- Added patch to allow building dsniff with OpenSSL >= 1.1.0

- Added patch to correct a typo related to the -remote option

dsniff-2.4-openssl_110.patch

@@ -0,0 +1,243 @@
+Patch by Christoph Biedl <debian.axhn@manchmal.in-ulm.de> for dsniff >=
+2.4b1, which fixes building with OpenSSL 1.1.0. Adapted for compatibility
+with older OpenSSL versions by Robert Scheck <robert@fedoraproject.org>.
+
+--- dsniff-2.4/ssh.c			2017-02-11 22:31:54.705269813 +0100
++++ dsniff-2.4/ssh.c.openssl_110	2017-02-11 22:45:31.193447230 +0100
+@@ -234,6 +234,10 @@
+ 	u_char *p, cipher, cookie[8], msg[1024];
+ 	u_int32_t num;
+ 	int i;
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	const BIGNUM *servkey_e, *servkey_n;
++	const BIGNUM *hostkey_e, *hostkey_n;
++#endif
+ 	
+ 	/* Generate anti-spoofing cookie. */
+ 	RAND_bytes(cookie, sizeof(cookie));
+@@ -243,11 +247,23 @@
+ 	*p++ = SSH_SMSG_PUBLIC_KEY;			/* type */
+ 	memcpy(p, cookie, 8); p += 8;			/* cookie */
+ 	num = 768; PUTLONG(num, p);			/* servkey bits */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL);
++	put_bn(servkey_e, &p);				/* servkey exponent */
++	put_bn(servkey_n, &p);				/* servkey modulus */
++#else
+ 	put_bn(ssh->ctx->servkey->e, &p);		/* servkey exponent */
+ 	put_bn(ssh->ctx->servkey->n, &p);		/* servkey modulus */
++#endif
+ 	num = 1024; PUTLONG(num, p);			/* hostkey bits */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL);
++	put_bn(hostkey_e, &p);				/* hostkey exponent */
++	put_bn(hostkey_n, &p);				/* hostkey modulus */
++#else
+ 	put_bn(ssh->ctx->hostkey->e, &p);		/* hostkey exponent */
+ 	put_bn(ssh->ctx->hostkey->n, &p);		/* hostkey modulus */
++#endif
+ 	num = 0; PUTLONG(num, p);			/* protocol flags */
+ 	num = ssh->ctx->encmask; PUTLONG(num, p);	/* ciphers */
+ 	num = ssh->ctx->authmask; PUTLONG(num, p);	/* authmask */
+@@ -298,7 +314,11 @@
+ 	SKIP(p, i, 4);
+ 
+ 	/* Decrypt session key. */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	if (BN_cmp(servkey_n, hostkey_n) > 0) {
++#else
+ 	if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) {
++#endif
+ 		rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey);
+ 		rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey);
+ 	}
+@@ -318,8 +338,13 @@
+ 	BN_clear_free(enckey);
+ 	
+ 	/* Derive real session key using session id. */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	if ((p = ssh_session_id(cookie, hostkey_n,
++				servkey_n)) == NULL) {
++#else
+ 	if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+ 				ssh->ctx->servkey->n)) == NULL) {
++#endif
+ 		warn("ssh_session_id");
+ 		return (-1);
+ 	}
+@@ -328,10 +353,15 @@
+ 	}
+ 	/* Set cipher. */
+ 	if (cipher == SSH_CIPHER_3DES) {
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++		warnx("cipher 3des no longer supported");
++		return (-1);
++#else
+ 		ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+ 		ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+ 		ssh->encrypt = des3_encrypt;
+ 		ssh->decrypt = des3_decrypt;
++#endif
+ 	}
+ 	else if (cipher == SSH_CIPHER_BLOWFISH) {
+ 		ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey));
+@@ -357,6 +387,10 @@
+ 	u_char *p, cipher, cookie[8], msg[1024];
+ 	u_int32_t num;
+ 	int i;
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	BIGNUM *servkey_n, *servkey_e;
++	BIGNUM *hostkey_n, *hostkey_e;
++#endif
+ 	
+ 	/* Get public key. */
+ 	if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+@@ -379,21 +413,43 @@
+ 
+ 	/* Get servkey. */
+ 	ssh->ctx->servkey = RSA_new();
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	servkey_n = BN_new();
++	servkey_e = BN_new();
++	RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL);
++#else
+ 	ssh->ctx->servkey->n = BN_new();
+ 	ssh->ctx->servkey->e = BN_new();
++#endif
+ 
+ 	SKIP(p, i, 4);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	get_bn(servkey_e, &p, &i);
++	get_bn(servkey_n, &p, &i);
++#else
+ 	get_bn(ssh->ctx->servkey->e, &p, &i);
+ 	get_bn(ssh->ctx->servkey->n, &p, &i);
++#endif
+ 
+ 	/* Get hostkey. */
+ 	ssh->ctx->hostkey = RSA_new();
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	hostkey_n = BN_new();
++	hostkey_e = BN_new();
++	RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL);
++#else
+ 	ssh->ctx->hostkey->n = BN_new();
+ 	ssh->ctx->hostkey->e = BN_new();
++#endif
+ 
+ 	SKIP(p, i, 4);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	get_bn(hostkey_e, &p, &i);
++	get_bn(hostkey_n, &p, &i);
++#else
+ 	get_bn(ssh->ctx->hostkey->e, &p, &i);
+ 	get_bn(ssh->ctx->hostkey->n, &p, &i);
++#endif
+ 
+ 	/* Get cipher, auth masks. */
+ 	SKIP(p, i, 4);
+@@ -405,8 +461,13 @@
+ 	RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey));
+ 
+ 	/* Obfuscate with session id. */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	if ((p = ssh_session_id(cookie, hostkey_n,
++				servkey_n)) == NULL) {
++#else
+ 	if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+ 				ssh->ctx->servkey->n)) == NULL) {
++#endif
+ 		warn("ssh_session_id");
+ 		return (-1);
+ 	}
+@@ -422,7 +483,11 @@
+ 		else BN_add_word(bn, ssh->sesskey[i]);
+ 	}
+ 	/* Encrypt session key. */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	if (BN_cmp(servkey_n, hostkey_n) < 0) {
++#else
+ 	if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) {
++#endif
+ 		rsa_public_encrypt(bn, bn, ssh->ctx->servkey);
+ 		rsa_public_encrypt(bn, bn, ssh->ctx->hostkey);
+ 	}
+@@ -470,10 +535,15 @@
+ 		ssh->decrypt = blowfish_decrypt;
+ 	}
+ 	else if (cipher == SSH_CIPHER_3DES) {
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++		warnx("cipher 3des no longer supported");
++		return (-1);
++#else
+ 		ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+ 		ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+ 		ssh->encrypt = des3_encrypt;
+ 		ssh->decrypt = des3_decrypt;
++#endif
+ 	}
+ 	/* Get server response. */
+ 	if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+--- dsniff-2.4/sshcrypto.c		2017-02-11 22:31:54.688270184 +0100
++++ dsniff-2.4/sshcrypto.c.openssl_110	2017-02-11 22:35:30.594555807 +0100
+@@ -28,10 +28,12 @@
+ 	u_char			iv[8];
+ };
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ struct des3_state {
+ 	des_key_schedule	k1, k2, k3;
+ 	des_cblock		iv1, iv2, iv3;
+ };
++#endif
+ 
+ void
+ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
+@@ -39,10 +41,20 @@
+ 	u_char *inbuf, *outbuf;
+ 	int len, ilen, olen;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	const BIGNUM *n, *e;
++	RSA_get0_key(key, &n, &e, NULL);
++	if (BN_num_bits(e) < 2 || !BN_is_odd(e))
++#else
+ 	if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
++#endif
+ 		errx(1, "rsa_public_encrypt() exponent too small or not odd");
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	olen = BN_num_bytes(n);
++#else
+ 	olen = BN_num_bytes(key->n);
++#endif
+ 	outbuf = malloc(olen);
+ 
+ 	ilen = BN_num_bytes(in);
+@@ -71,7 +83,13 @@
+ 	u_char *inbuf, *outbuf;
+ 	int len, ilen, olen;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	const BIGNUM *n;
++	RSA_get0_key(key, &n, NULL, NULL);
++	olen = BN_num_bytes(n);
++#else
+ 	olen = BN_num_bytes(key->n);
++#endif
+ 	outbuf = malloc(olen);
+ 
+ 	ilen = BN_num_bytes(in);
+@@ -146,6 +164,7 @@
+ 	swap_bytes(dst, dst, len);
+ }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ /* XXX - SSH1's weirdo 3DES... */
+ void *
+ des3_init(u_char *sesskey, int len)
+@@ -194,3 +213,4 @@
+ 	des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT);
+ 	des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT);
+ }
++#endif

dsniff-2.4-remote_typo.patch

@@ -0,0 +1,14 @@
+Patch by Marcos Fouces <mfouces@yahoo.es> for dsniff >= 2.4b1, which fixes
+a minor spelling error in source code.
+
+--- dsniff-2.4/remote.c			2000-11-14 16:51:04.000000000 +0100
++++ dsniff-2.4/remote.c.remote_typo	2017-02-11 23:03:25.420064992 +0100
+@@ -652,7 +652,7 @@
+ 	  if (remote_command_count > 0)
+ 	    {
+ 	      fprintf (stderr,
+-		"%s: the `-id' option must preceed all `-remote' options.\n",
++		"%s: the `-id' option must precede all `-remote' options.\n",
+ 		       progname);
+ 	      usage ();
+ 	      exit (-1);

dsniff.spec

@@ -1,7 +1,7 @@
 Summary:	Tools for network auditing and penetration testing
 Name:		dsniff
 Version:	2.4
-Release:	0.22.b1%{?dist}
+Release:	0.23.b1%{?dist}
 License:	BSD
 Group:		Applications/Internet
 URL:		http://www.monkey.org/~dugsong/%{name}/
@@ -36,6 +36,8 @@ Patch26:	dsniff-2.4-modernize_pop.patch
 Patch27:	dsniff-2.4-libnet_name2addr4.patch
 Patch28:	dsniff-2.4-pntohl_shift.patch
 Patch29:	dsniff-2.4-rpc_segfault.patch
+Patch30:	dsniff-2.4-openssl_110.patch
+Patch31:	dsniff-2.4-remote_typo.patch
 BuildRequires:	libnet-devel, openssl-devel, libnids-devel, glib2-devel, %{_includedir}/pcap.h
 %if 0%{?rhel}%{?fedora} > 6
 BuildRequires:	libdb-devel
@@ -92,6 +94,8 @@ by exploiting weak bindings in ad-hoc PKI.
 %patch27 -p1 -b .libnet_name2addr4
 %patch28 -p1 -b .pntohl_shift
 %patch29 -p1 -b .rpc_segfault
+%patch30 -p1 -b .openssl_110
+%patch31 -p1 -b .remote_typo
 
 %build
 %configure
@@ -106,7 +110,9 @@ rm -rf $RPM_BUILD_ROOT
 
 %files
 %defattr(-,root,root,-)
-%doc CHANGES LICENSE README TODO
+%{!?_licensedir:%global license %%doc}
+%license LICENSE
+%doc CHANGES README TODO
 %dir %{_sysconfdir}/%{name}
 %config(noreplace) %{_sysconfdir}/%{name}/*
 %{_sbindir}/arpspoof
@@ -139,6 +145,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/webspy.8*
 
 %changelog
+* Sat Feb 11 2017 Robert Scheck <robert@fedoraproject.org> 2.4-0.23.b1
+- Added patch to allow building dsniff with OpenSSL >= 1.1.0
+- Added patch to correct a typo related to the -remote option
+
 * Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.22.b1
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
 

sources

@@ -1 +1 @@
-2f761fa3475682a7512b0b43568ee7d6  dsniff-2.4b1.tar.gz
+SHA512 (dsniff-2.4b1.tar.gz) = 62dafab293de6dc3e9b01561b3627d63ca334467c01c3550a6318d8bcbe99d5a301ec16967af34065a14e8bca1c4b6a41da766cbd51ebd8338615b950c4f642f