ADDR: /* deprecated */ + if (len != 10) + goto invlen; + TCHECK2(*(p + 6), 4); +- printf(", IP-Addrs src %s, dst %s", ++ printf("src %s, dst %s", + ipaddr_string(p + 2), + ipaddr_string(p + 6)); + break; + case IPCPOPT_IPCOMP: + if (len < 4) + goto invlen; +- printf(", IP-Comp"); + TCHECK2(*(p + 2), 2); + if (EXTRACT_16BITS(p + 2) == PPP_VJC) { +- printf(" VJ-Comp"); ++ printf("VJ-Comp"); + /* XXX: VJ-Comp parameters should be decoded */ + } else +- printf(" unknown-comp-proto=%04x", EXTRACT_16BITS(p + 2)); +- break; +- case IPCPOPT_ADDR: +- if (len != 6) +- goto invlen; +- TCHECK2(*(p + 2), 4); +- printf(", IP-Addr %s", ipaddr_string(p + 2)); ++ printf("unknown-comp-proto %04x", EXTRACT_16BITS(p + 2)); + break; ++ ++ case IPCPOPT_ADDR: /* those options share the same format - fall through */ + case IPCPOPT_MOBILE4: +- if (len != 6) +- goto invlen; +- TCHECK2(*(p + 2), 4); +- printf(", Home-Addr %s", ipaddr_string(p + 2)); +- break; + case IPCPOPT_PRIDNS: +- if (len != 6) +- goto invlen; +- TCHECK2(*(p + 2), 4); +- printf(", Pri-DNS %s", ipaddr_string(p + 2)); +- break; + case IPCPOPT_PRINBNS: +- if (len != 6) +- goto invlen; +- TCHECK2(*(p + 2), 4); +- printf(", Pri-NBNS %s", ipaddr_string(p + 2)); +- break; + case IPCPOPT_SECDNS: +- if (len != 6) +- goto invlen; +- TCHECK2(*(p + 2), 4); +- printf(", Sec-DNS %s", ipaddr_string(p + 2)); +- break; + case IPCPOPT_SECNBNS: + if (len != 6) + goto invlen; + TCHECK2(*(p + 2), 4); +- printf(", Sec-NBNS %s", ipaddr_string(p + 2)); ++ printf("%s", ipaddr_string(p + 2)); + break; + default: + printf(", unknown-%d", opt); +@@ -972,6 +977,51 @@ + printf("[|ipcp]"); + return 0; + } ++ ++/* IP6CP config options */ ++static int ++print_ip6cp_config_options(const u_char *p, int length) ++{ ++ int len, opt; ++ ++ if (length < 2) ++ return 0; ++ TCHECK2(*p, 2); ++ len = p[1]; ++ opt = p[0]; ++ if (length < len) ++ return 0; ++ ++ printf(", %s (0x%02x) ", ++ tok2str(ip6cpopt_values,"unknown",opt), ++ opt); ++ ++ switch (opt) { ++ case IP6CP_IFID: ++ if (len != 10) ++ goto invlen; ++ TCHECK2(*(p + 2), 8); ++ printf("%04x:%04x:%04x:%04x", ++ EXTRACT_16BITS(p + 2), ++ EXTRACT_16BITS(p + 4), ++ EXTRACT_16BITS(p + 6), ++ EXTRACT_16BITS(p + 8)); ++ break; ++ default: ++ printf(", unknown-%d", opt); ++ break; ++ } ++ return len; ++ ++invlen: ++ printf(", invalid-length-%d", opt); ++ return 0; ++ ++trunc: ++ printf("[|ip6cp]"); ++ return 0; ++} ++ + + /* CCP config options */ + static int -- cgit