summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--net/tcpdump/Makefile75
-rw-r--r--net/tcpdump/files/extra-patch-openssl-configure.in11
-rw-r--r--net/tcpdump/files/patch-print-ppp.c227
3 files changed, 297 insertions, 16 deletions
diff --git a/net/tcpdump/Makefile b/net/tcpdump/Makefile
index 50ea431..7ad4955 100644
--- a/net/tcpdump/Makefile
+++ b/net/tcpdump/Makefile
@@ -7,7 +7,7 @@
PORTNAME= tcpdump
PORTVERSION= 3.8.3
-PORTREVISION= 0
+PORTREVISION= 1
CATEGORIES= net
MASTER_SITES= http://www.tcpdump.org/release/
DISTNAME= ${PORTNAME}-${PORTVERSION}
@@ -15,17 +15,18 @@ DISTNAME= ${PORTNAME}-${PORTVERSION}
MAINTAINER= bms@FreeBSD.org
COMMENT= Ubiquitous network traffic analysis tool
-.if defined(TCPDUMP_OVERWRITE_BASE)
+# TODO: Add strict sanity check that we're compiling against a
+# version of libpcap with which this tcpdump release is compatible.
+#
+.if defined(TCPDUMP_OVERWRITE_BASE) || defined(WITH_LIBPCAP_PORT)
LIB_DEPENDS= pcap.2:${PORTSDIR}/net/libpcap
-.else
-BUILD_DEPENDS= ${LOCALBASE}/lib/libpcap.a:${PORTSDIR}/net/libpcap
.endif
WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}
MAN1= tcpdump.1
-GNU_CONFIGURE= yes
+GNU_CONFIGURE= yes
.if defined(TCPDUMP_OVERWRITE_BASE)
PREFIX= /usr
@@ -40,12 +41,39 @@ PLIST_SUB+= BASE="@comment "
PLIST_SUB+= NOTBASE=""
.endif
-.if !defined(WITHOUT_IPV6)
-CONFIGURE_ARGS+= --enable-ipv6
-.endif
-
+# Compilation Options
+#
+# Special options:
+# TCPDUMP_OVERWRITE_BASE Overwrite the base system's tcpdump binary.
+# Implies the use of the libpcap port.
+#
+# User-definable switches:
+# WITHOUT_CRYPTO Build without IPSEC or TCPMD5 decryption.
+# WITHOUT_IPV6 Build without IPV6 support.
+# WITH_LIBPCAP_PORT Use libpcap from ports instead of the base system.
+# WITH_RADIOTAP Build with support for BSD 802.11 Radiotap headers.
+# WITH_TCPMD5 Build with support for TCP-MD5 digest verification.
+#
+# Defaults: WITHOUT_LIBPCAP_PORT WITHOUT_RADIOTAP WITHOUT_TCPMD5
+# WITH_CRYPTO WITH_IPV6
+
+# The --without-crypto flag needs to be explicitly specified. The
+# configure script gets confused if you specify --with-crypto and
+# thinks this means you *don't* want crypto.
+# If crypto is requested, then apply a patch to fix the detection
+# of OpenSSL versions > 0.9.7d. We assume the installed version is
+# at least this recent; this may fail on older systems.
+#
.if defined(WITHOUT_CRYPTO)
CONFIGURE_ARGS+= --without-crypto
+.else
+USE_OPENSSL= defined
+USE_AUTOCONF_VER?= 253
+EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-openssl-configure.in
+.endif
+
+.if !defined(WITHOUT_IPV6)
+CONFIGURE_ARGS+= --enable-ipv6
.endif
.if defined(WITH_RADIOTAP)
@@ -55,13 +83,28 @@ EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-extract.h \
.endif
.if defined(WITH_TCPMD5)
+.if defined(WITHOUT_CRYPTO)
+BROKEN= "The use of WITH_TCPMD5 requires crypto support."
+.else
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-tcpmd5-print-tcp.c \
${PATCHDIR}/extra-patch-tcpmd5-tcp.h
.endif
+.endif
+
+# When compiling against the port, it's necessary to force the
+# port to look for libpcap in ${LOCALPCAPBASE} first, for both
+# the configure and build steps.
+#
+.if defined(TCPDUMP_OVERWRITE_BASE) || defined(WITH_LIBPCAP_PORT)
+LOCALPCAPBASE= ${LOCALBASE}
+CONFIGURE_ENV+= CFLAGS="-L${LOCALPCAPBASE}/lib"
+.else
+LOCALPCAPBASE= /usr
+.endif
-LOCALPCAPDIR= ${WRKDIR}/libpcap-0.8.1
-LOCALPCAPFILES= include/pcap.h include/pcap-namedb.h include/pcap-bpf.h \
+LOCALPCAPFILES= include/pcap.h include/pcap-namedb.h include/pcap-bpf.h \
lib/libpcap.a
+WRKPCAPDIR= ${WRKDIR}/libpcap-0.8.3
.include <bsd.port.pre.mk>
@@ -69,16 +112,16 @@ LOCALPCAPFILES= include/pcap.h include/pcap-namedb.h include/pcap-bpf.h \
BROKEN= "Build fails on FreeBSD >= 6.x"
.endif
-#
# When building tcpdump against a particular pcap version, it expects to
# find a built, untarred source tree in the parent of the work tree.
-# Build a symlink farm to produce the files it wants without requiring
-# pcap to be untarred.
+# Build a symlink farm which points to the installed versions of the
+# required files, in order to produce the files it wants without
+# requiring that the libpcap distfile be untarred.
#
pre-configure:
- ${MKDIR} ${LOCALPCAPDIR}
+ ${MKDIR} ${WRKPCAPDIR}
.for i in ${LOCALPCAPFILES}
- ${LN} -s ${LOCALBASE}/$i ${LOCALPCAPDIR}
+ ${LN} -s ${LOCALPCAPBASE}/$i ${WRKPCAPDIR}
.endfor
.if defined(TCPDUMP_OVERWRITE_BASE)
diff --git a/net/tcpdump/files/extra-patch-openssl-configure.in b/net/tcpdump/files/extra-patch-openssl-configure.in
new file mode 100644
index 0000000..a3e078a
--- /dev/null
+++ b/net/tcpdump/files/extra-patch-openssl-configure.in
@@ -0,0 +1,11 @@
+--- configure.in.orig Sat Jan 22 23:59:33 2005
++++ configure.in Sun Jan 23 00:00:19 2005
+@@ -732,7 +732,7 @@
+ if test -f $ac_cv_ssleay_path/lib/librsaref.a; then
+ LIBS="$LIBS -lrsaref"
+ fi
+- AC_CHECK_LIB(crypto, des_cbc_encrypt)
++ AC_CHECK_LIB(crypto, DES_cbc_encrypt)
+
+ CPPFLAGS="$CPPFLAGS $V_INCLS"
+ AC_CHECK_HEADERS(openssl/evp.h)
diff --git a/net/tcpdump/files/patch-print-ppp.c b/net/tcpdump/files/patch-print-ppp.c
new file mode 100644
index 0000000..f8161fd
--- /dev/null
+++ b/net/tcpdump/files/patch-print-ppp.c
@@ -0,0 +1,227 @@
+--- print-ppp.c.orig Wed Mar 24 03:32:43 2004
++++ print-ppp.c Sun Jan 23 00:26:26 2005
+@@ -89,6 +89,7 @@
+ { PPP_IPXCP, "IPXCP" },
+ { PPP_STIICP, "STIICP" },
+ { PPP_VINESCP, "VINESCP" },
++ { PPP_IPV6CP, "IP6CP" },
+ { PPP_MPLSCP, "MPLSCP" },
+
+ { PPP_LCP, "LCP" },
+@@ -211,7 +212,6 @@
+ "PPP-Muxing", /* (30) */
+ };
+
+-/* IPV6CP - to be supported */
+ /* ECP - to be supported */
+
+ /* CCP Config Options */
+@@ -275,17 +275,36 @@
+ /* SDCP - to be supported */
+
+ /* IPCP Config Options */
+-
+ #define IPCPOPT_2ADDR 1 /* RFC1172, RFC1332 (deprecated) */
+ #define IPCPOPT_IPCOMP 2 /* RFC1332 */
+ #define IPCPOPT_ADDR 3 /* RFC1332 */
+ #define IPCPOPT_MOBILE4 4 /* RFC2290 */
+-
+ #define IPCPOPT_PRIDNS 129 /* RFC1877 */
+ #define IPCPOPT_PRINBNS 130 /* RFC1877 */
+ #define IPCPOPT_SECDNS 131 /* RFC1877 */
+ #define IPCPOPT_SECNBNS 132 /* RFC1877 */
+
++struct tok ipcpopt_values[] = {
++ { IPCPOPT_2ADDR, "IP-Addrs" },
++ { IPCPOPT_IPCOMP, "IP-Comp" },
++ { IPCPOPT_ADDR, "IP-Addr" },
++ { IPCPOPT_MOBILE4, "Home-Addr" },
++ { IPCPOPT_PRIDNS, "Pri-DNS" },
++ { IPCPOPT_PRINBNS, "Pri-NBNS" },
++ { IPCPOPT_SECDNS, "Sec-DNS" },
++ { IPCPOPT_SECNBNS, "Sec-NBNS" },
++ { 0, NULL }
++};
++
++
++/* IP6CP Config Options */
++#define IP6CP_IFID 1
++
++struct tok ip6cpopt_values[] = {
++ { IP6CP_IFID, "Interface-ID" },
++ { 0, NULL }
++};
++
+ /* ATCP - to be supported */
+ /* OSINLCP - to be supported */
+ /* BVCP - to be supported */
+@@ -366,6 +385,7 @@
+ static void handle_bap (const u_char *p, int length);
+ static int print_lcp_config_options (const u_char *p, int);
+ static int print_ipcp_config_options (const u_char *p, int);
++static int print_ip6cp_config_options (const u_char *p, int);
+ static int print_ccp_config_options (const u_char *p, int);
+ static int print_bacp_config_options (const u_char *p, int);
+ static void handle_ppp (u_int proto, const u_char *p, int length);
+@@ -382,7 +402,7 @@
+
+ tptr=pptr;
+
+- typestr = tok2str(ppptype2str, "unknown", proto);
++ typestr = tok2str(ppptype2str, "unknown ctrl-proto (0x%04x)", proto);
+ printf("%s, ",typestr);
+
+ if (length < 4) /* FIXME weak boundary checking */
+@@ -401,7 +421,7 @@
+ tptr += 2;
+
+ if (length <= 4)
+- return; /* there may be a NULL confreq etc. */
++ goto print_len_and_return; /* there may be a NULL confreq etc. */
+
+ switch (code) {
+ case CPCODES_VEXT:
+@@ -427,6 +447,9 @@
+ case PPP_IPCP:
+ pfunc = print_ipcp_config_options;
+ break;
++ case PPP_IPV6CP:
++ pfunc = print_ip6cp_config_options;
++ break;
+ case PPP_CCP:
+ pfunc = print_ccp_config_options;
+ break;
+@@ -492,6 +515,8 @@
+ print_unknown_data(pptr-2,"\n\t",length+2);
+ break;
+ }
++
++ print_len_and_return:
+ printf(", length %u", length);
+
+ if (vflag >1)
+@@ -902,61 +927,41 @@
+ opt = p[0];
+ if (length < len)
+ return 0;
++
++ printf(", %s (0x%02x) ",
++ tok2str(ipcpopt_values,"unknown",opt),
++ opt);
++
+ switch (opt) {
+ case IPCPOPT_2ADDR: /* deprecated */
+ if (len != 10)
+ goto invlen;
+ TCHECK2(*(p + 6), 4);
+- printf(", IP-Addrs src %s, dst %s",
++ printf("src %s, dst %s",
+ ipaddr_string(p + 2),
+ ipaddr_string(p + 6));
+ break;
+ case IPCPOPT_IPCOMP:
+ if (len < 4)
+ goto invlen;
+- printf(", IP-Comp");
+ TCHECK2(*(p + 2), 2);
+ if (EXTRACT_16BITS(p + 2) == PPP_VJC) {
+- printf(" VJ-Comp");
++ printf("VJ-Comp");
+ /* XXX: VJ-Comp parameters should be decoded */
+ } else
+- printf(" unknown-comp-proto=%04x", EXTRACT_16BITS(p + 2));
+- break;
+- case IPCPOPT_ADDR:
+- if (len != 6)
+- goto invlen;
+- TCHECK2(*(p + 2), 4);
+- printf(", IP-Addr %s", ipaddr_string(p + 2));
++ printf("unknown-comp-proto %04x", EXTRACT_16BITS(p + 2));
+ break;
++
++ case IPCPOPT_ADDR: /* those options share the same format - fall through */
+ case IPCPOPT_MOBILE4:
+- if (len != 6)
+- goto invlen;
+- TCHECK2(*(p + 2), 4);
+- printf(", Home-Addr %s", ipaddr_string(p + 2));
+- break;
+ case IPCPOPT_PRIDNS:
+- if (len != 6)
+- goto invlen;
+- TCHECK2(*(p + 2), 4);
+- printf(", Pri-DNS %s", ipaddr_string(p + 2));
+- break;
+ case IPCPOPT_PRINBNS:
+- if (len != 6)
+- goto invlen;
+- TCHECK2(*(p + 2), 4);
+- printf(", Pri-NBNS %s", ipaddr_string(p + 2));
+- break;
+ case IPCPOPT_SECDNS:
+- if (len != 6)
+- goto invlen;
+- TCHECK2(*(p + 2), 4);
+- printf(", Sec-DNS %s", ipaddr_string(p + 2));
+- break;
+ case IPCPOPT_SECNBNS:
+ if (len != 6)
+ goto invlen;
+ TCHECK2(*(p + 2), 4);
+- printf(", Sec-NBNS %s", ipaddr_string(p + 2));
++ printf("%s", ipaddr_string(p + 2));
+ break;
+ default:
+ printf(", unknown-%d", opt);
+@@ -972,6 +977,51 @@
+ printf("[|ipcp]");
+ return 0;
+ }
++
++/* IP6CP config options */
++static int
++print_ip6cp_config_options(const u_char *p, int length)
++{
++ int len, opt;
++
++ if (length < 2)
++ return 0;
++ TCHECK2(*p, 2);
++ len = p[1];
++ opt = p[0];
++ if (length < len)
++ return 0;
++
++ printf(", %s (0x%02x) ",
++ tok2str(ip6cpopt_values,"unknown",opt),
++ opt);
++
++ switch (opt) {
++ case IP6CP_IFID:
++ if (len != 10)
++ goto invlen;
++ TCHECK2(*(p + 2), 8);
++ printf("%04x:%04x:%04x:%04x",
++ EXTRACT_16BITS(p + 2),
++ EXTRACT_16BITS(p + 4),
++ EXTRACT_16BITS(p + 6),
++ EXTRACT_16BITS(p + 8));
++ break;
++ default:
++ printf(", unknown-%d", opt);
++ break;
++ }
++ return len;
++
++invlen:
++ printf(", invalid-length-%d", opt);
++ return 0;
++
++trunc:
++ printf("[|ip6cp]");
++ return 0;
++}
++
+
+ /* CCP config options */
+ static int
OpenPOWER on IntegriCloud