Package init

0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch

@@ -1,26 +0,0 @@
-From f19e0376b8e98b38240d28eb9e6f78c465bb1c6e Mon Sep 17 00:00:00 2001
-From: rpm-build <rpm-build>
-Date: Mon, 20 Oct 2014 13:34:24 +0200
-Subject: [PATCH 1/8] icmp6: print Reachable Time and Retransmit Time from
- ICMPv6 as milliseconds
-
----
- print-icmp6.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/print-icmp6.c b/print-icmp6.c
-index 7fe639d..cfaa2df 100644
---- a/print-icmp6.c
-+++ b/print-icmp6.c
-@@ -1034,7 +1034,7 @@ icmp6_print(netdissect_options *ndo,
- 			p = (const struct nd_router_advert *)dp;
- 			ND_TCHECK(p->nd_ra_retransmit);
- 			ND_PRINT((ndo,"\n\thop limit %u, Flags [%s]" \
--                                  ", pref %s, router lifetime %us, reachable time %us, retrans time %us",
-+                                  ", pref %s, router lifetime %us, reachable time %ums, retrans time %ums",
-                                   (u_int)p->nd_ra_curhoplimit,
-                                   bittok2str(icmp6_opt_ra_flag_values,"none",(p->nd_ra_flags_reserved)),
-                                   get_rtpref(p->nd_ra_flags_reserved),
--- 
-2.9.3
-

0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch

@@ -1,36 +0,0 @@
-From d5508c13119404102104a3935e7445c9fddf79b5 Mon Sep 17 00:00:00 2001
-From: rpm-build <rpm-build>
-Date: Fri, 3 Feb 2017 09:43:03 +0100
-Subject: [PATCH 8/8] Don't print out we dropped root, we are always dropping
- it
-
----
- tcpdump.c | 5 -----
- 1 file changed, 5 deletions(-)
-
-diff --git a/tcpdump.c b/tcpdump.c
-index 29f7f87..18c4a5c 100644
---- a/tcpdump.c
-+++ b/tcpdump.c
-@@ -618,8 +618,6 @@ droproot(const char *username, const char *chroot_dir)
- 			int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG);
- 			if (ret < 0) {
- 				fprintf(stderr, "error : ret %d\n", ret);
--			} else {
--				fprintf(stderr, "dropped privs to %s\n", username);
- 			}
- 		}
- #else
-@@ -632,9 +630,6 @@ droproot(const char *username, const char *chroot_dir)
- 				pcap_strerror(errno));
- 			exit_tcpdump(1);
- 		}
--		else {
--			fprintf(stderr, "dropped privs to %s\n", username);
--		}
- #endif /* HAVE_LIBCAP_NG */
- 	}
- 	else {
--- 
-2.9.3
-

0009-Change-n-flag-to-nn-in-TESTonce.patch

@@ -10,18 +10,15 @@ flag than upstream does. We use -nn in those cases.
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/tests/TESTonce b/tests/TESTonce
-index 7026624..e348701 100755
+index 425abaa..81283d9 100755
 --- a/tests/TESTonce
 +++ b/tests/TESTonce
-@@ -21,7 +21,7 @@ if ($^O eq 'MSWin32') {
+@@ -43,7 +43,7 @@ if ($^O eq 'MSWin32') {
  else {
      # we used to do this as a nice pipeline, but the problem is that $r fails to
      # to be set properly if the tcpdump core dumps.
--    $r = system "../tcpdump 2>/dev/null -n -t -r $input $options >NEW/$output";
+-    $cmd = "$TCPDUMP 2>${rawstderrlog} -t -n -r $input $options >tests/NEW/${outputbase}";
-+    $r = system "../tcpdump 2>/dev/null -nn -t -r $input $options >NEW/$output";
++    $cmd = "$TCPDUMP 2>${rawstderrlog} -t -nn -r $input $options >tests/NEW/${outputbase}";
-     if($r != 0) {
+     print "CMD: $cmd\n" if $debug;
-         # this means tcpdump failed.
+     $r = system $cmd;
-         open(OUTPUT, ">>"."NEW/$output") || die "fail to open $output\n";
+     if($r == -1) {
--- 
-2.13.5
-

0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch

@@ -1,45 +0,0 @@
-From 0ae4aa1881bbe40443bff802b5e4aa6ca0696dd9 Mon Sep 17 00:00:00 2001
-From: rpm-build <rpm-build>
-Date: Tue, 11 Apr 2017 09:37:53 +0200
-Subject: [PATCH 10/13] Expect miliseconds instead of seconds in icmp capture.
-
-Again this is caused by our patch, so we need to modify tests
-accordingly.
----
- tests/icmpv6.out         | 2 +-
- tests/icmpv6_opt24-v.out | 4 ++--
- 2 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/tests/icmpv6.out b/tests/icmpv6.out
-index bb7775e..8979540 100644
---- a/tests/icmpv6.out
-+++ b/tests/icmpv6.out
-@@ -1,5 +1,5 @@
- IP6 (hlim 255, next-header ICMPv6 (58) payload length: 176) fe80::b299:28ff:fec8:d66c > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 176
--	hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0s, retrans time 0s
-+	hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0ms, retrans time 0ms
- 	  prefix info option (3), length 32 (4): 2222:3333:4444:5555:6600::/72, Flags [onlink, auto], valid time 2592000s, pref. time 604800s
- 	    0x0000:  48c0 0027 8d00 0009 3a80 0000 0000 2222
- 	    0x0010:  3333 4444 5555 6600 0000 0000 0000
-diff --git a/tests/icmpv6_opt24-v.out b/tests/icmpv6_opt24-v.out
-index 2b7cf09..00512df 100644
---- a/tests/icmpv6_opt24-v.out
-+++ b/tests/icmpv6_opt24-v.out
-@@ -1,5 +1,5 @@
- IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120
--	hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s
-+	hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms
- 	  source link-address option (1), length 8 (1): 14:cf:92:87:23:d6
- 	  mtu option (5), length 8 (1):  1500
- 	  prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s
-@@ -7,7 +7,7 @@ IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87
- 	  rdnss option (25), length 24 (3):  lifetime 1800s, addr: fd8d:4fb3:5b2e::1
- 	  dnssl option (31), length 16 (2):  lifetime 1800s, domain(s): lan.
- IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120
--	hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s
-+	hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms
- 	  source link-address option (1), length 8 (1): 14:cf:92:87:23:d6
- 	  mtu option (5), length 8 (1):  1500
- 	  prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s
--- 
-2.13.5

0011-Evp-cipher-buffers.patch

@@ -1,133 +1,29 @@
 diff --git a/print-esp.c b/print-esp.c
-index 511ee8a3..5b282526 100644
+index 6fabff1..5818cc8 100644
 --- a/print-esp.c
 +++ b/print-esp.c
-@@ -192,8 +192,8 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
+@@ -242,6 +242,7 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
- 	const u_char *iv;
+ 	if (input_buffer == NULL) {
- 	unsigned int len;
- 	EVP_CIPHER_CTX *ctx;
--	unsigned int block_size, output_buffer_size;
--	u_char *output_buffer;
-+	unsigned int block_size, buffer_size;
-+	u_char *input_buffer, *output_buffer;
- 
- 	/* initiator arg is any non-zero value */
- 	if(initiator) initiator=1;
-@@ -228,19 +228,41 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
- 		(*ndo->ndo_warning)(ndo, "espkey init failed");
- 	set_cipher_parameters(ctx, NULL, NULL, iv, 0);
- 	/*
--	 * Allocate a buffer for the decrypted data.
--	 * The output buffer must be separate from the input buffer, and
--	 * its size must be a multiple of the cipher block size.
-+	 * Allocate buffers for the encrypted and decrypted data.
-+	 * Both buffers' sizes must be a multiple of the cipher block
-+	 * size, and the output buffer must be separate from the input
-+	 * buffer.
- 	 */
- 	block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx);
--	output_buffer_size = len + (block_size - len % block_size);
--	output_buffer = (u_char *)malloc(output_buffer_size);
-+	buffer_size = len + (block_size - len % block_size);
-+
-+	/*
-+	 * Attempt to allocate the input buffer.
-+	 */
-+	input_buffer = (u_char *)malloc(buffer_size);
-+	if (input_buffer == NULL) {
-+		(*ndo->ndo_warning)(ndo, "can't allocate memory for encrypted data buffer");
-+		EVP_CIPHER_CTX_free(ctx);
-+		return 0;
-+	}
-+	/*
-+	 * Copy the input data to the encrypted data buffer, and pad it
-+	 * with zeroes.
-+	 */
-+	memcpy(input_buffer, buf, len);
-+	memset(input_buffer + len, 0, buffer_size - len);
-+
-+	/*
-+	 * Attempt to allocate the output buffer.
-+	 */
-+	output_buffer = (u_char *)malloc(buffer_size);
- 	if (output_buffer == NULL) {
- 		(*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer");
-+		free(input_buffer);
  		EVP_CIPHER_CTX_free(ctx);
- 		return 0;
+ 		(*ndo->ndo_error)(ndo, "can't allocate memory for encrypted data buffer");
++		return 0;
  	}
--	EVP_Cipher(ctx, output_buffer, buf, len);
+ 	/*
+ 	 * Copy the input data to the encrypted data buffer, and pad it
+@@ -259,7 +260,7 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
+ 		EVP_CIPHER_CTX_free(ctx);
+ 		(*ndo->ndo_error)(ndo, "can't allocate memory for decryption buffer");
+ 	}
+-	EVP_Cipher(ctx, output_buffer, input_buffer, len);
 +	EVP_Cipher(ctx, output_buffer, input_buffer, buffer_size);
  	EVP_CIPHER_CTX_free(ctx);
  
  	/*
-@@ -249,6 +272,7 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
+@@ -815,6 +816,7 @@ esp_print(netdissect_options *ndo,
- 	 * but changing this would require a more complicated fix.
+ 			if (input_buffer == NULL) {
- 	 */
+ 				EVP_CIPHER_CTX_free(ctx);
- 	memcpy(buf, output_buffer, len);
+ 				(*ndo->ndo_error)(ndo, "can't allocate memory for encrypted data buffer");
-+	free(input_buffer);
- 	free(output_buffer);
- 
- 	ndo->ndo_packetp = buf;
-@@ -666,8 +690,8 @@ esp_print(netdissect_options *ndo,
- 	const u_char *ivoff;
- 	const u_char *p;
- 	EVP_CIPHER_CTX *ctx;
--	unsigned int block_size, output_buffer_size;
--	u_char *output_buffer;
-+	unsigned int block_size, buffer_size;
-+	u_char *input_buffer, *output_buffer;
- #endif
- 
- 	esp = (const struct newesp *)bp;
-@@ -784,21 +808,43 @@ esp_print(netdissect_options *ndo,
- 			len = ep - (p + ivlen);
- 
- 			/*
--			 * Allocate a buffer for the decrypted data.
--			 * The output buffer must be separate from the
--			 * input buffer, and its size must be a multiple
--			 * of the cipher block size.
-+			 * Allocate buffers for the encrypted and decrypted
-+			 * data.  Both buffers' sizes must be a multiple of
-+			 * the cipher block size, and the output buffer must
-+			 * be separate from the input buffer.
- 			 */
- 			block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx);
--			output_buffer_size = len + (block_size - len % block_size);
--			output_buffer = (u_char *)malloc(output_buffer_size);
-+			buffer_size = len + (block_size - len % block_size);
-+
-+			/*
-+			 * Attempt to allocate the input buffer.
-+			 */
-+			input_buffer = (u_char *)malloc(buffer_size);
-+			if (input_buffer == NULL) {
-+				(*ndo->ndo_warning)(ndo, "can't allocate memory for encrypted data buffer");
-+				EVP_CIPHER_CTX_free(ctx);
 +				return 0;
-+			}
-+			/*
-+			 * Copy the input data to the encrypted data buffer,
-+			 * and pad it with zeroes.
-+			 */
-+			memcpy(input_buffer, p + ivlen, len);
-+			memset(input_buffer + len, 0, buffer_size - len);
-+
-+			/*
-+			 * Attempt to allocate the output buffer.
-+			 */
-+			output_buffer = (u_char *)malloc(buffer_size);
- 			if (output_buffer == NULL) {
- 				(*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer");
-+				free(input_buffer);
- 				EVP_CIPHER_CTX_free(ctx);
- 				return -1;
  			}
- 
--			EVP_Cipher(ctx, output_buffer, p + ivlen, len);
-+			EVP_Cipher(ctx, output_buffer, input_buffer, len);
-+			free(input_buffer);
- 			EVP_CIPHER_CTX_free(ctx);
  			/*
- 			 * XXX - of course this is wrong, because buf is a
+ 			 * Copy the input data to the encrypted data buffer,

tcpdump.spec

@@ -1,33 +1,37 @@
 Name:           tcpdump
 Epoch:          14
-Version:          4.9.2
+Version:        4.9.3
-Release:          7
+Release:        2 
-Summary:          A powerful command-line packet analyzer and library for network traffic capture.
+Summary:        A network traffic monitoring tool
 License:        BSD with advertising
 URL:            http://www.tcpdump.org
-Source0:          http://www.tcpdump.org/release/%{name}-%{version}.tar.gz
-Source1:          ftp://ftp.ee.lbl.gov/tcpslice-1.2a3.tar.gz
 
-Patch0001:       0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch
+Source0:        http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz
+Source1:        ftp://ftp.ee.lbl.gov/tcpslice-1.2a3.tar.gz
+Source2:        http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz.sig
+
 Patch0002:      0002-Use-getnameinfo-instead-of-gethostbyaddr.patch
 Patch0003:      0003-Drop-root-priviledges-before-opening-first-savefile-.patch
 Patch0004:      0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch
 Patch0005:      0005-tcpslice-remove-unneeded-include.patch
 Patch0006:      0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch
 Patch0007:      0007-Introduce-nn-option.patch
-Patch0008:       0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch
 Patch0009:      0009-Change-n-flag-to-nn-in-TESTonce.patch
-Patch0010:       0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch
 Patch0011:      0011-Evp-cipher-buffers.patch
 Patch0012:      0012-Add-printing-support-for-vsockmon-devices.patch
 
-BuildRequires:   automake openssl-devel libpcap-devel git-core
+Requires(pre):  shadow-utils
-Requires:        shadow-utils
+BuildRequires:  automake openssl-devel libpcap-devel git-core gcc
+
+%define tcpslice_dir tcpslice-1.2a3
 
 %description
-Tcpdump is a common packet analyzer that runs under the command line.
+Tcpdump is a command-line tool for monitoring network traffic.
-It allows the user to captureand display TCP/IP and other packets being
+Tcpdump can capture and display the packet headers on a particular
-transmitted or received over a network to which the computer is attached.
+network interface or on all interfaces.  Tcpdump can display all of
+the packet headers, or just the ones that match particular criteria.
+
+Install tcpdump if you need a program to monitor network traffic.
 
 %package help
 Summary:        Help documents for tcpdump
@@ -36,48 +40,54 @@ Summary:         Help documents for tcpdump
 Man pages and other related help documents for tcpdump.
 
 %prep
-%autosetup -n %{name}-%{version} -a 1 -S git
+%autosetup -a 1 -S git
 
 %build
-export CFLAGS="%{optflags} $(getconf LFS_CFLAGS) -fno-strict-aliasing"
+export CFLAGS="$RPM_OPT_FLAGS $(getconf LFS_CFLAGS) -fno-strict-aliasing"
-pushd tcpslice-1.2a3
+
+pushd %{tcpslice_dir}
+# update config.{guess,sub}
 automake -a -f 2> /dev/null || :
 %configure
-%make_build
+make %{?_smp_mflags}
 popd
 
 %configure --with-crypto --with-user=tcpdump --without-smi
-%make_build
+make %{?_smp_mflags}
 
 %install
-install -d %{buildroot}%{_libdir} %{buildroot}%{_sbindir} %{buildroot}%{_mandir}/man8
+mkdir -p ${RPM_BUILD_ROOT}%{_libdir}
+mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man8
+mkdir -p ${RPM_BUILD_ROOT}%{_sbindir}
 
-pushd tcpslice-1.2a3
+pushd %{tcpslice_dir}
-install -m755 tcpslice %{buildroot}%{_sbindir}
+install -m755 tcpslice ${RPM_BUILD_ROOT}%{_sbindir}
-install -m644 tcpslice.1 %{buildroot}%{_mandir}/man8/tcpslice.8
+install -m644 tcpslice.1 ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpslice.8
 popd
 
-install -m755 tcpdump %{buildroot}%{_sbindir}
+install -m755 tcpdump ${RPM_BUILD_ROOT}%{_sbindir}
-install -m644 tcpdump.1 %{buildroot}%{_mandir}/man8/tcpdump.8
+install -m644 tcpdump.1 ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdump.8
 
-sed -i 's/\(\.TH[a-zA-Z ]*\)[1-9]\(.*\)/\18\2/' %{buildroot}%{_mandir}/man8/*
+# fix section numbers
-
+sed -i 's/\(\.TH[a-zA-Z ]*\)[1-9]\(.*\)/\18\2/' \
-%check
+	${RPM_BUILD_ROOT}%{_mandir}/man8/*
-make check
 
 %pre
 /usr/sbin/groupadd -g 72 tcpdump 2> /dev/null
-/usr/sbin/useradd -u 72 -g 72 -s /sbin/nologin -M -r -d / tcpdump 2> /dev/null
+/usr/sbin/useradd -u 72 -g 72 -s /sbin/nologin -M -r \
+	-d / tcpdump 2> /dev/null
 exit 0
 
 %files
+%doc README.md CHANGES CREDITS
 %license LICENSE
-%{_sbindir}/tcp*
+%{_sbindir}/tcpdump
+%{_sbindir}/tcpslice
 
 %files help
-%doc README.md CHANGES CREDITS
+%{_mandir}/man8/tcpslice.8*
-%{_mandir}/man8/tcp*.8*
+%{_mandir}/man8/tcpdump.8*
 
 %changelog
-* Fri Sep 20 2019 chenzhenyu <chenzhenyu13@huawei.com> - 14:4.9.2-7
+* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 4.9.3-2
 - Package init