From 0247d720ea6cf0d4721f96539a3412b45ac47778 Mon Sep 17 00:00:00 2001 From: "Alexander E. Patrakov" Date: Mon, 5 Sep 2022 00:38:58 +0800 Subject: [PATCH] hping3: add new package The new package would help measuring one-way delays using ICMP type 13 packets. This is important for various scripts that automatically adjust CAKE shaper bandwidth based on the observed bufferbloat. They need to understand whether the delay is on the way up or on the way down, so that they can adjust the bandwidth of the proper part of the shaper. https://forum.openwrt.org/t/cake-w-adaptive-bandwidth-historic/108848 https://forum.openwrt.org/t/cake-w-adaptive-bandwidth/135379 V2: refreshed patches Signed-off-by: Alexander E. Patrakov (cherry picked from commit 688a5413d087a4f8f70d523b189875831d6e39c4) --- net/hping3/Makefile | 55 ++++++ net/hping3/patches/011_buildsystem.patch | 96 +++++++++ net/hping3/patches/020_pcap_bpf.patch | 22 +++ net/hping3/patches/040_spelling.patch | 37 ++++ net/hping3/patches/080_ip_id_field.patch | 69 +++++++ .../patches/110_dontfrag_offbyone.patch | 16 ++ .../patches/120_rtt_icmp_unreachable.patch | 34 ++++ .../130_spelling_error_in_binary.patch | 154 +++++++++++++++ net/hping3/patches/140_data_size_udp.patch | 22 +++ net/hping3/patches/160_tcp_mss.patch | 183 ++++++++++++++++++ .../190_ip_optlen_conflicting_types.patch | 19 ++ .../patches/191_fix_ftbfs_with_gcc10.patch | 14 ++ net/hping3/patches/fix_icmp_ipid.patch | 15 ++ .../patches/hping3-getifnamedebug.patch | 11 ++ 14 files changed, 747 insertions(+) create mode 100644 net/hping3/Makefile create mode 100644 net/hping3/patches/011_buildsystem.patch create mode 100644 net/hping3/patches/020_pcap_bpf.patch create mode 100644 net/hping3/patches/040_spelling.patch create mode 100644 net/hping3/patches/080_ip_id_field.patch create mode 100644 net/hping3/patches/110_dontfrag_offbyone.patch create mode 100644 net/hping3/patches/120_rtt_icmp_unreachable.patch create mode 100644 net/hping3/patches/130_spelling_error_in_binary.patch create mode 100644 net/hping3/patches/140_data_size_udp.patch create mode 100644 net/hping3/patches/160_tcp_mss.patch create mode 100644 net/hping3/patches/190_ip_optlen_conflicting_types.patch create mode 100644 net/hping3/patches/191_fix_ftbfs_with_gcc10.patch create mode 100644 net/hping3/patches/fix_icmp_ipid.patch create mode 100644 net/hping3/patches/hping3-getifnamedebug.patch diff --git a/net/hping3/Makefile b/net/hping3/Makefile new file mode 100644 index 000000000..cbafe7d4f --- /dev/null +++ b/net/hping3/Makefile @@ -0,0 +1,55 @@ +# +# Copyright (C) 2022 Alexander E. Patrakov +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# +# Special thanks to the Debian and Fedora projects for their hping3 +# packaging, elements of which (patches, list of dependencies, etc.) are +# reused here. + +include $(TOPDIR)/rules.mk + +PKG_NAME:=hping3 +PKG_SOURCE_DATE:=2014-12-26 +PKG_SOURCE_VERSION:=3547c7691742c6eaa31f8402e0ccbb81387c1b99 +PKG_RELEASE:=1 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/antirez/hping +PKG_MIRROR_HASH:=0d65eaa8e55ab10025fb2d615eb9567255288b3b9eb66465f54d0e1718bb80ad + +PKG_MAINTAINER:=Alexander E. Patrakov +PKG_LICENSE:=GPL-2.0-only + +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/hping3 + SECTION:=net + CATEGORY:=Network + TITLE:=Active Network Smashing Tool + URL:=https://github.com/antirez/hping + DEPENDS:= +libpcap +endef + +define Package/hping3/description + hping3 is a network tool able to send custom ICMP/UDP/TCP packets + and to display target replies like ping does with ICMP replies. It + handles fragmentation and arbitrary packet body and size, and can + be used to transfer files under supported protocols. Using hping3, + you can test firewall rules, perform (spoofed) port scanning, test + network performance using different protocols, do path MTU + discovery, perform traceroute-like actions under different + protocols, fingerprint remote operating systems, audit TCP/IP + stacks, etc. Tcl support is not included. +endef + +define Package/hping3/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/hping3 $(1)/usr/sbin/ +endef + +$(eval $(call BuildPackage,hping3)) diff --git a/net/hping3/patches/011_buildsystem.patch b/net/hping3/patches/011_buildsystem.patch new file mode 100644 index 000000000..1be5c3c9e --- /dev/null +++ b/net/hping3/patches/011_buildsystem.patch @@ -0,0 +1,96 @@ +--- a/Makefile.in ++++ b/Makefile.in +@@ -9,8 +9,8 @@ + CC= gcc + AR=/usr/bin/ar + RANLIB=/usr/bin/ranlib +-CCOPT= -O2 -Wall @PCAP_INCLUDE@ @TCL_INC@ @USE_TCL@ +-DEBUG= -g ++CCOPT= $(CFLAGS) @PCAP_INCLUDE@ @TCL_INC@ @USE_TCL@ ++DEBUG= + #uncomment the following if you need libpcap based build under linux + #(not raccomanded) + COMPILE_TIME= +@@ -50,17 +50,13 @@ libars.a: $(ARSOBJ) + $(RANLIB) $@ + + hping3: byteorder.h $(OBJ) +- $(CC) -o hping3 $(CCOPT) $(DEBUG) $(OBJ) -L/usr/local/lib $(PCAP) @SOLARISLIB@ @TCL_LIB@ ++ $(CC) -o hping3 $(CCOPT) $(DEBUG) $(OBJ) $(PCAP) @SOLARISLIB@ @TCL_LIB@ + @echo +- ./hping3 -v + @echo "use \`make strip' to strip hping3 binary" + @echo "use \`make install' to install hping3" + + hping3-static: byteorder.h $(OBJ) +- $(CC) -static -o hping3-static $(CCOPT) $(DEBUG) $(OBJ) -L/usr/local/lib $(PCAP) @SOLARISLIB@ @TCL_LIB@ -ldl +- +-byteorder.h: +- ./configure ++ $(CC) -static -o hping3-static $(CCOPT) $(DEBUG) $(OBJ) $(PCAP) @SOLARISLIB@ @TCL_LIB@ -ldl + + .c.o: + $(CC) -c $(CCOPT) $(DEBUG) $(COMPILE_TIME) $< +@@ -72,6 +68,8 @@ distclean: + rm -rf hping3 *.o byteorder byteorder.h systype.h Makefile libars.a .depend + + install: hping3 ++ ++dont-install: + cp -f hping3 /usr/sbin/ + chmod 755 /usr/sbin/hping3 + ln -s /usr/sbin/hping3 /usr/sbin/hping +--- /dev/null ++++ b/byteorder.h +@@ -0,0 +1,15 @@ ++ ++#ifndef __BYTEORDER_H ++#define __BYTEORDER_H ++ ++#if defined(__BYTE_ORDER__) ++ #if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ ++ #define __BIG_ENDIAN_BITFIELD ++ #else ++ #define __LITTLE_ENDIAN_BITFIELD ++ #endif ++#else ++ #error Byte order not set ++#endif ++ ++#endif /* __BYTEORDER_H */ +--- a/configure ++++ b/configure +@@ -1,5 +1,24 @@ + #!/bin/sh + ++# This fake configure script applies hard-coded settings for OpenWRT ++ ++echo creating Makefile... ++sed -e "s^@PCAP@^PCAP=-lpcap^g" \ ++ -e "s^@PCAP_INCLUDE@^^g" \ ++ -e "s^@MANPATH@^/usr/share/man^g" \ ++ -e "s^@SOLARISLIB@^^g" \ ++ -e "s^@USE_TCL@^^g" \ ++ -e "s^@TCL_INC@^^g" \ ++ -e "s^@TCL_VER@^^g" \ ++ -e "s^@TCL_LIB@^^g" \ ++ Makefile ++ ++echo now you can try \`make\' ++exit 0 ++ ++# Original file follows, to make the patch smaller ++#!/bin/sh ++ + show_help() + { + echo configure help: +--- /dev/null ++++ b/systype.h +@@ -0,0 +1,6 @@ ++#ifndef __SYSTYPE_H ++#define __SYSTYPE_H ++ ++#define OSTYPE_LINUX ++ ++#endif /* SYSTYPE_H */ diff --git a/net/hping3/patches/020_pcap_bpf.patch b/net/hping3/patches/020_pcap_bpf.patch new file mode 100644 index 000000000..a5b0dec83 --- /dev/null +++ b/net/hping3/patches/020_pcap_bpf.patch @@ -0,0 +1,22 @@ +--- a/libpcap_stuff.c ++++ b/libpcap_stuff.c +@@ -16,7 +16,7 @@ + #include + #include + #include +-#include ++#include + #include + + #include "globals.h" +--- a/script.c ++++ b/script.c +@@ -23,7 +23,7 @@ + #include + + #include +-#include ++#include + #include + + #include "release.h" diff --git a/net/hping3/patches/040_spelling.patch b/net/hping3/patches/040_spelling.patch new file mode 100644 index 000000000..8dcc97fa0 --- /dev/null +++ b/net/hping3/patches/040_spelling.patch @@ -0,0 +1,37 @@ +Subject: Various spelling fixes. +Author: Romain Francoise +Last-Updated: 2020-09-06 + +--- a/antigetopt.c ++++ b/antigetopt.c +@@ -142,7 +142,7 @@ chain_start: + #define UNK_LONG_ERRSTRING "unrecognized option `--%s'\n" + #define ARG_SHORT_ERRSTRING "option requires an argument -- %c\n" + #define ARG_LONG_ERRSTRING "option `--%s' requires an argument\n" +-#define AMB_ERRSTRING "option `--%s' is ambiguos\n" ++#define AMB_ERRSTRING "option `--%s' is ambiguous\n" + #define IERR_ERRSTRING "internal error. ago_gnu_error() called with " \ + "a bad error code (%d)\n" + void ago_gnu_error(char *pname, int error) +--- a/statistics.c ++++ b/statistics.c +@@ -30,7 +30,7 @@ void print_statistics(int signal_id) + lossrate = 100; + + fprintf(stderr, "\n--- %s hping statistic ---\n", targetname); +- fprintf(stderr, "%d packets tramitted, %d packets received, " ++ fprintf(stderr, "%d packets transmitted, %d packets received, " + "%d%% packet loss\n", sent_pkt, recv_pkt, lossrate); + if (out_of_sequence_pkt) + fprintf(stderr, "%d out of sequence packets received\n", +--- a/ars.c ++++ b/ars.c +@@ -361,7 +361,7 @@ void *ars_add_data(struct ars_packet *pk + static void *ptr = "zzappt"; /* we can't return NULL for size == 0 */ + + if (size < 0) { +- ars_set_error(pkt, "Tryed to add a DATA layer with size < 0"); ++ ars_set_error(pkt, "Tried to add a DATA layer with size < 0"); + return NULL; + } + retval = ars_add_generic(pkt, size, ARS_TYPE_DATA); diff --git a/net/hping3/patches/080_ip_id_field.patch b/net/hping3/patches/080_ip_id_field.patch new file mode 100644 index 000000000..4558c686c --- /dev/null +++ b/net/hping3/patches/080_ip_id_field.patch @@ -0,0 +1,69 @@ +Subject: Fix "-N" command line argument +Author: Guillaume Delacour +Bug-Debian: http://bugs.debian.org/482844 +Last-Update: 2009-05-13 + +--- a/docs/hping2.8 ++++ b/docs/hping2.8 +@@ -343,7 +343,7 @@ options. If in doubt try + .I -N --id + Set ip->id field. Default id is random but if fragmentation is turned on + and id isn't specified it will be +-.BR "getpid() & 0xFF" , ++.BR "getpid() & 0xFFFF" , + to implement a better solution is in TODO list. + .TP + .I -H --ipproto +@@ -714,4 +714,4 @@ On solaris hping does not work on the lo + a solaris problem, as stated in the tcpdump-workers mailing list, + so the libpcap can't do nothing to handle it properly. + .SH SEE ALSO +-ping(8), traceroute(8), ifconfig(8), nmap(1) +\ No newline at end of file ++ping(8), traceroute(8), ifconfig(8), nmap(1) +--- a/docs/hping3.8 ++++ b/docs/hping3.8 +@@ -352,7 +352,7 @@ options. If in doubt try + .I -N --id + Set ip->id field. Default id is random but if fragmentation is turned on + and id isn't specified it will be +-.BR "getpid() & 0xFF" , ++.BR "getpid() & 0xFFFF" , + to implement a better solution is in TODO list. + .TP + .I -H --ipproto +--- a/hping2.h ++++ b/hping2.h +@@ -121,7 +121,7 @@ + #define DEFAULT_ICMP_IP_IHL (IPHDR_SIZE >> 2) + #define DEFAULT_ICMP_IP_TOS 0 + #define DEFAULT_ICMP_IP_TOT_LEN 0 /* computed by send_icmp_*() */ +-#define DEFAULT_ICMP_IP_ID 0 /* rand */ ++#define DEFAULT_ICMP_IP_ID -1 /* rand */ + #define DEFAULT_ICMP_CKSUM -1 /* -1 means compute the cksum */ + #define DEFAULT_ICMP_IP_PROTOCOL 6 /* TCP */ + #define DEFAULT_RAW_IP_PROTOCOL 6 /* TCP */ +--- a/parseoptions.c ++++ b/parseoptions.c +@@ -468,6 +468,10 @@ int parse_options(int argc, char **argv) + break; + case OPT_ICMP_IPID: + icmp_ip_id = strtol(ago_optarg, NULL, 0); ++ if (icmp_ip_id < 0 || icmp_ip_id > 0xffff) { ++ fprintf(stderr, "Bad ICMP IP ID, resetting to random.\n"); ++ icmp_ip_id = DEFAULT_ICMP_IP_ID; ++ } + break; + case OPT_ICMP_IPPROTO: + icmp_ip_protocol = strtol(ago_optarg, NULL, 0); +--- a/sendicmp.c ++++ b/sendicmp.c +@@ -83,7 +83,7 @@ void send_icmp_echo(void) + icmp->type = opt_icmptype; /* echo replay or echo request */ + icmp->code = opt_icmpcode; /* should be indifferent */ + icmp->checksum = 0; +- icmp->un.echo.id = getpid() & 0xffff; ++ icmp->un.echo.id = icmp_ip_id == DEFAULT_ICMP_IP_ID ? getpid() & 0xffff : icmp_ip_id; + icmp->un.echo.sequence = _icmp_seq; + + /* data */ diff --git a/net/hping3/patches/110_dontfrag_offbyone.patch b/net/hping3/patches/110_dontfrag_offbyone.patch new file mode 100644 index 000000000..87f2dcb3e --- /dev/null +++ b/net/hping3/patches/110_dontfrag_offbyone.patch @@ -0,0 +1,16 @@ +Subject: Off-by-one error with --dontfrag +Author: Christian Mock +Bugs-Debian: http://bugs.debian.org/537704 +Last-Update: 2009-09-04 + +--- a/sendip_handler.c ++++ b/sendip_handler.c +@@ -19,7 +19,7 @@ void send_ip_handler(char *packet, unsig + { + ip_optlen = ip_opt_build(ip_opt); + +- if (!opt_fragment && (size+ip_optlen+20 >= h_if_mtu)) ++ if (!opt_fragment && (size+ip_optlen+20 > h_if_mtu)) + { + /* auto-activate fragmentation */ + virtual_mtu = h_if_mtu-20; diff --git a/net/hping3/patches/120_rtt_icmp_unreachable.patch b/net/hping3/patches/120_rtt_icmp_unreachable.patch new file mode 100644 index 000000000..b71422dfb --- /dev/null +++ b/net/hping3/patches/120_rtt_icmp_unreachable.patch @@ -0,0 +1,34 @@ +Subject: Add RTT handling for ICMP destination unreachable packets. +Author: Baruch Even +Bug-Debian: http://bugs.debian.org/248273 +Last-Update: 2009-09-04 + +--- a/waitpacket.c ++++ b/waitpacket.c +@@ -229,6 +229,7 @@ int recv_icmp(void *packet, size_t size) + { + struct myicmphdr icmp; + struct myiphdr quoted_ip; ++ struct myudphdr quoted_udp; + + /* Check if the packet can contain the ICMP header */ + if (size < ICMPHDR_SIZE) { +@@ -286,6 +287,18 @@ int recv_icmp(void *packet, size_t size) + case 3: + if (!opt_quiet) + log_icmp_unreach(inet_ntoa(src), icmp.code); ++ if (quoted_ip.protocol == IPPROTO_UDP) ++ { ++ int sequence = 0, status; ++ float ms_delay = 0.0; ++ unsigned short port; ++ ++ /* Get RTT for UDP packet */ ++ memcpy("ed_udp, packet+ICMPHDR_SIZE+(quoted_ip.ihl<<2), sizeof(quoted_udp)); ++ port = ntohs(quoted_udp.uh_sport); ++ status = rtt(&sequence, port, &ms_delay); ++ printf("status=%d port=%d seq=%d\n", status, port, sequence); ++ } + return 1; + case 11: + if (opt_traceroute) diff --git a/net/hping3/patches/130_spelling_error_in_binary.patch b/net/hping3/patches/130_spelling_error_in_binary.patch new file mode 100644 index 000000000..fadf41df3 --- /dev/null +++ b/net/hping3/patches/130_spelling_error_in_binary.patch @@ -0,0 +1,154 @@ +Subject; Fix spelling error in binary (lintian -IE) +Author: Romain Francoise +Last-Update: 2005-03-12 + +--- a/parseoptions.c ++++ b/parseoptions.c +@@ -179,7 +179,7 @@ void parse_route(unsigned char *route, u + str[j++] = '/'; + break; + } +- fprintf(stderr, "invalid IP adress in route\n"); ++ fprintf(stderr, "invalid IP address in route\n"); + fail_parse_route(); + case ':': + if ((!i) && j && j < 4) +--- a/getifname.c ++++ b/getifname.c +@@ -206,7 +206,7 @@ int get_if_name(void) + printf("DEBUG: Output interface address: %s\n", + inet_ntoa(output_if_addr.sin_addr)); + /* Put something in saved_ifname in order to tell +- that the output adress is known */ ++ that the output address is known */ + saved_ifname[0] = 'X'; saved_ifname[1] = 0; + } else { + fprintf(stderr, "Warning: Unable to guess the output " +--- a/usage.c ++++ b/usage.c +@@ -50,7 +50,7 @@ void show_usage(void) + " -r --rel relativize id field (to estimate host traffic)\n" + " -f --frag split packets in more frag. (may pass weak acl)\n" + " -x --morefrag set more fragments flag\n" +-" -y --dontfrag set dont fragment flag\n" ++" -y --dontfrag set don't fragment flag\n" + " -g --fragoff set the fragment offset\n" + " -m --mtu set virtual mtu, implies --frag if packet size > mtu\n" + " -o --tos type of service (default 0x00), try --tos help\n" +@@ -131,8 +131,8 @@ void icmp_help(void) + "ICMP help:\n" + " ICMP concerned packet options:\n" + " --icmp-ipver set ip version ( default 4 )\n" +-" --icmp-iphlen set ip header lenght ( default IPHDR_SIZE >> 2)\n" +-" --icmp-iplen set ip total lengtht ( default real lenght )\n" ++" --icmp-iphlen set ip header length ( default IPHDR_SIZE >> 2)\n" ++" --icmp-iplen set ip total length ( default real length )\n" + " --icmp-ipid set ip id ( default random )\n" + " --icmp-ipproto set ip protocol ( default IPPROTO_TCP )\n" + " --icmp-ipsrc set ip source ( default 0.0.0.0 )\n" +--- a/sendtcp.c ++++ b/sendtcp.c +@@ -50,7 +50,7 @@ void send_tcp(void) + memcpy(&pseudoheader->saddr, &local.sin_addr.s_addr, 4); + memcpy(&pseudoheader->daddr, &remote.sin_addr.s_addr, 4); + pseudoheader->protocol = 6; /* tcp */ +- pseudoheader->lenght = htons(TCPHDR_SIZE+tcp_opt_size+data_size); ++ pseudoheader->length = htons(TCPHDR_SIZE+tcp_opt_size+data_size); + + /* tcp header */ + tcp->th_dport = htons(dst_port); +--- a/sendudp.c ++++ b/sendudp.c +@@ -46,7 +46,7 @@ void send_udp(void) + memcpy(&pseudoheader->saddr, &local.sin_addr.s_addr, 4); + memcpy(&pseudoheader->daddr, &remote.sin_addr.s_addr, 4); + pseudoheader->protocol = 17; /* udp */ +- pseudoheader->lenght = htons(packet_size); ++ pseudoheader->length = htons(packet_size); + + /* udp header */ + udp->uh_dport = htons(dst_port); +--- a/sendicmp.c ++++ b/sendicmp.c +@@ -243,7 +243,7 @@ void send_icmp_other(void) + memcpy(&pseudoheader->saddr, &icmp_ip_src.sin_addr.s_addr, 4); + memcpy(&pseudoheader->daddr, &icmp_ip_dst.sin_addr.s_addr, 4); + pseudoheader->protocol = icmp_ip.protocol; +- pseudoheader->lenght = icmp_ip.tot_len; ++ pseudoheader->length = icmp_ip.tot_len; + icmp_udp->uh_sport = htons(icmp_ip_srcport); + icmp_udp->uh_dport = htons(icmp_ip_dstport); + icmp_udp->uh_ulen = htons(UDPHDR_SIZE + udp_data_len); +--- a/hping2.h ++++ b/hping2.h +@@ -138,7 +138,7 @@ + + /* fragmentation defines */ + #define MF ((unsigned short)0x2000) /* more fragments */ +-#define DF ((unsigned short)0x4000) /* dont fragment */ ++#define DF ((unsigned short)0x4000) /* don't fragment */ + #define NF ((unsigned short)0x0000) /* no more fragments */ + + /* ip options defines */ +@@ -341,7 +341,7 @@ struct pseudohdr + __u32 daddr; + __u8 zero; + __u8 protocol; +- __u16 lenght; ++ __u16 length; + }; + + #define PSEUDOHDR_SIZE sizeof(struct pseudohdr) +--- a/ars.c ++++ b/ars.c +@@ -698,7 +698,7 @@ int ars_udptcp_cksum(struct ars_packet * + memcpy(&pseudo.daddr, &ip->daddr, 4); + pseudo.protocol = (pkt->p_layer[layer].l_type == ARS_TYPE_TCP) + ? ARS_IPPROTO_TCP : ARS_IPPROTO_UDP; +- pseudo.lenght = htons(ars_relative_size(pkt, layer)); ++ pseudo.length = htons(ars_relative_size(pkt, layer)); + + /* Finally do the checksum */ + ars_multi_cksum(&mc, ARS_MC_INIT, NULL, 0); +--- a/datahandler.c ++++ b/datahandler.c +@@ -26,7 +26,7 @@ void data_handler(char *data, int data_s + } + + if (opt_sign) { +- memcpy(data, sign, signlen); /* lenght pre-checked */ ++ memcpy(data, sign, signlen); /* length pre-checked */ + data+=signlen; + data_size-=signlen; + } +--- a/ars.h ++++ b/ars.h +@@ -67,7 +67,7 @@ + #define ARS_MAX_IP_SIZE 65535 + + #define ARS_IP_MF ((unsigned short)0x2000) /* more fragments */ +-#define ARS_IP_DF ((unsigned short)0x4000) /* dont fragment */ ++#define ARS_IP_DF ((unsigned short)0x4000) /* don't fragment */ + #define ARS_IP_RF ((unsigned short)0x8000) /* reserved fragment flag */ + + #define ARS_IPOPT_COPY 0x80 +@@ -308,7 +308,7 @@ struct ars_pseudohdr + __u32 daddr; + __u8 zero; + __u8 protocol; +- __u16 lenght; ++ __u16 length; + }; + + /* The IGRP header structure */ +--- a/sendip_handler.c ++++ b/sendip_handler.c +@@ -35,7 +35,7 @@ void send_ip_handler(char *packet, unsig + unsigned short fragment_flag = 0; + + if (opt_mf) fragment_flag |= MF; /* more fragments */ +- if (opt_df) fragment_flag |= DF; /* dont fragment */ ++ if (opt_df) fragment_flag |= DF; /* don't fragment */ + send_ip((char*)&local.sin_addr, + (char*)&remote.sin_addr, + packet, size, fragment_flag, ip_frag_offset, diff --git a/net/hping3/patches/140_data_size_udp.patch b/net/hping3/patches/140_data_size_udp.patch new file mode 100644 index 000000000..6f07b0ded --- /dev/null +++ b/net/hping3/patches/140_data_size_udp.patch @@ -0,0 +1,22 @@ +Subject: Fix incorrect data size check for UDP. +Author: Luca Bigliardi +Bug-Debian; http://bugs.debian.org/546590 +Last-Update: 2009-09-19 + +--- a/parseoptions.c ++++ b/parseoptions.c +@@ -606,9 +606,12 @@ int parse_options(int argc, char **argv) + if (opt_numeric == TRUE) opt_gethost = FALSE; + + /* some error condition */ +- if (data_size+IPHDR_SIZE+TCPHDR_SIZE > 65535) { ++ if (data_size+IPHDR_SIZE+ ++ (opt_udpmode?UDPHDR_SIZE:TCPHDR_SIZE) > 65535) { + printf("Option error: sorry, data size must be <= %lu\n", +- (unsigned long)(65535-IPHDR_SIZE+TCPHDR_SIZE)); ++ (unsigned long)(65535-(IPHDR_SIZE+ ++ (opt_udpmode?UDPHDR_SIZE:TCPHDR_SIZE))) ++ ); + exit(1); + } + else if (count <= 0 && count != -1) { diff --git a/net/hping3/patches/160_tcp_mss.patch b/net/hping3/patches/160_tcp_mss.patch new file mode 100644 index 000000000..cf0da81ca --- /dev/null +++ b/net/hping3/patches/160_tcp_mss.patch @@ -0,0 +1,183 @@ +Subject: Add tcp-mss support. +Origin: http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/net/hping/patches/ +Bug-Debian: http://bugs.debian.org/409391 +Last-Update: 2009-09-19 + +--- a/main.c ++++ b/main.c +@@ -44,7 +44,8 @@ unsigned int + signlen, + lsr_length = 0, + ssr_length = 0, +- tcp_ack; ++ tcp_ack, ++ tcp_mss; + + + unsigned short int +@@ -95,6 +96,7 @@ int + opt_tcpexitcode = FALSE, + opt_badcksum = FALSE, + opt_tr_keep_ttl = FALSE, ++ opt_tcp_mss = FALSE, + opt_tcp_timestamp = FALSE, + opt_clock_skew = FALSE, + cs_window = DEFAULT_CS_WINDOW, +--- a/globals.h ++++ b/globals.h +@@ -32,7 +32,8 @@ extern unsigned int + tcp_seqnum, + set_ack, + ip_header_length, +- tcp_ack; ++ tcp_ack, ++ tcp_mss; + + extern unsigned short int + data_size; +@@ -77,6 +78,7 @@ extern int opt_debug, + opt_tcpexitcode, + opt_badcksum, + opt_tr_keep_ttl, ++ opt_tcp_mss, + opt_tcp_timestamp, + opt_clock_skew, + cs_window, +--- a/parseoptions.c ++++ b/parseoptions.c +@@ -31,7 +31,7 @@ enum { OPT_COUNT, OPT_INTERVAL, OPT_NUME + OPT_RROUTE, OPT_IPPROTO, OPT_ICMP_IPVER, OPT_ICMP_IPHLEN, + OPT_ICMP_IPLEN, OPT_ICMP_IPID, OPT_ICMP_IPPROTO, OPT_ICMP_CKSUM, + OPT_ICMP_TS, OPT_ICMP_ADDR, OPT_TCPEXITCODE, OPT_FAST, OPT_TR_KEEP_TTL, +- OPT_TCP_TIMESTAMP, OPT_TR_STOP, OPT_TR_NO_RTT, OPT_ICMP_HELP, ++ OPT_TCP_TIMESTAMP, OPT_TCP_MSS, OPT_TR_STOP, OPT_TR_NO_RTT, OPT_ICMP_HELP, + OPT_RAND_DEST, OPT_RAND_SOURCE, OPT_LSRR, OPT_SSRR, OPT_ROUTE_HELP, + OPT_ICMP_IPSRC, OPT_ICMP_IPDST, OPT_ICMP_SRCPORT, OPT_ICMP_DSTPORT, + OPT_ICMP_GW, OPT_FORCE_ICMP, OPT_APD_SEND, OPT_SCAN, OPT_FASTER, +@@ -125,6 +125,7 @@ static struct ago_optlist hping_optlist[ + { '\0', "force-icmp", OPT_FORCE_ICMP, AGO_NOARG }, + { '\0', "beep", OPT_BEEP, AGO_NOARG }, + { '\0', "flood", OPT_FLOOD, AGO_NOARG }, ++ { '\0', "tcp-mss", OPT_TCP_MSS, AGO_NEEDARG|AGO_EXCEPT0 }, + { '\0', "clock-skew", OPT_CLOCK_SKEW, AGO_NOARG }, + { '\0', "clock-skew-win", OPT_CS_WINDOW, AGO_NEEDARG}, + { '\0', "clock-skew-win-shift", OPT_CS_WINDOW_SHIFT, AGO_NEEDARG}, +@@ -561,6 +562,10 @@ int parse_options(int argc, char **argv) + case OPT_FLOOD: + opt_flood = TRUE; + break; ++ case OPT_TCP_MSS: ++ opt_tcp_mss = TRUE; ++ tcp_mss = strtoul(ago_optarg, NULL, 0); ++ break; + case OPT_CLOCK_SKEW: + opt_tcp_timestamp = TRUE; + opt_clock_skew = TRUE; +--- a/usage.c ++++ b/usage.c +@@ -87,6 +87,7 @@ void show_usage(void) + " -X --xmas set X unused flag (0x40)\n" + " -Y --ymas set Y unused flag (0x80)\n" + " --tcpexitcode use last tcp->th_flags as exit code\n" ++" --tcp-mss enable the TCP MSS option with the given value\n" + " --tcp-timestamp enable the TCP timestamp option to guess the HZ/uptime\n" + "Clock skew detection\n" + " --clock-skew enable clock skew detection. Try with -S against open port\n" +--- a/sendtcp.c ++++ b/sendtcp.c +@@ -28,10 +28,12 @@ void send_tcp(void) + char *packet, *data; + struct mytcphdr *tcp; + struct pseudohdr *pseudoheader; +- unsigned char *tstamp; ++ unsigned char *opts; + ++ if (opt_tcp_mss) ++ tcp_opt_size += 4; + if (opt_tcp_timestamp) +- tcp_opt_size = 12; ++ tcp_opt_size += 12; + + packet_size = TCPHDR_SIZE + tcp_opt_size + data_size; + packet = malloc(PSEUDOHDR_SIZE + packet_size); +@@ -41,7 +43,7 @@ void send_tcp(void) + } + pseudoheader = (struct pseudohdr*) packet; + tcp = (struct mytcphdr*) (packet+PSEUDOHDR_SIZE); +- tstamp = (unsigned char*) (packet+PSEUDOHDR_SIZE+TCPHDR_SIZE); ++ opts = (unsigned char*) (packet+PSEUDOHDR_SIZE+TCPHDR_SIZE); + data = (char*) (packet+PSEUDOHDR_SIZE+TCPHDR_SIZE+tcp_opt_size); + + memset(packet, 0, PSEUDOHDR_SIZE+packet_size); +@@ -64,14 +66,24 @@ void send_tcp(void) + tcp->th_win = htons(src_winsize); + tcp->th_flags = tcp_th_flags; + ++ /* tcp MSS option */ ++ if (opt_tcp_mss) { ++ opts[0] = 2; ++ opts[1] = 4; /* 4 bytes, kind+len+MSS */ ++ opts[2] = tcp_mss >> 8; ++ opts[3] = tcp_mss & 0xff; ++ opts += 4; ++ } ++ + /* tcp timestamp option */ + if (opt_tcp_timestamp) { + __u32 randts = rand() ^ (rand() << 16); +- tstamp[0] = tstamp[1] = 1; /* NOOP */ +- tstamp[2] = 8; +- tstamp[3] = 10; /* 10 bytes, kind+len+T1+T2 */ +- memcpy(tstamp+4, &randts, 4); /* random */ +- memset(tstamp+8, 0, 4); /* zero */ ++ opts[0] = opts[1] = 1; /* NOOP */ ++ opts[2] = 8; ++ opts[3] = 10; /* 10 bytes, kind+len+T1+T2 */ ++ memcpy(opts+4, &randts, 4); /* random */ ++ memset(opts+8, 0, 4); /* zero */ ++ opts += 12; + } + + /* data */ +--- a/docs/hping3.8 ++++ b/docs/hping3.8 +@@ -98,6 +98,8 @@ hping2 \- send (almost) arbitrary TCP/IP + ] [ + .B \-\-tcpexitcode + ] [ ++.B \-\-tcp-mss ++] [ + .B \-\-tcp-timestamp + ] [ + .B \-\-tr-stop +@@ -510,6 +512,9 @@ numbers are predictable. + .I -b --badcksum + Send packets with a bad UDP/TCP checksum. + .TP ++.I --tcp-mss ++Enable the TCP MSS option and set it to the given value. ++.TP + .I --tcp-timestamp + Enable the TCP timestamp option, and try to guess the timestamp update + frequency and the remote system uptime. +--- a/docs/french/hping2-fr.8 ++++ b/docs/french/hping2-fr.8 +@@ -99,6 +99,8 @@ hping2 \- envoie des paquets TCP/IP (pre + ] [ + .B \-\-tcpexitcode + ] [ ++.B \-\-tcp-mss ++] [ + .B \-\-tcp-timestamp + ] [ + .B \-\-tr-stop +@@ -538,6 +540,9 @@ pouvez le voir les numéros de séquence d + .I -b --badcksum + Envoie des paquets avec une mauvaise somme de contrôle UDP/TCP + .TP ++.I --tcp-mss ++Active l'option TCP MSS et la fixe avec la valeur donnée. ++.TP + .I --tcp-timestamp + Active l'option TCP timestamp, et essaye de deviner la fréquence de mise à + jour du timestamp et l'uptime du système distant. diff --git a/net/hping3/patches/190_ip_optlen_conflicting_types.patch b/net/hping3/patches/190_ip_optlen_conflicting_types.patch new file mode 100644 index 000000000..691858e65 --- /dev/null +++ b/net/hping3/patches/190_ip_optlen_conflicting_types.patch @@ -0,0 +1,19 @@ +Author: Michael Tautschnig +Subject: Conflicting types for variable ip_optlen + - globals.h: extern char ip_optlen; + - main.c: unsigned ip_optlen; + Undefined behaviour if the value of ip_optlen exceeds 127 for + any architecture with signed char type. +Bug-Debian: https://bugs.debian.org/688458 + +--- a/main.c ++++ b/main.c +@@ -156,7 +156,7 @@ unsigned char + lsr [255] = {0}, + ssr [255] = {0}; + +-unsigned ++char + ip_optlen = 0; + + struct sockaddr_in diff --git a/net/hping3/patches/191_fix_ftbfs_with_gcc10.patch b/net/hping3/patches/191_fix_ftbfs_with_gcc10.patch new file mode 100644 index 000000000..49b6d4ac0 --- /dev/null +++ b/net/hping3/patches/191_fix_ftbfs_with_gcc10.patch @@ -0,0 +1,14 @@ +Description: Fixes declaration of global variable +Author: Marcio de Souza Oliveira +Last-Update: 2020-09-02 +--- a/hping2.h ++++ b/hping2.h +@@ -357,7 +357,7 @@ struct delaytable_element { + int status; + }; + +-volatile struct delaytable_element delaytable[TABLESIZE]; ++extern volatile struct delaytable_element delaytable[TABLESIZE]; + + /* protos */ + void nop(void); /* nop */ diff --git a/net/hping3/patches/fix_icmp_ipid.patch b/net/hping3/patches/fix_icmp_ipid.patch new file mode 100644 index 000000000..6fba71d65 --- /dev/null +++ b/net/hping3/patches/fix_icmp_ipid.patch @@ -0,0 +1,15 @@ +Description: Fixes replies when icmp-ipid is used +Author: David Eisner +Last-Update: 2015-12-18 +--- a/waitpacket.c ++++ b/waitpacket.c +@@ -244,7 +244,8 @@ int recv_icmp(void *packet, size_t size) + if ((icmp.type == ICMP_ECHOREPLY || + icmp.type == ICMP_TIMESTAMPREPLY || + icmp.type == ICMP_ADDRESSREPLY) && +- icmp.un.echo.id == (getpid() & 0xffff)) ++ icmp.un.echo.id == ((icmp_ip_id == DEFAULT_ICMP_IP_ID) ? ++ getpid() & 0xffff : icmp_ip_id) ) + { + int icmp_seq = icmp.un.echo.sequence; + int status; diff --git a/net/hping3/patches/hping3-getifnamedebug.patch b/net/hping3/patches/hping3-getifnamedebug.patch new file mode 100644 index 000000000..6c9e92b67 --- /dev/null +++ b/net/hping3/patches/hping3-getifnamedebug.patch @@ -0,0 +1,11 @@ +--- a/getifname.c ++++ b/getifname.c +@@ -59,7 +59,7 @@ int get_if_name(void) + known_output_if = 1; + if (opt_debug) + printf("DEBUG: Output interface address: %s\n", +- inet_ntoa(sa.sin_addr)); ++ inet_ntoa(output_if_addr.sin_addr)); + } else { + fprintf(stderr, "Warning: Unable to guess the output " + "interface\n");