diff --git a/net/hping3/Makefile b/net/hping3/Makefile new file mode 100644 index 000000000..cbafe7d4f --- /dev/null +++ b/net/hping3/Makefile @@ -0,0 +1,55 @@ +# +# Copyright (C) 2022 Alexander E. Patrakov +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# +# Special thanks to the Debian and Fedora projects for their hping3 +# packaging, elements of which (patches, list of dependencies, etc.) are +# reused here. + +include $(TOPDIR)/rules.mk + +PKG_NAME:=hping3 +PKG_SOURCE_DATE:=2014-12-26 +PKG_SOURCE_VERSION:=3547c7691742c6eaa31f8402e0ccbb81387c1b99 +PKG_RELEASE:=1 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/antirez/hping +PKG_MIRROR_HASH:=0d65eaa8e55ab10025fb2d615eb9567255288b3b9eb66465f54d0e1718bb80ad + +PKG_MAINTAINER:=Alexander E. Patrakov +PKG_LICENSE:=GPL-2.0-only + +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/hping3 + SECTION:=net + CATEGORY:=Network + TITLE:=Active Network Smashing Tool + URL:=https://github.com/antirez/hping + DEPENDS:= +libpcap +endef + +define Package/hping3/description + hping3 is a network tool able to send custom ICMP/UDP/TCP packets + and to display target replies like ping does with ICMP replies. It + handles fragmentation and arbitrary packet body and size, and can + be used to transfer files under supported protocols. Using hping3, + you can test firewall rules, perform (spoofed) port scanning, test + network performance using different protocols, do path MTU + discovery, perform traceroute-like actions under different + protocols, fingerprint remote operating systems, audit TCP/IP + stacks, etc. Tcl support is not included. +endef + +define Package/hping3/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/hping3 $(1)/usr/sbin/ +endef + +$(eval $(call BuildPackage,hping3)) diff --git a/net/hping3/patches/011_buildsystem.patch b/net/hping3/patches/011_buildsystem.patch new file mode 100644 index 000000000..1be5c3c9e --- /dev/null +++ b/net/hping3/patches/011_buildsystem.patch @@ -0,0 +1,96 @@ +--- a/Makefile.in ++++ b/Makefile.in +@@ -9,8 +9,8 @@ + CC= gcc + AR=/usr/bin/ar + RANLIB=/usr/bin/ranlib +-CCOPT= -O2 -Wall @PCAP_INCLUDE@ @TCL_INC@ @USE_TCL@ +-DEBUG= -g ++CCOPT= $(CFLAGS) @PCAP_INCLUDE@ @TCL_INC@ @USE_TCL@ ++DEBUG= + #uncomment the following if you need libpcap based build under linux + #(not raccomanded) + COMPILE_TIME= +@@ -50,17 +50,13 @@ libars.a: $(ARSOBJ) + $(RANLIB) $@ + + hping3: byteorder.h $(OBJ) +- $(CC) -o hping3 $(CCOPT) $(DEBUG) $(OBJ) -L/usr/local/lib $(PCAP) @SOLARISLIB@ @TCL_LIB@ ++ $(CC) -o hping3 $(CCOPT) $(DEBUG) $(OBJ) $(PCAP) @SOLARISLIB@ @TCL_LIB@ + @echo +- ./hping3 -v + @echo "use \`make strip' to strip hping3 binary" + @echo "use \`make install' to install hping3" + + hping3-static: byteorder.h $(OBJ) +- $(CC) -static -o hping3-static $(CCOPT) $(DEBUG) $(OBJ) -L/usr/local/lib $(PCAP) @SOLARISLIB@ @TCL_LIB@ -ldl +- +-byteorder.h: +- ./configure ++ $(CC) -static -o hping3-static $(CCOPT) $(DEBUG) $(OBJ) $(PCAP) @SOLARISLIB@ @TCL_LIB@ -ldl + + .c.o: + $(CC) -c $(CCOPT) $(DEBUG) $(COMPILE_TIME) $< +@@ -72,6 +68,8 @@ distclean: + rm -rf hping3 *.o byteorder byteorder.h systype.h Makefile libars.a .depend + + install: hping3 ++ ++dont-install: + cp -f hping3 /usr/sbin/ + chmod 755 /usr/sbin/hping3 + ln -s /usr/sbin/hping3 /usr/sbin/hping +--- /dev/null ++++ b/byteorder.h +@@ -0,0 +1,15 @@ ++ ++#ifndef __BYTEORDER_H ++#define __BYTEORDER_H ++ ++#if defined(__BYTE_ORDER__) ++ #if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ ++ #define __BIG_ENDIAN_BITFIELD ++ #else ++ #define __LITTLE_ENDIAN_BITFIELD ++ #endif ++#else ++ #error Byte order not set ++#endif ++ ++#endif /* __BYTEORDER_H */ +--- a/configure ++++ b/configure +@@ -1,5 +1,24 @@ + #!/bin/sh + ++# This fake configure script applies hard-coded settings for OpenWRT ++ ++echo creating Makefile... ++sed -e "s^@PCAP@^PCAP=-lpcap^g" \ ++ -e "s^@PCAP_INCLUDE@^^g" \ ++ -e "s^@MANPATH@^/usr/share/man^g" \ ++ -e "s^@SOLARISLIB@^^g" \ ++ -e "s^@USE_TCL@^^g" \ ++ -e "s^@TCL_INC@^^g" \ ++ -e "s^@TCL_VER@^^g" \ ++ -e "s^@TCL_LIB@^^g" \ ++ Makefile ++ ++echo now you can try \`make\' ++exit 0 ++ ++# Original file follows, to make the patch smaller ++#!/bin/sh ++ + show_help() + { + echo configure help: +--- /dev/null ++++ b/systype.h +@@ -0,0 +1,6 @@ ++#ifndef __SYSTYPE_H ++#define __SYSTYPE_H ++ ++#define OSTYPE_LINUX ++ ++#endif /* SYSTYPE_H */ diff --git a/net/hping3/patches/020_pcap_bpf.patch b/net/hping3/patches/020_pcap_bpf.patch new file mode 100644 index 000000000..a5b0dec83 --- /dev/null +++ b/net/hping3/patches/020_pcap_bpf.patch @@ -0,0 +1,22 @@ +--- a/libpcap_stuff.c ++++ b/libpcap_stuff.c +@@ -16,7 +16,7 @@ + #include + #include + #include +-#include ++#include + #include + + #include "globals.h" +--- a/script.c ++++ b/script.c +@@ -23,7 +23,7 @@ + #include + + #include +-#include ++#include + #include + + #include "release.h" diff --git a/net/hping3/patches/040_spelling.patch b/net/hping3/patches/040_spelling.patch new file mode 100644 index 000000000..8dcc97fa0 --- /dev/null +++ b/net/hping3/patches/040_spelling.patch @@ -0,0 +1,37 @@ +Subject: Various spelling fixes. +Author: Romain Francoise +Last-Updated: 2020-09-06 + +--- a/antigetopt.c ++++ b/antigetopt.c +@@ -142,7 +142,7 @@ chain_start: + #define UNK_LONG_ERRSTRING "unrecognized option `--%s'\n" + #define ARG_SHORT_ERRSTRING "option requires an argument -- %c\n" + #define ARG_LONG_ERRSTRING "option `--%s' requires an argument\n" +-#define AMB_ERRSTRING "option `--%s' is ambiguos\n" ++#define AMB_ERRSTRING "option `--%s' is ambiguous\n" + #define IERR_ERRSTRING "internal error. ago_gnu_error() called with " \ + "a bad error code (%d)\n" + void ago_gnu_error(char *pname, int error) +--- a/statistics.c ++++ b/statistics.c +@@ -30,7 +30,7 @@ void print_statistics(int signal_id) + lossrate = 100; + + fprintf(stderr, "\n--- %s hping statistic ---\n", targetname); +- fprintf(stderr, "%d packets tramitted, %d packets received, " ++ fprintf(stderr, "%d packets transmitted, %d packets received, " + "%d%% packet loss\n", sent_pkt, recv_pkt, lossrate); + if (out_of_sequence_pkt) + fprintf(stderr, "%d out of sequence packets received\n", +--- a/ars.c ++++ b/ars.c +@@ -361,7 +361,7 @@ void *ars_add_data(struct ars_packet *pk + static void *ptr = "zzappt"; /* we can't return NULL for size == 0 */ + + if (size < 0) { +- ars_set_error(pkt, "Tryed to add a DATA layer with size < 0"); ++ ars_set_error(pkt, "Tried to add a DATA layer with size < 0"); + return NULL; + } + retval = ars_add_generic(pkt, size, ARS_TYPE_DATA); diff --git a/net/hping3/patches/080_ip_id_field.patch b/net/hping3/patches/080_ip_id_field.patch new file mode 100644 index 000000000..4558c686c --- /dev/null +++ b/net/hping3/patches/080_ip_id_field.patch @@ -0,0 +1,69 @@ +Subject: Fix "-N" command line argument +Author: Guillaume Delacour +Bug-Debian: http://bugs.debian.org/482844 +Last-Update: 2009-05-13 + +--- a/docs/hping2.8 ++++ b/docs/hping2.8 +@@ -343,7 +343,7 @@ options. If in doubt try + .I -N --id + Set ip->id field. Default id is random but if fragmentation is turned on + and id isn't specified it will be +-.BR "getpid() & 0xFF" , ++.BR "getpid() & 0xFFFF" , + to implement a better solution is in TODO list. + .TP + .I -H --ipproto +@@ -714,4 +714,4 @@ On solaris hping does not work on the lo + a solaris problem, as stated in the tcpdump-workers mailing list, + so the libpcap can't do nothing to handle it properly. + .SH SEE ALSO +-ping(8), traceroute(8), ifconfig(8), nmap(1) +\ No newline at end of file ++ping(8), traceroute(8), ifconfig(8), nmap(1) +--- a/docs/hping3.8 ++++ b/docs/hping3.8 +@@ -352,7 +352,7 @@ options. If in doubt try + .I -N --id + Set ip->id field. Default id is random but if fragmentation is turned on + and id isn't specified it will be +-.BR "getpid() & 0xFF" , ++.BR "getpid() & 0xFFFF" , + to implement a better solution is in TODO list. + .TP + .I -H --ipproto +--- a/hping2.h ++++ b/hping2.h +@@ -121,7 +121,7 @@ + #define DEFAULT_ICMP_IP_IHL (IPHDR_SIZE >> 2) + #define DEFAULT_ICMP_IP_TOS 0 + #define DEFAULT_ICMP_IP_TOT_LEN 0 /* computed by send_icmp_*() */ +-#define DEFAULT_ICMP_IP_ID 0 /* rand */ ++#define DEFAULT_ICMP_IP_ID -1 /* rand */ + #define DEFAULT_ICMP_CKSUM -1 /* -1 means compute the cksum */ + #define DEFAULT_ICMP_IP_PROTOCOL 6 /* TCP */ + #define DEFAULT_RAW_IP_PROTOCOL 6 /* TCP */ +--- a/parseoptions.c ++++ b/parseoptions.c +@@ -468,6 +468,10 @@ int parse_options(int argc, char **argv) + break; + case OPT_ICMP_IPID: + icmp_ip_id = strtol(ago_optarg, NULL, 0); ++ if (icmp_ip_id < 0 || icmp_ip_id > 0xffff) { ++ fprintf(stderr, "Bad ICMP IP ID, resetting to random.\n"); ++ icmp_ip_id = DEFAULT_ICMP_IP_ID; ++ } + break; + case OPT_ICMP_IPPROTO: + icmp_ip_protocol = strtol(ago_optarg, NULL, 0); +--- a/sendicmp.c ++++ b/sendicmp.c +@@ -83,7 +83,7 @@ void send_icmp_echo(void) + icmp->type = opt_icmptype; /* echo replay or echo request */ + icmp->code = opt_icmpcode; /* should be indifferent */ + icmp->checksum = 0; +- icmp->un.echo.id = getpid() & 0xffff; ++ icmp->un.echo.id = icmp_ip_id == DEFAULT_ICMP_IP_ID ? getpid() & 0xffff : icmp_ip_id; + icmp->un.echo.sequence = _icmp_seq; + + /* data */ diff --git a/net/hping3/patches/110_dontfrag_offbyone.patch b/net/hping3/patches/110_dontfrag_offbyone.patch new file mode 100644 index 000000000..87f2dcb3e --- /dev/null +++ b/net/hping3/patches/110_dontfrag_offbyone.patch @@ -0,0 +1,16 @@ +Subject: Off-by-one error with --dontfrag +Author: Christian Mock +Bugs-Debian: http://bugs.debian.org/537704 +Last-Update: 2009-09-04 + +--- a/sendip_handler.c ++++ b/sendip_handler.c +@@ -19,7 +19,7 @@ void send_ip_handler(char *packet, unsig + { + ip_optlen = ip_opt_build(ip_opt); + +- if (!opt_fragment && (size+ip_optlen+20 >= h_if_mtu)) ++ if (!opt_fragment && (size+ip_optlen+20 > h_if_mtu)) + { + /* auto-activate fragmentation */ + virtual_mtu = h_if_mtu-20; diff --git a/net/hping3/patches/120_rtt_icmp_unreachable.patch b/net/hping3/patches/120_rtt_icmp_unreachable.patch new file mode 100644 index 000000000..b71422dfb --- /dev/null +++ b/net/hping3/patches/120_rtt_icmp_unreachable.patch @@ -0,0 +1,34 @@ +Subject: Add RTT handling for ICMP destination unreachable packets. +Author: Baruch Even +Bug-Debian: http://bugs.debian.org/248273 +Last-Update: 2009-09-04 + +--- a/waitpacket.c ++++ b/waitpacket.c +@@ -229,6 +229,7 @@ int recv_icmp(void *packet, size_t size) + { + struct myicmphdr icmp; + struct myiphdr quoted_ip; ++ struct myudphdr quoted_udp; + + /* Check if the packet can contain the ICMP header */ + if (size < ICMPHDR_SIZE) { +@@ -286,6 +287,18 @@ int recv_icmp(void *packet, size_t size) + case 3: + if (!opt_quiet) + log_icmp_unreach(inet_ntoa(src), icmp.code); ++ if (quoted_ip.protocol == IPPROTO_UDP) ++ { ++ int sequence = 0, status; ++ float ms_delay = 0.0; ++ unsigned short port; ++ ++ /* Get RTT for UDP packet */ ++ memcpy("ed_udp, packet+ICMPHDR_SIZE+(quoted_ip.ihl<<2), sizeof(quoted_udp)); ++ port = ntohs(quoted_udp.uh_sport); ++ status = rtt(&sequence, port, &ms_delay); ++ printf("status=%d port=%d seq=%d\n", status, port, sequence); ++ } + return 1; + case 11: + if (opt_traceroute) diff --git a/net/hping3/patches/130_spelling_error_in_binary.patch b/net/hping3/patches/130_spelling_error_in_binary.patch new file mode 100644 index 000000000..fadf41df3 --- /dev/null +++ b/net/hping3/patches/130_spelling_error_in_binary.patch @@ -0,0 +1,154 @@ +Subject; Fix spelling error in binary (lintian -IE) +Author: Romain Francoise +Last-Update: 2005-03-12 + +--- a/parseoptions.c ++++ b/parseoptions.c +@@ -179,7 +179,7 @@ void parse_route(unsigned char *route, u + str[j++] = '/'; + break; + } +- fprintf(stderr, "invalid IP adress in route\n"); ++ fprintf(stderr, "invalid IP address in route\n"); + fail_parse_route(); + case ':': + if ((!i) && j && j < 4) +--- a/getifname.c ++++ b/getifname.c +@@ -206,7 +206,7 @@ int get_if_name(void) + printf("DEBUG: Output interface address: %s\n", + inet_ntoa(output_if_addr.sin_addr)); + /* Put something in saved_ifname in order to tell +- that the output adress is known */ ++ that the output address is known */ + saved_ifname[0] = 'X'; saved_ifname[1] = 0; + } else { + fprintf(stderr, "Warning: Unable to guess the output " +--- a/usage.c ++++ b/usage.c +@@ -50,7 +50,7 @@ void show_usage(void) + " -r --rel relativize id field (to estimate host traffic)\n" + " -f --frag split packets in more frag. (may pass weak acl)\n" + " -x --morefrag set more fragments flag\n" +-" -y --dontfrag set dont fragment flag\n" ++" -y --dontfrag set don't fragment flag\n" + " -g --fragoff set the fragment offset\n" + " -m --mtu set virtual mtu, implies --frag if packet size > mtu\n" + " -o --tos type of service (default 0x00), try --tos help\n" +@@ -131,8 +131,8 @@ void icmp_help(void) + "ICMP help:\n" + " ICMP concerned packet options:\n" + " --icmp-ipver set ip version ( default 4 )\n" +-" --icmp-iphlen set ip header lenght ( default IPHDR_SIZE >> 2)\n" +-" --icmp-iplen set ip total lengtht ( default real lenght )\n" ++" --icmp-iphlen set ip header length ( default IPHDR_SIZE >> 2)\n" ++" --icmp-iplen set ip total length ( default real length )\n" + " --icmp-ipid set ip id ( default random )\n" + " --icmp-ipproto set ip protocol ( default IPPROTO_TCP )\n" + " --icmp-ipsrc set ip source ( default 0.0.0.0 )\n" +--- a/sendtcp.c ++++ b/sendtcp.c +@@ -50,7 +50,7 @@ void send_tcp(void) + memcpy(&pseudoheader->saddr, &local.sin_addr.s_addr, 4); + memcpy(&pseudoheader->daddr, &remote.sin_addr.s_addr, 4); + pseudoheader->protocol = 6; /* tcp */ +- pseudoheader->lenght = htons(TCPHDR_SIZE+tcp_opt_size+data_size); ++ pseudoheader->length = htons(TCPHDR_SIZE+tcp_opt_size+data_size); + + /* tcp header */ + tcp->th_dport = htons(dst_port); +--- a/sendudp.c ++++ b/sendudp.c +@@ -46,7 +46,7 @@ void send_udp(void) + memcpy(&pseudoheader->saddr, &local.sin_addr.s_addr, 4); + memcpy(&pseudoheader->daddr, &remote.sin_addr.s_addr, 4); + pseudoheader->protocol = 17; /* udp */ +- pseudoheader->lenght = htons(packet_size); ++ pseudoheader->length = htons(packet_size); + + /* udp header */ + udp->uh_dport = htons(dst_port); +--- a/sendicmp.c ++++ b/sendicmp.c +@@ -243,7 +243,7 @@ void send_icmp_other(void) + memcpy(&pseudoheader->saddr, &icmp_ip_src.sin_addr.s_addr, 4); + memcpy(&pseudoheader->daddr, &icmp_ip_dst.sin_addr.s_addr, 4); + pseudoheader->protocol = icmp_ip.protocol; +- pseudoheader->lenght = icmp_ip.tot_len; ++ pseudoheader->length = icmp_ip.tot_len; + icmp_udp->uh_sport = htons(icmp_ip_srcport); + icmp_udp->uh_dport = htons(icmp_ip_dstport); + icmp_udp->uh_ulen = htons(UDPHDR_SIZE + udp_data_len); +--- a/hping2.h ++++ b/hping2.h +@@ -138,7 +138,7 @@ + + /* fragmentation defines */ + #define MF ((unsigned short)0x2000) /* more fragments */ +-#define DF ((unsigned short)0x4000) /* dont fragment */ ++#define DF ((unsigned short)0x4000) /* don't fragment */ + #define NF ((unsigned short)0x0000) /* no more fragments */ + + /* ip options defines */ +@@ -341,7 +341,7 @@ struct pseudohdr + __u32 daddr; + __u8 zero; + __u8 protocol; +- __u16 lenght; ++ __u16 length; + }; + + #define PSEUDOHDR_SIZE sizeof(struct pseudohdr) +--- a/ars.c ++++ b/ars.c +@@ -698,7 +698,7 @@ int ars_udptcp_cksum(struct ars_packet * + memcpy(&pseudo.daddr, &ip->daddr, 4); + pseudo.protocol = (pkt->p_layer[layer].l_type == ARS_TYPE_TCP) + ? ARS_IPPROTO_TCP : ARS_IPPROTO_UDP; +- pseudo.lenght = htons(ars_relative_size(pkt, layer)); ++ pseudo.length = htons(ars_relative_size(pkt, layer)); + + /* Finally do the checksum */ + ars_multi_cksum(&mc, ARS_MC_INIT, NULL, 0); +--- a/datahandler.c ++++ b/datahandler.c +@@ -26,7 +26,7 @@ void data_handler(char *data, int data_s + } + + if (opt_sign) { +- memcpy(data, sign, signlen); /* lenght pre-checked */ ++ memcpy(data, sign, signlen); /* length pre-checked */ + data+=signlen; + data_size-=signlen; + } +--- a/ars.h ++++ b/ars.h +@@ -67,7 +67,7 @@ + #define ARS_MAX_IP_SIZE 65535 + + #define ARS_IP_MF ((unsigned short)0x2000) /* more fragments */ +-#define ARS_IP_DF ((unsigned short)0x4000) /* dont fragment */ ++#define ARS_IP_DF ((unsigned short)0x4000) /* don't fragment */ + #define ARS_IP_RF ((unsigned short)0x8000) /* reserved fragment flag */ + + #define ARS_IPOPT_COPY 0x80 +@@ -308,7 +308,7 @@ struct ars_pseudohdr + __u32 daddr; + __u8 zero; + __u8 protocol; +- __u16 lenght; ++ __u16 length; + }; + + /* The IGRP header structure */ +--- a/sendip_handler.c ++++ b/sendip_handler.c +@@ -35,7 +35,7 @@ void send_ip_handler(char *packet, unsig + unsigned short fragment_flag = 0; + + if (opt_mf) fragment_flag |= MF; /* more fragments */ +- if (opt_df) fragment_flag |= DF; /* dont fragment */ ++ if (opt_df) fragment_flag |= DF; /* don't fragment */ + send_ip((char*)&local.sin_addr, + (char*)&remote.sin_addr, + packet, size, fragment_flag, ip_frag_offset, diff --git a/net/hping3/patches/140_data_size_udp.patch b/net/hping3/patches/140_data_size_udp.patch new file mode 100644 index 000000000..6f07b0ded --- /dev/null +++ b/net/hping3/patches/140_data_size_udp.patch @@ -0,0 +1,22 @@ +Subject: Fix incorrect data size check for UDP. +Author: Luca Bigliardi +Bug-Debian; http://bugs.debian.org/546590 +Last-Update: 2009-09-19 + +--- a/parseoptions.c ++++ b/parseoptions.c +@@ -606,9 +606,12 @@ int parse_options(int argc, char **argv) + if (opt_numeric == TRUE) opt_gethost = FALSE; + + /* some error condition */ +- if (data_size+IPHDR_SIZE+TCPHDR_SIZE > 65535) { ++ if (data_size+IPHDR_SIZE+ ++ (opt_udpmode?UDPHDR_SIZE:TCPHDR_SIZE) > 65535) { + printf("Option error: sorry, data size must be <= %lu\n", +- (unsigned long)(65535-IPHDR_SIZE+TCPHDR_SIZE)); ++ (unsigned long)(65535-(IPHDR_SIZE+ ++ (opt_udpmode?UDPHDR_SIZE:TCPHDR_SIZE))) ++ ); + exit(1); + } + else if (count <= 0 && count != -1) { diff --git a/net/hping3/patches/160_tcp_mss.patch b/net/hping3/patches/160_tcp_mss.patch new file mode 100644 index 000000000..cf0da81ca --- /dev/null +++ b/net/hping3/patches/160_tcp_mss.patch @@ -0,0 +1,183 @@ +Subject: Add tcp-mss support. +Origin: http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/net/hping/patches/ +Bug-Debian: http://bugs.debian.org/409391 +Last-Update: 2009-09-19 + +--- a/main.c ++++ b/main.c +@@ -44,7 +44,8 @@ unsigned int + signlen, + lsr_length = 0, + ssr_length = 0, +- tcp_ack; ++ tcp_ack, ++ tcp_mss; + + + unsigned short int +@@ -95,6 +96,7 @@ int + opt_tcpexitcode = FALSE, + opt_badcksum = FALSE, + opt_tr_keep_ttl = FALSE, ++ opt_tcp_mss = FALSE, + opt_tcp_timestamp = FALSE, + opt_clock_skew = FALSE, + cs_window = DEFAULT_CS_WINDOW, +--- a/globals.h ++++ b/globals.h +@@ -32,7 +32,8 @@ extern unsigned int + tcp_seqnum, + set_ack, + ip_header_length, +- tcp_ack; ++ tcp_ack, ++ tcp_mss; + + extern unsigned short int + data_size; +@@ -77,6 +78,7 @@ extern int opt_debug, + opt_tcpexitcode, + opt_badcksum, + opt_tr_keep_ttl, ++ opt_tcp_mss, + opt_tcp_timestamp, + opt_clock_skew, + cs_window, +--- a/parseoptions.c ++++ b/parseoptions.c +@@ -31,7 +31,7 @@ enum { OPT_COUNT, OPT_INTERVAL, OPT_NUME + OPT_RROUTE, OPT_IPPROTO, OPT_ICMP_IPVER, OPT_ICMP_IPHLEN, + OPT_ICMP_IPLEN, OPT_ICMP_IPID, OPT_ICMP_IPPROTO, OPT_ICMP_CKSUM, + OPT_ICMP_TS, OPT_ICMP_ADDR, OPT_TCPEXITCODE, OPT_FAST, OPT_TR_KEEP_TTL, +- OPT_TCP_TIMESTAMP, OPT_TR_STOP, OPT_TR_NO_RTT, OPT_ICMP_HELP, ++ OPT_TCP_TIMESTAMP, OPT_TCP_MSS, OPT_TR_STOP, OPT_TR_NO_RTT, OPT_ICMP_HELP, + OPT_RAND_DEST, OPT_RAND_SOURCE, OPT_LSRR, OPT_SSRR, OPT_ROUTE_HELP, + OPT_ICMP_IPSRC, OPT_ICMP_IPDST, OPT_ICMP_SRCPORT, OPT_ICMP_DSTPORT, + OPT_ICMP_GW, OPT_FORCE_ICMP, OPT_APD_SEND, OPT_SCAN, OPT_FASTER, +@@ -125,6 +125,7 @@ static struct ago_optlist hping_optlist[ + { '\0', "force-icmp", OPT_FORCE_ICMP, AGO_NOARG }, + { '\0', "beep", OPT_BEEP, AGO_NOARG }, + { '\0', "flood", OPT_FLOOD, AGO_NOARG }, ++ { '\0', "tcp-mss", OPT_TCP_MSS, AGO_NEEDARG|AGO_EXCEPT0 }, + { '\0', "clock-skew", OPT_CLOCK_SKEW, AGO_NOARG }, + { '\0', "clock-skew-win", OPT_CS_WINDOW, AGO_NEEDARG}, + { '\0', "clock-skew-win-shift", OPT_CS_WINDOW_SHIFT, AGO_NEEDARG}, +@@ -561,6 +562,10 @@ int parse_options(int argc, char **argv) + case OPT_FLOOD: + opt_flood = TRUE; + break; ++ case OPT_TCP_MSS: ++ opt_tcp_mss = TRUE; ++ tcp_mss = strtoul(ago_optarg, NULL, 0); ++ break; + case OPT_CLOCK_SKEW: + opt_tcp_timestamp = TRUE; + opt_clock_skew = TRUE; +--- a/usage.c ++++ b/usage.c +@@ -87,6 +87,7 @@ void show_usage(void) + " -X --xmas set X unused flag (0x40)\n" + " -Y --ymas set Y unused flag (0x80)\n" + " --tcpexitcode use last tcp->th_flags as exit code\n" ++" --tcp-mss enable the TCP MSS option with the given value\n" + " --tcp-timestamp enable the TCP timestamp option to guess the HZ/uptime\n" + "Clock skew detection\n" + " --clock-skew enable clock skew detection. Try with -S against open port\n" +--- a/sendtcp.c ++++ b/sendtcp.c +@@ -28,10 +28,12 @@ void send_tcp(void) + char *packet, *data; + struct mytcphdr *tcp; + struct pseudohdr *pseudoheader; +- unsigned char *tstamp; ++ unsigned char *opts; + ++ if (opt_tcp_mss) ++ tcp_opt_size += 4; + if (opt_tcp_timestamp) +- tcp_opt_size = 12; ++ tcp_opt_size += 12; + + packet_size = TCPHDR_SIZE + tcp_opt_size + data_size; + packet = malloc(PSEUDOHDR_SIZE + packet_size); +@@ -41,7 +43,7 @@ void send_tcp(void) + } + pseudoheader = (struct pseudohdr*) packet; + tcp = (struct mytcphdr*) (packet+PSEUDOHDR_SIZE); +- tstamp = (unsigned char*) (packet+PSEUDOHDR_SIZE+TCPHDR_SIZE); ++ opts = (unsigned char*) (packet+PSEUDOHDR_SIZE+TCPHDR_SIZE); + data = (char*) (packet+PSEUDOHDR_SIZE+TCPHDR_SIZE+tcp_opt_size); + + memset(packet, 0, PSEUDOHDR_SIZE+packet_size); +@@ -64,14 +66,24 @@ void send_tcp(void) + tcp->th_win = htons(src_winsize); + tcp->th_flags = tcp_th_flags; + ++ /* tcp MSS option */ ++ if (opt_tcp_mss) { ++ opts[0] = 2; ++ opts[1] = 4; /* 4 bytes, kind+len+MSS */ ++ opts[2] = tcp_mss >> 8; ++ opts[3] = tcp_mss & 0xff; ++ opts += 4; ++ } ++ + /* tcp timestamp option */ + if (opt_tcp_timestamp) { + __u32 randts = rand() ^ (rand() << 16); +- tstamp[0] = tstamp[1] = 1; /* NOOP */ +- tstamp[2] = 8; +- tstamp[3] = 10; /* 10 bytes, kind+len+T1+T2 */ +- memcpy(tstamp+4, &randts, 4); /* random */ +- memset(tstamp+8, 0, 4); /* zero */ ++ opts[0] = opts[1] = 1; /* NOOP */ ++ opts[2] = 8; ++ opts[3] = 10; /* 10 bytes, kind+len+T1+T2 */ ++ memcpy(opts+4, &randts, 4); /* random */ ++ memset(opts+8, 0, 4); /* zero */ ++ opts += 12; + } + + /* data */ +--- a/docs/hping3.8 ++++ b/docs/hping3.8 +@@ -98,6 +98,8 @@ hping2 \- send (almost) arbitrary TCP/IP + ] [ + .B \-\-tcpexitcode + ] [ ++.B \-\-tcp-mss ++] [ + .B \-\-tcp-timestamp + ] [ + .B \-\-tr-stop +@@ -510,6 +512,9 @@ numbers are predictable. + .I -b --badcksum + Send packets with a bad UDP/TCP checksum. + .TP ++.I --tcp-mss ++Enable the TCP MSS option and set it to the given value. ++.TP + .I --tcp-timestamp + Enable the TCP timestamp option, and try to guess the timestamp update + frequency and the remote system uptime. +--- a/docs/french/hping2-fr.8 ++++ b/docs/french/hping2-fr.8 +@@ -99,6 +99,8 @@ hping2 \- envoie des paquets TCP/IP (pre + ] [ + .B \-\-tcpexitcode + ] [ ++.B \-\-tcp-mss ++] [ + .B \-\-tcp-timestamp + ] [ + .B \-\-tr-stop +@@ -538,6 +540,9 @@ pouvez le voir les numéros de séquence d + .I -b --badcksum + Envoie des paquets avec une mauvaise somme de contrôle UDP/TCP + .TP ++.I --tcp-mss ++Active l'option TCP MSS et la fixe avec la valeur donnée. ++.TP + .I --tcp-timestamp + Active l'option TCP timestamp, et essaye de deviner la fréquence de mise à + jour du timestamp et l'uptime du système distant. diff --git a/net/hping3/patches/190_ip_optlen_conflicting_types.patch b/net/hping3/patches/190_ip_optlen_conflicting_types.patch new file mode 100644 index 000000000..691858e65 --- /dev/null +++ b/net/hping3/patches/190_ip_optlen_conflicting_types.patch @@ -0,0 +1,19 @@ +Author: Michael Tautschnig +Subject: Conflicting types for variable ip_optlen + - globals.h: extern char ip_optlen; + - main.c: unsigned ip_optlen; + Undefined behaviour if the value of ip_optlen exceeds 127 for + any architecture with signed char type. +Bug-Debian: https://bugs.debian.org/688458 + +--- a/main.c ++++ b/main.c +@@ -156,7 +156,7 @@ unsigned char + lsr [255] = {0}, + ssr [255] = {0}; + +-unsigned ++char + ip_optlen = 0; + + struct sockaddr_in diff --git a/net/hping3/patches/191_fix_ftbfs_with_gcc10.patch b/net/hping3/patches/191_fix_ftbfs_with_gcc10.patch new file mode 100644 index 000000000..49b6d4ac0 --- /dev/null +++ b/net/hping3/patches/191_fix_ftbfs_with_gcc10.patch @@ -0,0 +1,14 @@ +Description: Fixes declaration of global variable +Author: Marcio de Souza Oliveira +Last-Update: 2020-09-02 +--- a/hping2.h ++++ b/hping2.h +@@ -357,7 +357,7 @@ struct delaytable_element { + int status; + }; + +-volatile struct delaytable_element delaytable[TABLESIZE]; ++extern volatile struct delaytable_element delaytable[TABLESIZE]; + + /* protos */ + void nop(void); /* nop */ diff --git a/net/hping3/patches/fix_icmp_ipid.patch b/net/hping3/patches/fix_icmp_ipid.patch new file mode 100644 index 000000000..6fba71d65 --- /dev/null +++ b/net/hping3/patches/fix_icmp_ipid.patch @@ -0,0 +1,15 @@ +Description: Fixes replies when icmp-ipid is used +Author: David Eisner +Last-Update: 2015-12-18 +--- a/waitpacket.c ++++ b/waitpacket.c +@@ -244,7 +244,8 @@ int recv_icmp(void *packet, size_t size) + if ((icmp.type == ICMP_ECHOREPLY || + icmp.type == ICMP_TIMESTAMPREPLY || + icmp.type == ICMP_ADDRESSREPLY) && +- icmp.un.echo.id == (getpid() & 0xffff)) ++ icmp.un.echo.id == ((icmp_ip_id == DEFAULT_ICMP_IP_ID) ? ++ getpid() & 0xffff : icmp_ip_id) ) + { + int icmp_seq = icmp.un.echo.sequence; + int status; diff --git a/net/hping3/patches/hping3-getifnamedebug.patch b/net/hping3/patches/hping3-getifnamedebug.patch new file mode 100644 index 000000000..6c9e92b67 --- /dev/null +++ b/net/hping3/patches/hping3-getifnamedebug.patch @@ -0,0 +1,11 @@ +--- a/getifname.c ++++ b/getifname.c +@@ -59,7 +59,7 @@ int get_if_name(void) + known_output_if = 1; + if (opt_debug) + printf("DEBUG: Output interface address: %s\n", +- inet_ntoa(sa.sin_addr)); ++ inet_ntoa(output_if_addr.sin_addr)); + } else { + fprintf(stderr, "Warning: Unable to guess the output " + "interface\n");