Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>

dsniff-2.4-arpspoof_hwaddr.patch

@@ -0,0 +1,218 @@
+Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to allow the
+selection of source hw address.
+
+In certain networks, sending with the wrong hardware source address can jeopardize
+the network connection of the host running arpspoof. This patch makes it possible
+to specify whether arpspoof should use the own hardware address or the one of the
+real host when resetting the arp table of the target systems; it is also possible
+to use both.
+
+For some more information, please have a look to Debian bug ID #650752.
+
+--- dsniff-2.4/arpspoof.8			2013-12-20 20:54:25.000000000 +0100
++++ dsniff-2.4/arpspoof.8.arpspoof_hwaddr	2013-12-20 20:55:19.000000000 +0100
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR
++\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-c \fIown|host|both\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -23,6 +23,13 @@
+ .SH OPTIONS
+ .IP "\fB-i \fIinterface\fR"
+ Specify the interface to use.
++.IP "\fB-c \fIown|host|both\fR"
++Specify which hardware address t use when restoring the arp configuration;
++while cleaning up, packets can be send with the own address as well as with
++the address of the host. Sending packets with a fake hw address can disrupt
++connectivity with certain switch/ap/bridge configurations, however it works
++more reliably than using the own address, which is the default way arpspoof
++cleans up afterwards.
+ .IP "\fB-t \fItarget\fR"
+ Specify a particular host to ARP poison (if not specified, all hosts
+ on the LAN).  Repeat to specify multiple hosts.
+--- dsniff-2.4/arpspoof.c			2013-12-20 20:54:25.000000000 +0100
++++ dsniff-2.4/arpspoof.c.arpspoof_hwaddr	2013-12-20 21:02:10.000000000 +0100
+@@ -40,37 +40,36 @@
+ static char *intf;
+ static int poison_reverse;
+ 
++static uint8_t *my_ha = NULL;
++static uint8_t *brd_ha = "\xff\xff\xff\xff\xff\xff";
++
++static int cleanup_src_own = 1;
++static int cleanup_src_host = 0;
++
+ static void
+ usage(void)
+ {
+ 	fprintf(stderr, "Version: " VERSION "\n"
+-		"Usage: arpspoof [-i interface] [-t target] [-r] host\n");
++		"Usage: arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host\n");
+ 	exit(1);
+ }
+ 
+ static int
+-arp_send(libnet_t *l, int op, u_int8_t *sha,
+-	 in_addr_t spa, u_int8_t *tha, in_addr_t tpa)
++arp_send(libnet_t *l, int op,
++	 u_int8_t *sha, in_addr_t spa,
++	 u_int8_t *tha, in_addr_t tpa,
++	 u_int8_t *me)
+ {
+ 	int retval;
+ 
+-	if (sha == NULL &&
+-	    (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) {
+-		return (-1);
+-	}
+-	if (spa == 0) {
+-		if ((spa = libnet_get_ipaddr4(l)) == -1)
+-			return (-1);
+-	}
+-	if (tha == NULL)
+-		tha = "\xff\xff\xff\xff\xff\xff";
++	if (!me) me = sha;
+ 	
+ 	libnet_autobuild_arp(op, sha, (u_int8_t *)&spa,
+ 			     tha, (u_int8_t *)&tpa, l);
+-	libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0);
++	libnet_build_ethernet(tha, me, ETHERTYPE_ARP, NULL, 0, l, 0);
+ 	
+ 	fprintf(stderr, "%s ",
+-		ether_ntoa((struct ether_addr *)sha));
++		ether_ntoa((struct ether_addr *)me));
+ 
+ 	if (op == ARPOP_REQUEST) {
+ 		fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n",
+@@ -129,7 +128,7 @@
+ 		/* XXX - force the kernel to arp. feh. */
+ 		arp_force(ip);
+ #else
+-		arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip);
++		arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip, NULL);
+ #endif
+ 		sleep(1);
+ 	}
+@@ -156,17 +155,22 @@
+ 	int fw = arp_find(spoof.ip, &spoof.mac);
+ 	int bw = poison_reverse && targets[0].ip && arp_find_all();
+ 	int i;
++	int rounds = (cleanup_src_own*5 + cleanup_src_host*5);
+ 	
+ 	fprintf(stderr, "Cleaning up and re-arping targets...\n");
+-	for (i = 0; i < 5; i++) {
++	for (i = 0; i < rounds; i++) {
+ 		struct host *target = targets;
+ 		while(target->ip) {
++			uint8_t *src_ha = NULL;
++			if (cleanup_src_own && (i%2 || !cleanup_src_host)) {
++				src_ha = my_ha;
++			}
+ 			/* XXX - on BSD, requires ETHERSPOOF kernel. */
+ 			if (fw) {
+ 				arp_send(l, ARPOP_REPLY,
+ 					 (u_int8_t *)&spoof.mac, spoof.ip,
+-					 (target->ip ? (u_int8_t *)&target->mac : NULL),
+-					 target->ip);
++					 (target->ip ? (u_int8_t *)&target->mac : brd_ha),
++					 target->ip, src_ha);
+ 				/* we have to wait a moment before sending the next packet */
+ 				sleep(1);
+ 			}
+@@ -174,7 +178,7 @@
+ 				arp_send(l, ARPOP_REPLY,
+ 					 (u_int8_t *)&target->mac, target->ip,
+ 					 (u_int8_t *)&spoof.mac,
+-					 spoof.ip);
++					 spoof.ip, src_ha);
+ 				sleep(1);
+ 			}
+ 			target++;
+@@ -193,6 +197,7 @@
+ 	char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ 	int c;
+ 	int n_targets;
++	char *cleanup_src = NULL;
+ 	
+ 	spoof.ip = 0;
+ 	intf = NULL;
+@@ -202,7 +207,7 @@
+ 	/* allocate enough memory for target list */
+ 	targets = calloc( argc+1, sizeof(struct host) );
+ 	
+-	while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) {
++	while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) {
+ 		switch (c) {
+ 		case 'i':
+ 			intf = optarg;
+@@ -214,6 +219,9 @@
+ 		case 'r':
+ 			poison_reverse = 1;
+ 			break;
++		case 'c':
++			cleanup_src = optarg;
++			break;
+ 		default:
+ 			usage();
+ 		}
+@@ -229,6 +237,29 @@
+ 		usage();
+ 	}
+ 	
++	if (!cleanup_src || strcmp(cleanup_src, "own") == 0) { /* default! */
++		/* only use our own hw address when cleaning up,
++		 * not jeopardizing any bridges on the way to our
++		 * target
++		 */
++		cleanup_src_own = 1;
++		cleanup_src_host = 0;
++	} else if (strcmp(cleanup_src, "host") == 0) {
++		/* only use the target hw address when cleaning up;
++		 * this can screw up some bridges and scramble access
++		 * for our own host, however it resets the arp table
++		 * more reliably
++		 */
++		cleanup_src_own = 0;
++		cleanup_src_host = 1;
++	} else if (strcmp(cleanup_src, "both") == 0) {
++		cleanup_src_own = 1;
++		cleanup_src_host = 1;
++	} else {
++		errx(1, "Invalid parameter to -c: use 'own' (default), 'host' or 'both'.");
++		usage();
++	}
++	
+ 	if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ 		usage();
+ 	
+@@ -253,6 +284,10 @@
+ 		}
+ 	}
+ 	
++	if ((my_ha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) {
++		errx(1, "Unable to determine own mac address");
++	}
++	
+ 	signal(SIGHUP, cleanup);
+ 	signal(SIGINT, cleanup);
+ 	signal(SIGTERM, cleanup);
+@@ -260,11 +295,11 @@
+ 	for (;;) {
+ 		struct host *target = targets;
+ 		while(target->ip) {
+-			arp_send(l, ARPOP_REPLY, NULL, spoof.ip,
+-				 (target->ip ? (u_int8_t *)&target->mac : NULL),
+-				 target->ip);
++			arp_send(l, ARPOP_REPLY, my_ha, spoof.ip,
++				 (target->ip ? (u_int8_t *)&target->mac : brd_ha),
++				 target->ip, my_ha);
+ 			if (poison_reverse) {
+-				arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip);
++				arp_send(l, ARPOP_REPLY, my_ha, target->ip, (uint8_t *)&spoof.mac, spoof.ip, my_ha);
+ 			}
+ 			target++;
+ 		}

dsniff-2.4-arpspoof_multiple.patch

@@ -0,0 +1,186 @@
+Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to allow the use
+of of multiple targets. For some more information, please have a look to Debian bug
+ID #650751.
+
+--- dsniff-2.4/arpspoof.8			2013-12-20 20:40:36.000000000 +0100
++++ dsniff-2.4/arpspoof.8.arpspoof_multiple	2013-12-20 20:41:45.000000000 +0100
+@@ -25,7 +25,7 @@
+ Specify the interface to use.
+ .IP "\fB-t \fItarget\fR"
+ Specify a particular host to ARP poison (if not specified, all hosts
+-on the LAN).
++on the LAN).  Repeat to specify multiple hosts.
+ .IP "\fB\-r\fR"
+ Poison both hosts (host and target) to capture traffic in both directions.
+ (only valid in conjuntion with \-t)
+--- dsniff-2.4/arpspoof.c			2013-12-20 20:40:36.000000000 +0100
++++ dsniff-2.4/arpspoof.c.arpspoof_multiple	2013-12-20 20:50:34.000000000 +0100
+@@ -27,11 +27,16 @@
+ #include "arp.h"
+ #include "version.h"
+ 
++struct host {
++	in_addr_t ip;
++	struct ether_addr mac;
++};
++
+ extern char *ether_ntoa(struct ether_addr *);
+ 
+ static libnet_t *l;
+-static struct ether_addr spoof_mac, target_mac;
+-static in_addr_t spoof_ip, target_ip;
++static struct host spoof = {0};
++static struct host *targets;
+ static char *intf;
+ static int poison_reverse;
+ 
+@@ -133,30 +138,46 @@
+ 	return (0);
+ }
+ 
++static int arp_find_all() {
++	struct host *target = targets;
++	while(target->ip) {
++		if (arp_find(target->ip, &target->mac)) {
++			return 1;
++		}
++		target++;
++	}
++
++	return 0;
++}
++
+ static void
+ cleanup(int sig)
+ {
+-	int fw = arp_find(spoof_ip, &spoof_mac);
+-	int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac);
++	int fw = arp_find(spoof.ip, &spoof.mac);
++	int bw = poison_reverse && targets[0].ip && arp_find_all();
+ 	int i;
+ 	
+ 	fprintf(stderr, "Cleaning up and re-arping targets...\n");
+ 	for (i = 0; i < 5; i++) {
+-		/* XXX - on BSD, requires ETHERSPOOF kernel. */
+-		if (fw) {
+-			arp_send(l, ARPOP_REPLY,
+-				 (u_int8_t *)&spoof_mac, spoof_ip,
+-				 (target_ip ? (u_int8_t *)&target_mac : NULL),
+-				 target_ip);
+-			/* we have to wait a moment before sending the next packet */
+-			sleep(1);
+-		}
+-		if (bw) {
+-			arp_send(l, ARPOP_REPLY,
+-				 (u_int8_t *)&target_mac, target_ip,
+-				 (u_int8_t *)&spoof_mac,
+-				 spoof_ip);
+-			sleep(1);
++		struct host *target = targets;
++		while(target->ip) {
++			/* XXX - on BSD, requires ETHERSPOOF kernel. */
++			if (fw) {
++				arp_send(l, ARPOP_REPLY,
++					 (u_int8_t *)&spoof.mac, spoof.ip,
++					 (target->ip ? (u_int8_t *)&target->mac : NULL),
++					 target->ip);
++				/* we have to wait a moment before sending the next packet */
++				sleep(1);
++			}
++			if (bw) {
++				arp_send(l, ARPOP_REPLY,
++					 (u_int8_t *)&target->mac, target->ip,
++					 (u_int8_t *)&spoof.mac,
++					 spoof.ip);
++				sleep(1);
++			}
++			target++;
+ 		}
+ 	}
+ 	
+@@ -171,10 +192,15 @@
+ 	char pcap_ebuf[PCAP_ERRBUF_SIZE];
+ 	char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ 	int c;
++	int n_targets;
+ 	
++	spoof.ip = 0;
+ 	intf = NULL;
+-	spoof_ip = target_ip = 0;
+ 	poison_reverse = 0;
++	n_targets = 0;
++	
++	/* allocate enough memory for target list */
++	targets = calloc( argc+1, sizeof(struct host) );
+ 	
+ 	while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) {
+ 		switch (c) {
+@@ -182,7 +208,7 @@
+ 			intf = optarg;
+ 			break;
+ 		case 't':
+-			if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1)
++			if ((targets[n_targets++].ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1)
+ 				usage();
+ 			break;
+ 		case 'r':
+@@ -198,12 +224,12 @@
+ 	if (argc != 1)
+ 		usage();
+ 	
+-	if (poison_reverse && !target_ip) {
++	if (poison_reverse && !n_targets) {
+ 		errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t).");
+ 		usage();
+ 	}
+ 	
+-	if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
++	if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ 		usage();
+ 	
+ 	if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL)
+@@ -212,14 +238,18 @@
+ 	if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL)
+ 		errx(1, "%s", libnet_ebuf);
+ 	
+-	if (target_ip != 0 && !arp_find(target_ip, &target_mac))
+-		errx(1, "couldn't arp for host %s",
+-		     libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE));
++	struct host *target = targets;
++	while(target->ip) {
++		if (target->ip != 0 && !arp_find(target->ip, &target->mac))
++			errx(1, "couldn't arp for host %s",
++			     libnet_addr2name4(target->ip, LIBNET_DONT_RESOLVE));
++		target++;
++	}
+ 	
+ 	if (poison_reverse) {
+-		if (!arp_find(spoof_ip, &spoof_mac)) {
++		if (!arp_find(spoof.ip, &spoof.mac)) {
+ 			errx(1, "couldn't arp for spoof host %s",
+-			     libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE));
++			     libnet_addr2name4(spoof.ip, LIBNET_DONT_RESOLVE));
+ 		}
+ 	}
+ 	
+@@ -228,11 +258,15 @@
+ 	signal(SIGTERM, cleanup);
+ 	
+ 	for (;;) {
+-		arp_send(l, ARPOP_REPLY, NULL, spoof_ip,
+-			 (target_ip ? (u_int8_t *)&target_mac : NULL),
+-			 target_ip);
+-		if (poison_reverse) {
+-			arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip);
++		struct host *target = targets;
++		while(target->ip) {
++			arp_send(l, ARPOP_REPLY, NULL, spoof.ip,
++				 (target->ip ? (u_int8_t *)&target->mac : NULL),
++				 target->ip);
++			if (poison_reverse) {
++				arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip);
++			}
++			target++;
+ 		}
+ 		sleep(2);
+ 	}

dsniff-2.4-arpspoof_reverse.patch

@@ -0,0 +1,142 @@
+Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to add add -r
+switch to poison both directions. For some more information, please have a look to
+Debian bug ID #650749.
+
+--- dsniff-2.4/arpspoof.8			2000-11-28 08:43:43.000000000 +0100
++++ dsniff-2.4/arpspoof.8.arpspoof_reverse	2013-12-20 20:27:49.000000000 +0100
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBarpspoof\fR [\fB-i \fIinterface\fR] [\fB-t \fItarget\fR] \fIhost\fR
++\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -26,6 +26,9 @@
+ .IP "\fB-t \fItarget\fR"
+ Specify a particular host to ARP poison (if not specified, all hosts
+ on the LAN).
++.IP "\fB\-r\fR"
++Poison both hosts (host and target) to capture traffic in both directions.
++(only valid in conjuntion with \-t)
+ .IP \fIhost\fR
+ Specify the host you wish to intercept packets for (usually the local
+ gateway).
+--- dsniff-2.4/arpspoof.c			2013-12-20 20:25:04.000000000 +0100
++++ dsniff-2.4/arpspoof.c.arpspoof_reverse	2013-12-20 20:34:31.000000000 +0100
+@@ -7,6 +7,8 @@
+  * Copyright (c) 1999 Dug Song <dugsong@monkey.org>
+  *
+  * $Id: arpspoof.c,v 1.5 2001/03/15 08:32:58 dugsong Exp $
++ *
++ * Improved 2011 by Stefan Tomanek <stefa@pico.ruhr.de>
+  */
+ 
+ #include "config.h"
+@@ -31,12 +33,13 @@
+ static struct ether_addr spoof_mac, target_mac;
+ static in_addr_t spoof_ip, target_ip;
+ static char *intf;
++static int poison_reverse;
+ 
+ static void
+ usage(void)
+ {
+ 	fprintf(stderr, "Version: " VERSION "\n"
+-		"Usage: arpspoof [-i interface] [-t target] host\n");
++		"Usage: arpspoof [-i interface] [-t target] [-r] host\n");
+ 	exit(1);
+ }
+ 
+@@ -133,18 +136,30 @@
+ static void
+ cleanup(int sig)
+ {
++	int fw = arp_find(spoof_ip, &spoof_mac);
++	int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac);
+ 	int i;
+ 	
+-	if (arp_find(spoof_ip, &spoof_mac)) {
+-		for (i = 0; i < 3; i++) {
+-			/* XXX - on BSD, requires ETHERSPOOF kernel. */
++	fprintf(stderr, "Cleaning up and re-arping targets...\n");
++	for (i = 0; i < 5; i++) {
++		/* XXX - on BSD, requires ETHERSPOOF kernel. */
++		if (fw) {
+ 			arp_send(l, ARPOP_REPLY,
+ 				 (u_int8_t *)&spoof_mac, spoof_ip,
+ 				 (target_ip ? (u_int8_t *)&target_mac : NULL),
+ 				 target_ip);
++			/* we have to wait a moment before sending the next packet */
++			sleep(1);
++		}
++		if (bw) {
++			arp_send(l, ARPOP_REPLY,
++				 (u_int8_t *)&target_mac, target_ip,
++				 (u_int8_t *)&spoof_mac,
++				 spoof_ip);
+ 			sleep(1);
+ 		}
+ 	}
++	
+ 	exit(0);
+ }
+ 
+@@ -159,8 +174,9 @@
+ 	
+ 	intf = NULL;
+ 	spoof_ip = target_ip = 0;
++	poison_reverse = 0;
+ 	
+-	while ((c = getopt(argc, argv, "i:t:h?V")) != -1) {
++	while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) {
+ 		switch (c) {
+ 		case 'i':
+ 			intf = optarg;
+@@ -169,6 +185,9 @@
+ 			if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1)
+ 				usage();
+ 			break;
++		case 'r':
++			poison_reverse = 1;
++			break;
+ 		default:
+ 			usage();
+ 		}
+@@ -179,6 +198,11 @@
+ 	if (argc != 1)
+ 		usage();
+ 	
++	if (poison_reverse && !target_ip) {
++		errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t).");
++		usage();
++	}
++	
+ 	if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ 		usage();
+ 	
+@@ -192,6 +216,13 @@
+ 		errx(1, "couldn't arp for host %s",
+ 		     libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE));
+ 	
++	if (poison_reverse) {
++		if (!arp_find(spoof_ip, &spoof_mac)) {
++			errx(1, "couldn't arp for spoof host %s",
++			     libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE));
++		}
++	}
++	
+ 	signal(SIGHUP, cleanup);
+ 	signal(SIGINT, cleanup);
+ 	signal(SIGTERM, cleanup);
+@@ -200,6 +231,9 @@
+ 		arp_send(l, ARPOP_REPLY, NULL, spoof_ip,
+ 			 (target_ip ? (u_int8_t *)&target_mac : NULL),
+ 			 target_ip);
++		if (poison_reverse) {
++			arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip);
++		}
+ 		sleep(2);
+ 	}
+ 	/* NOTREACHED */

dsniff-2.4-fedora_dirs.patch

@@ -18,7 +18,7 @@ various paths for the Fedora directory structure.
  
 -INCS	= -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \
 -	  -I$(srcdir)/missing
-+INCS	= -I. $(X11INC) -I$(srcdir)/missing 
++INCS	= -I. $(X11INC) $(SSLINC) -I$(srcdir)/missing 
  LIBS	= @LIBS@ -L$(srcdir) -lmissing
  
  INSTALL	= @INSTALL@

dsniff-2.4-libnet_name2addr4.patch

@@ -0,0 +1,140 @@
+Patch by Robert Scheck <robert@fedoraproject.org> for dsniff >= 2.4b1 which fixes
+possible segmentation faults of arpspoof, sshmitm, webmitm and webspy if any non-
+resolving hostname is passed. Issue was introduced by dsniff-2.4-libnet_11.patch;
+libnet_name_resolve() was replaced by libnet_name2addr4() while there must be the
+structure libnet_t passed additionally. And if that structure is not initialized
+using libnet_init() and the passed name can't be resolved (like "192.168.2."), it
+causes a snprintf() to NULL and thus the segmentation fault. Note that macof isn't
+affected as no resolving was involved here ever. Please also have a look to Red Hat
+Bugzilla ID #1009879 for further information.
+
+--- dsniff-2.4/sshmitm.c			2013-12-20 21:19:58.000000000 +0100
++++ dsniff-2.4/sshmitm.c.libnet_name2addr4	2013-12-20 21:29:44.000000000 +0100
+@@ -45,6 +45,8 @@
+ struct	 sockaddr_in csin, ssin;
+ int	 sig_pipe[2];
+ 
++static	 libnet_t *l;
++
+ static void
+ usage(void)
+ {
+@@ -364,6 +366,7 @@
+ 	u_long ip;
+ 	u_short lport, rport;
+ 	int c;
++	char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ 
+ 	lport = rport = 22;
+ 
+@@ -390,12 +393,15 @@
+ 	if (argc < 1)
+ 		usage();
+ 	
+-	if ((ip = libnet_name2addr4(NULL, argv[0], LIBNET_RESOLVE)) == -1)
+-		usage();
+-
+ 	if (argc == 2 && (rport = atoi(argv[1])) == 0)
+ 		usage();
+ 	
++	if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL)
++		errx(1, "%s", libnet_ebuf);
++	
++	if ((ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
++		usage();
++	
+ 	record_init(NULL);
+ 	
+ 	mitm_init(lport, ip, rport);
+--- dsniff-2.4/webmitm.c			2013-12-20 21:19:58.000000000 +0100
++++ dsniff-2.4/webmitm.c.libnet_name2addr4	2013-12-20 21:40:09.000000000 +0100
+@@ -47,6 +47,8 @@
+ int	 do_ssl, sig_pipe[2];
+ in_addr_t	static_host = 0;
+ 
++static	 libnet_t *l;
++
+ extern int decode_http(char *, int, char *, int);
+ 
+ static void
+@@ -242,7 +244,7 @@
+ 			word = buf_tok(&msg, "/", 1);
+ 			vhost = buf_strdup(word);
+ 		}
+-		ssin.sin_addr.s_addr = libnet_name2addr4(NULL, vhost, 1);
++		ssin.sin_addr.s_addr = libnet_name2addr4(l, vhost, LIBNET_RESOLVE);
+ 		free(vhost);
+ 		
+ 		if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) ||
+@@ -496,6 +498,7 @@
+ 	extern char *optarg;
+ 	extern int optind;
+ 	int c;
++	char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ 
+ 	while ((c = getopt(argc, argv, "dh?V")) != -1) {
+ 		switch (c) {
+@@ -509,8 +512,11 @@
+ 	argc -= optind;
+ 	argv += optind;
+ 
++	if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL)
++		errx(1, "%s", libnet_ebuf);
++	
+ 	if (argc == 1) {
+-		if ((static_host = libnet_name2addr4(NULL, argv[0], 1)) == -1)
++		if ((static_host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ 			usage();
+ 	}
+ 	else if (argc != 0) usage();
+--- dsniff-2.4/webspy.c				2013-12-20 21:19:58.000000000 +0100
++++ dsniff-2.4/webspy.c.libnet_name2addr4	2013-12-20 21:45:57.000000000 +0100
+@@ -33,6 +33,7 @@
+ extern int mozilla_remote_commands (Display *, Window, char **);
+ char	*expected_mozilla_version = "4.7";
+ char	*progname = "webspy";
++static	libnet_t *l;
+ 
+ Display		*dpy;
+ char		 cmd[2048], *cmdtab[2];
+@@ -183,6 +184,7 @@
+ 	extern char *optarg;
+ 	extern int optind;
+ 	int c;
++	char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ 	
+ 	while ((c = getopt(argc, argv, "i:p:h?V")) != -1) {
+ 		switch (c) {
+@@ -205,7 +207,10 @@
+ 	cmdtab[0] = cmd;
+ 	cmdtab[1] = NULL;
+ 	
+-	if ((host = libnet_name2addr4(NULL, argv[0], 1)) == -1)
++	if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL)
++		errx(1, "%s", libnet_ebuf);
++	
++	if ((host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ 		errx(1, "unknown host");
+ 	
+ 	if ((dpy = XOpenDisplay(NULL)) == NULL)
+--- dsniff-2.4/arpspoof.c			2013-12-20 22:00:53.000000000 +0100
++++ dsniff-2.4/arpspoof.c.libnet_name2addr4	2013-12-20 22:00:38.000000000 +0100
+@@ -207,6 +207,9 @@
+ 	/* allocate enough memory for target list */
+ 	targets = calloc( argc+1, sizeof(struct host) );
+ 	
++	if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL)
++		errx(1, "%s", libnet_ebuf);
++	
+ 	while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) {
+ 		switch (c) {
+ 		case 'i':
+@@ -263,6 +266,8 @@
+ 	if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ 		usage();
+ 	
++	libnet_destroy(l);
++	
+ 	if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL)
+ 		errx(1, "%s", pcap_ebuf);
+ 	

dsniff-2.4-libtirpc.patch

@@ -0,0 +1,51 @@
+Patch by Robert Scheck <robert@fedoraproject.org> for dsniff >= 2.4b1 which
+allows building against libtirpc (as a separate library) given the Sun RPC
+support in glibc has been deprecated for a long time.
+
+--- dsniff-2.4/Makefile.in		2018-05-26 22:04:34.809966900 +0200
++++ dsniff-2.4/Makefile.in.libtirpc	2018-05-27 02:56:31.149313503 +0200
+@@ -16,7 +16,7 @@
+ mandir		= @mandir@
+ 
+ CC	= @CC@
+-CFLAGS	= @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\"
++CFLAGS	= @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" -I/usr/include/tirpc
+ LDFLAGS	= @LDFLAGS@
+ 
+ PCAPINC = @PCAPINC@
+@@ -93,7 +93,7 @@
+ 	$(RANLIB) $@
+ 
+ dsniff: $(HDRS) $(SRCS) $(OBJS) libmissing.a
+-	$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB)
++	$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc
+ 
+ arpspoof: arpspoof.o arp.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+@@ -102,7 +102,7 @@
+ 	$(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+ 
+ filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o libmissing.a
+-	$(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
++	$(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) -ltirpc
+ 
+ macof: macof.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ macof.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+@@ -114,7 +114,7 @@
+ 	$(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+ 
+ sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o libmissing.a
+-	$(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB)
++	$(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc
+ 
+ sshow: sshow.o pcaputil.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+@@ -132,7 +132,7 @@
+ 	$(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+ 
+ webmitm: webmitm.o base64.o buf.o decode_http.o record.o libmissing.a
+-	$(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB)
++	$(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc
+ 
+ webspy: webspy.o base64.o buf.o remote.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB)

dsniff-2.4-modernize_pop.patch

@@ -0,0 +1,122 @@
+Patch by Stefan Tomanek <stefan@pico.ruhr.de> for dsniff >= 2.4b1 to rewrite and
+modernize the POP decoder. For some more information, please have a look to Debian
+bug ID #647583.
+
+--- dsniff-2.4/decode_pop.c			2013-12-20 21:06:13.000000000 +0100
++++ dsniff-2.4/decode_pop.c.modernize_pop	2013-12-20 21:12:58.000000000 +0100
+@@ -6,6 +6,8 @@
+  * Copyright (c) 2000 Dug Song <dugsong@monkey.org>
+  *
+  * $Id: decode_pop.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $
++ *
++ * Rewritten by Stefan Tomanek 2011 <stefan@pico.ruhr.de>
+  */
+ 
+ #include "config.h"
+@@ -45,32 +47,87 @@
+ decode_pop(u_char *buf, int len, u_char *obuf, int olen)
+ {
+ 	char *p;
++	char *s;
++	int n;
+ 	int i, j;
++	char *user;
++	char *password;
++	enum {
++		NONE,
++		AUTHPLAIN,
++		AUTHLOGIN,
++		USERPASS
++	} mode = NONE;
+ 	
+ 	obuf[0] = '\0';
+ 	
+ 	for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) {
+-		if (strncasecmp(p, "AUTH PLAIN", 10) == 0 ||
+-		    strncasecmp(p, "AUTH LOGIN", 10) == 0) {
+-			strlcat(obuf, p, olen);
+-			strlcat(obuf, "\n", olen);
+-			
+-			/* Decode SASL auth. */
+-			for (i = 0; i < 2 && (p = strtok(NULL, "\r\n")); i++) {
+-				strlcat(obuf, p, olen);
+-				j = base64_pton(p, p, strlen(p));
+-				p[j] = '\0';
+-				strlcat(obuf, " [", olen);
+-				strlcat(obuf, p, olen);
+-				strlcat(obuf, "]\n", olen);
++		if (mode == NONE) {
++			user = NULL;
++			password = NULL;
++			if (strncasecmp(p, "AUTH PLAIN", 10) == 0) {
++				mode = AUTHPLAIN;
++				continue;
++			}
++			if (strncasecmp(p, "AUTH LOGIN", 10) == 0) {
++				mode = AUTHLOGIN;
++				continue;
++			}
++			if (strncasecmp(p, "USER ", 5) == 0) {
++				mode = USERPASS;
++				/* the traditional login cuts right to the case,
++				 * so no continue here
++				 */
+ 			}
+ 		}
+-		/* Save regular POP2, POP3 auth info. */
+-		else if (strncasecmp(p, "USER ", 5) == 0 ||
+-			 strncasecmp(p, "PASS ", 5) == 0 ||
+-			 strncasecmp(p, "HELO ", 5) == 0) {
+-			strlcat(obuf, p, olen);
+-			strlcat(obuf, "\n", olen);
++		printf("(%d) %s\n", mode, p);
++		if (mode == USERPASS) {
++			if (strncasecmp(p, "USER ", 5) == 0) {
++				user = &p[5];
++			} else if (strncasecmp(p, "PASS ", 5) == 0) {
++				password = &p[5];
++			}
++		}
++
++		if (mode == AUTHPLAIN) {
++			j = base64_pton(p, p, strlen(p));
++			p[j] = '\0';
++			n = 0;
++			s = p;
++			/* p consists of three parts, divided by \0 */
++			while (s <= &p[j] && n<=3) {
++				if (n == 0) {
++					/* we do not process this portion yet */
++				} else if (n == 1) {
++					user = s;
++				} else if (n == 2) {
++					password = s;
++				}
++				n++;
++				while (*s) s++;
++				s++;
++			}
++		}
++
++		if (mode == AUTHLOGIN) {
++			j = base64_pton(p, p, strlen(p));
++			p[j] = '\0';
++			if (!user) {
++				user = p;
++			} else {
++				password = p;
++				/* got everything we need :-) */
++			}
++		}
++
++		if (user && password) {
++			strlcat(obuf, "\nusername [", olen);
++			strlcat(obuf, user, olen);
++			strlcat(obuf, "] password [", olen);
++			strlcat(obuf, password, olen);
++			strlcat(obuf, "]\n", olen);
++
++			mode = NONE;
+ 		}
+ 	}
+ 	return (strlen(obuf));

dsniff-2.4-openssl_110.patch

@@ -0,0 +1,243 @@
+Patch by Christoph Biedl <debian.axhn@manchmal.in-ulm.de> for dsniff >=
+2.4b1, which fixes building with OpenSSL 1.1.0. Adapted for compatibility
+with older OpenSSL versions by Robert Scheck <robert@fedoraproject.org>.
+
+--- dsniff-2.4/ssh.c			2017-02-11 22:31:54.705269813 +0100
++++ dsniff-2.4/ssh.c.openssl_110	2017-02-11 22:45:31.193447230 +0100
+@@ -234,6 +234,10 @@
+ 	u_char *p, cipher, cookie[8], msg[1024];
+ 	u_int32_t num;
+ 	int i;
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	const BIGNUM *servkey_e, *servkey_n;
++	const BIGNUM *hostkey_e, *hostkey_n;
++#endif
+ 	
+ 	/* Generate anti-spoofing cookie. */
+ 	RAND_bytes(cookie, sizeof(cookie));
+@@ -243,11 +247,23 @@
+ 	*p++ = SSH_SMSG_PUBLIC_KEY;			/* type */
+ 	memcpy(p, cookie, 8); p += 8;			/* cookie */
+ 	num = 768; PUTLONG(num, p);			/* servkey bits */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL);
++	put_bn(servkey_e, &p);				/* servkey exponent */
++	put_bn(servkey_n, &p);				/* servkey modulus */
++#else
+ 	put_bn(ssh->ctx->servkey->e, &p);		/* servkey exponent */
+ 	put_bn(ssh->ctx->servkey->n, &p);		/* servkey modulus */
++#endif
+ 	num = 1024; PUTLONG(num, p);			/* hostkey bits */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL);
++	put_bn(hostkey_e, &p);				/* hostkey exponent */
++	put_bn(hostkey_n, &p);				/* hostkey modulus */
++#else
+ 	put_bn(ssh->ctx->hostkey->e, &p);		/* hostkey exponent */
+ 	put_bn(ssh->ctx->hostkey->n, &p);		/* hostkey modulus */
++#endif
+ 	num = 0; PUTLONG(num, p);			/* protocol flags */
+ 	num = ssh->ctx->encmask; PUTLONG(num, p);	/* ciphers */
+ 	num = ssh->ctx->authmask; PUTLONG(num, p);	/* authmask */
+@@ -298,7 +314,11 @@
+ 	SKIP(p, i, 4);
+ 
+ 	/* Decrypt session key. */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	if (BN_cmp(servkey_n, hostkey_n) > 0) {
++#else
+ 	if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) {
++#endif
+ 		rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey);
+ 		rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey);
+ 	}
+@@ -318,8 +338,13 @@
+ 	BN_clear_free(enckey);
+ 	
+ 	/* Derive real session key using session id. */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	if ((p = ssh_session_id(cookie, hostkey_n,
++				servkey_n)) == NULL) {
++#else
+ 	if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+ 				ssh->ctx->servkey->n)) == NULL) {
++#endif
+ 		warn("ssh_session_id");
+ 		return (-1);
+ 	}
+@@ -328,10 +353,15 @@
+ 	}
+ 	/* Set cipher. */
+ 	if (cipher == SSH_CIPHER_3DES) {
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++		warnx("cipher 3des no longer supported");
++		return (-1);
++#else
+ 		ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+ 		ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+ 		ssh->encrypt = des3_encrypt;
+ 		ssh->decrypt = des3_decrypt;
++#endif
+ 	}
+ 	else if (cipher == SSH_CIPHER_BLOWFISH) {
+ 		ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey));
+@@ -357,6 +387,10 @@
+ 	u_char *p, cipher, cookie[8], msg[1024];
+ 	u_int32_t num;
+ 	int i;
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	BIGNUM *servkey_n, *servkey_e;
++	BIGNUM *hostkey_n, *hostkey_e;
++#endif
+ 	
+ 	/* Get public key. */
+ 	if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+@@ -379,21 +413,43 @@
+ 
+ 	/* Get servkey. */
+ 	ssh->ctx->servkey = RSA_new();
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	servkey_n = BN_new();
++	servkey_e = BN_new();
++	RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL);
++#else
+ 	ssh->ctx->servkey->n = BN_new();
+ 	ssh->ctx->servkey->e = BN_new();
++#endif
+ 
+ 	SKIP(p, i, 4);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	get_bn(servkey_e, &p, &i);
++	get_bn(servkey_n, &p, &i);
++#else
+ 	get_bn(ssh->ctx->servkey->e, &p, &i);
+ 	get_bn(ssh->ctx->servkey->n, &p, &i);
++#endif
+ 
+ 	/* Get hostkey. */
+ 	ssh->ctx->hostkey = RSA_new();
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	hostkey_n = BN_new();
++	hostkey_e = BN_new();
++	RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL);
++#else
+ 	ssh->ctx->hostkey->n = BN_new();
+ 	ssh->ctx->hostkey->e = BN_new();
++#endif
+ 
+ 	SKIP(p, i, 4);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	get_bn(hostkey_e, &p, &i);
++	get_bn(hostkey_n, &p, &i);
++#else
+ 	get_bn(ssh->ctx->hostkey->e, &p, &i);
+ 	get_bn(ssh->ctx->hostkey->n, &p, &i);
++#endif
+ 
+ 	/* Get cipher, auth masks. */
+ 	SKIP(p, i, 4);
+@@ -405,8 +461,13 @@
+ 	RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey));
+ 
+ 	/* Obfuscate with session id. */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	if ((p = ssh_session_id(cookie, hostkey_n,
++				servkey_n)) == NULL) {
++#else
+ 	if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+ 				ssh->ctx->servkey->n)) == NULL) {
++#endif
+ 		warn("ssh_session_id");
+ 		return (-1);
+ 	}
+@@ -422,7 +483,11 @@
+ 		else BN_add_word(bn, ssh->sesskey[i]);
+ 	}
+ 	/* Encrypt session key. */
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	if (BN_cmp(servkey_n, hostkey_n) < 0) {
++#else
+ 	if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) {
++#endif
+ 		rsa_public_encrypt(bn, bn, ssh->ctx->servkey);
+ 		rsa_public_encrypt(bn, bn, ssh->ctx->hostkey);
+ 	}
+@@ -470,10 +535,15 @@
+ 		ssh->decrypt = blowfish_decrypt;
+ 	}
+ 	else if (cipher == SSH_CIPHER_3DES) {
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++		warnx("cipher 3des no longer supported");
++		return (-1);
++#else
+ 		ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+ 		ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+ 		ssh->encrypt = des3_encrypt;
+ 		ssh->decrypt = des3_decrypt;
++#endif
+ 	}
+ 	/* Get server response. */
+ 	if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+--- dsniff-2.4/sshcrypto.c		2017-02-11 22:31:54.688270184 +0100
++++ dsniff-2.4/sshcrypto.c.openssl_110	2017-02-11 22:35:30.594555807 +0100
+@@ -28,10 +28,12 @@
+ 	u_char			iv[8];
+ };
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ struct des3_state {
+ 	des_key_schedule	k1, k2, k3;
+ 	des_cblock		iv1, iv2, iv3;
+ };
++#endif
+ 
+ void
+ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
+@@ -39,10 +41,20 @@
+ 	u_char *inbuf, *outbuf;
+ 	int len, ilen, olen;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	const BIGNUM *n, *e;
++	RSA_get0_key(key, &n, &e, NULL);
++	if (BN_num_bits(e) < 2 || !BN_is_odd(e))
++#else
+ 	if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
++#endif
+ 		errx(1, "rsa_public_encrypt() exponent too small or not odd");
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	olen = BN_num_bytes(n);
++#else
+ 	olen = BN_num_bytes(key->n);
++#endif
+ 	outbuf = malloc(olen);
+ 
+ 	ilen = BN_num_bytes(in);
+@@ -71,7 +83,13 @@
+ 	u_char *inbuf, *outbuf;
+ 	int len, ilen, olen;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	const BIGNUM *n;
++	RSA_get0_key(key, &n, NULL, NULL);
++	olen = BN_num_bytes(n);
++#else
+ 	olen = BN_num_bytes(key->n);
++#endif
+ 	outbuf = malloc(olen);
+ 
+ 	ilen = BN_num_bytes(in);
+@@ -146,6 +164,7 @@
+ 	swap_bytes(dst, dst, len);
+ }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ /* XXX - SSH1's weirdo 3DES... */
+ void *
+ des3_init(u_char *sesskey, int len)
+@@ -194,3 +213,4 @@
+ 	des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT);
+ 	des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT);
+ }
++#endif

dsniff-2.4-pcap_init.patch

@@ -0,0 +1,61 @@
+Patch by Dennis Filder <d.filder@web.de> for dsniff >= 2.4b1 to resolve naming
+collision due to libpcap API changes. Dsniff was written with a function named
+pcap_init() that predates the one in libpcap and is entirely different. This patch
+renames it out of the way. For some more information, please have a look to Debian
+bug ID #980588.
+
+--- dsniff-2.4/dnsspoof.c			2021-07-25 01:00:08.445636429 +0200
++++ dsniff-2.4/dnsspoof.c.pcap_init		2021-07-25 01:00:53.540928897 +0200
+@@ -309,7 +309,7 @@
+ 	else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s",
+ 		      libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE));
+ 	
+-	if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL)
++	if ((pcap_pd = pcap_init_dsniff(dev, buf, 128)) == NULL)
+ 		errx(1, "couldn't initialize sniffing");
+ 
+ 	if ((pcap_off = pcap_dloff(pcap_pd)) < 0)
+--- dsniff-2.4/pcaputil.c			2021-07-25 01:00:08.469636585 +0200
++++ dsniff-2.4/pcaputil.c.pcap_init		2021-07-25 01:00:59.816969598 +0200
+@@ -111,7 +111,7 @@
+ }
+ 
+ pcap_t *
+-pcap_init(char *intf, char *filter, int snaplen)
++pcap_init_dsniff(char *intf, char *filter, int snaplen)
+ {
+ 	pcap_t *pd;
+ 	u_int net, mask;
+--- dsniff-2.4/pcaputil.h			2001-03-15 09:33:06.000000000 +0100
++++ dsniff-2.4/pcaputil.h.pcap_init		2021-07-25 01:07:46.246603851 +0200
+@@ -11,7 +11,7 @@
+ #ifndef PCAPUTIL_H
+ #define PCAPUTIL_H
+ 
+-pcap_t *pcap_init(char *intf, char *filter, int snaplen);
++pcap_t *pcap_init_dsniff(char *intf, char *filter, int snaplen);
+ 
+ int	pcap_dloff(pcap_t *pd);
+ 
+--- dsniff-2.4/tcpkill.c			2021-07-25 01:00:08.426636306 +0200
++++ dsniff-2.4/tcpkill.c.pcap_init		2021-07-25 01:01:06.728014416 +0200
+@@ -130,7 +130,7 @@
+ 	
+ 	filter = copy_argv(argv);
+ 	
+-	if ((pd = pcap_init(intf, filter, 64)) == NULL)
++	if ((pd = pcap_init_dsniff(intf, filter, 64)) == NULL)
+ 		errx(1, "couldn't initialize sniffing");
+ 
+ 	if ((pcap_off = pcap_dloff(pd)) < 0)
+--- dsniff-2.4/tcpnice.c			2021-07-25 01:00:08.426636306 +0200
++++ dsniff-2.4/tcpnice.c.pcap_init		2021-07-25 01:01:13.816060381 +0200
+@@ -204,7 +204,7 @@
+ 	
+ 	filter = copy_argv(argv);
+ 	
+-	if ((pd = pcap_init(intf, filter, 128)) == NULL)
++	if ((pd = pcap_init_dsniff(intf, filter, 128)) == NULL)
+ 		errx(1, "couldn't initialize sniffing");
+ 
+ 	if ((pcap_off = pcap_dloff(pd)) < 0)

dsniff-2.4-pntohl_shift.patch

@@ -0,0 +1,15 @@
+Patch by Matthew Boyle <mlb@decisionsoft.co.uk> for dsniff >= 2.4b1 which corrects
+the incorrect bit-shift in pntohl(), the left-shift should be 8 bits, not 18. For
+further information please have a look to Red Hat Bugzilla ID #714958 and #850496.
+
+--- dsniff-2.4/decode.h				2001-03-15 09:33:06.000000000 +0100
++++ dsniff-2.4/decode.h.pntohl_shift		2013-12-20 22:16:52.000000000 +0100
+@@ -35,7 +35,7 @@
+ 			  (u_short)*((u_char *)p+0)<<8))
+ 			 
+ #define pntohl(p)	((u_int32_t)*((u_char *)p+3)<<0|   \
+-			 (u_int32_t)*((u_char *)p+2)<<18|  \
++			 (u_int32_t)*((u_char *)p+2)<<8|  \
+ 			 (u_int32_t)*((u_char *)p+1)<<16|  \
+ 			 (u_int32_t)*((u_char *)p+0)<<24)
+ 

dsniff-2.4-remote_typo.patch

@@ -0,0 +1,14 @@
+Patch by Marcos Fouces <mfouces@yahoo.es> for dsniff >= 2.4b1, which fixes
+a minor spelling error in source code.
+
+--- dsniff-2.4/remote.c			2000-11-14 16:51:04.000000000 +0100
++++ dsniff-2.4/remote.c.remote_typo	2017-02-11 23:03:25.420064992 +0100
+@@ -652,7 +652,7 @@
+ 	  if (remote_command_count > 0)
+ 	    {
+ 	      fprintf (stderr,
+-		"%s: the `-id' option must preceed all `-remote' options.\n",
++		"%s: the `-id' option must precede all `-remote' options.\n",
+ 		       progname);
+ 	      usage ();
+ 	      exit (-1);

dsniff-2.4-rpc_segfault.patch

@@ -0,0 +1,17 @@
+Patch based on suggestion by Matthew Boyle <mlb@decisionsoft.co.uk> for dsniff >=
+2.4b1 which avoids xdrs being used without being initialised first. Without this
+patch dsniff segfaults when decoding RPC packets on x86_64. For further information
+please also have a look to Red Hat Bugzilla ID #715042 and #850494.
+
+--- dsniff-2.4/rpc.c				2001-03-15 09:33:04.000000000 +0100
++++ dsniff-2.4/rpc.c.rpc_segfault		2013-12-20 22:49:34.000000000 +0100
+@@ -125,6 +125,9 @@
+ 			return (0);
+ 		}
+ 	}
++	else
++		return (0);
++	
+ 	stat = xdr_getpos(&xdrs);
+ 	xdr_destroy(&xdrs);
+ 	

dsniff-2.4-smp_mflags.patch

@@ -0,0 +1,70 @@
+Patch by Robert Scheck <robert@fedoraproject.org> for dsniff >= 2.4b1 which
+ensures when building using %{?_smp_mflags} that libmissing.a is built when
+its being used for linking.
+
+--- dsniff-2.4/Makefile.in		2018-07-14 02:54:20.405095355 +0200
++++ dsniff-2.4/Makefile.in.smp_mflags	2018-07-14 02:54:44.973245128 +0200
+@@ -92,49 +92,49 @@
+ 	ar -cr $@ $(LIBOBJS)
+ 	$(RANLIB) $@
+ 
+-dsniff: $(HDRS) $(SRCS) $(OBJS)
++dsniff: $(HDRS) $(SRCS) $(OBJS) libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB)
+ 
+-arpspoof: arpspoof.o arp.o
++arpspoof: arpspoof.o arp.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+ 
+-dnsspoof: dnsspoof.o pcaputil.o
++dnsspoof: dnsspoof.o pcaputil.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+ 
+-filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o
++filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+ 
+-macof: macof.o
++macof: macof.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ macof.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+ 
+-mailsnarf: mailsnarf.o buf.o pcaputil.o
++mailsnarf: mailsnarf.o buf.o pcaputil.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ mailsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+ 
+-msgsnarf: msgsnarf.o buf.o pcaputil.o
++msgsnarf: msgsnarf.o buf.o pcaputil.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+ 
+-sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o
++sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB)
+ 
+-sshow: sshow.o pcaputil.o
++sshow: sshow.o pcaputil.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+ 
+-tcpkill: tcpkill.o pcaputil.o
++tcpkill: tcpkill.o pcaputil.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ tcpkill.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+ 
+-tcpnice: tcpnice.o pcaputil.o
++tcpnice: tcpnice.o pcaputil.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ tcpnice.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+ 
+ tcphijack: tcphijack.o pcaputil.o
+ 	$(CC) $(LDFLAGS) -o $@ tcphijack.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+ 
+-urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o
++urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+ 
+-webmitm: webmitm.o base64.o buf.o decode_http.o record.o
++webmitm: webmitm.o base64.o buf.o decode_http.o record.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB)
+ 
+-webspy: webspy.o base64.o buf.o remote.o
++webspy: webspy.o base64.o buf.o remote.o libmissing.a
+ 	$(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB)
+ 
+ install:

dsniff-2.4-tds_decoder.patch

@@ -1,18 +1,19 @@
 Patch by Hilko Bengen <bengen@debian.org> for dsniff >= 2.4b1, to avoid a
 possible DoS opportunity in the Tabular Data Stream protocol handler. For
-further information, please have a look to Debian bug ID #609988.
+further information, please have a look to the Debian bug ID #609988 and
+#712648.
 
---- dsniff-2.4/decode_tds.c		2011-10-09 18:13:49.000000000 +0200
-+++ dsniff-2.4/decode_tds.c.tds_decoder	2011-10-09 18:14:43.000000000 +0200
-@@ -140,6 +140,11 @@
- 	
- 	obuf[0] = '\0';
- 
-+	if (th->size != 8) {
-+	    /* wrong header length */
-+	    return (strlen(obuf));
-+	}
-+
- 	for (th = (struct tds_hdr *)buf;
+--- dsniff-2.4/decode_tds.c		2013-12-19 23:36:26.000000000 +0100
++++ dsniff-2.4/decode_tds.c.tds_decoder	2013-12-19 23:38:01.000000000 +0100
+@@ -144,6 +144,11 @@
  	     len > sizeof(*th) && len >= ntohs(th->size);
  	     buf += ntohs(th->size), len -= ntohs(th->size)) {
+ 		
++		if (th->size != 8) {
++			/* wrong header length */
++			break;
++		}
++
+ 		if (th->type == 2) {
+ 			/* Version 4.x, 5.0 */
+ 			if (len < sizeof(*th) + sizeof(*tl))

dsniff.spec

@@ -1,46 +1,63 @@
-Summary:	Tools for network auditing and penetration testing
-Name:		dsniff
-Version:	2.4
-Release:	0.14.b1%{?dist}
-License:	BSD
-Group:		Applications/Internet
-URL:		http://www.monkey.org/~dugsong/%{name}/
-Source:		http://www.monkey.org/~dugsong/%{name}/beta/%{name}-%{version}b1.tar.gz
-Patch0:		dsniff-2.4-time_h.patch
-Patch1:		dsniff-2.4-mailsnarf_corrupt.patch
-Patch2:		dsniff-2.4-pcap_read_dump.patch
-Patch3:		dsniff-2.4-multiple_intf.patch
-Patch4:		dsniff-2.4-amd64_fix.patch
-Patch5:		dsniff-2.4-urlsnarf_zeropad.patch
-Patch6:		dsniff-2.4-libnet_11.patch
-Patch7:		dsniff-2.4-checksum.patch
-Patch8:		dsniff-2.4-openssl_098.patch
-Patch9:		dsniff-2.4-sshcrypto.patch
-Patch10:	dsniff-2.4-sysconf_clocks.patch
-Patch11:	dsniff-2.4-urlsnarf_escape.patch
-Patch12:	dsniff-2.4-string_header.patch
-Patch13:	dsniff-2.4-arpa_inet_header.patch
-Patch14:	dsniff-2.4-pop_with_version.patch
-Patch15:	dsniff-2.4-obsolete_time.patch
-Patch16:	dsniff-2.4-checksum_libnids.patch
-Patch17:	dsniff-2.4-fedora_dirs.patch
-Patch18:	dsniff-2.4-glib2.patch
-Patch19:	dsniff-2.4-link_layer_offset.patch
-Patch20:	dsniff-2.4-tds_decoder.patch
-Patch21:	dsniff-2.4-msgsnarf_segfault.patch
-Patch22:	dsniff-2.4-urlsnarf_timestamp.patch
-BuildRequires:	libnet-devel, openssl-devel, libnids-devel, glib2-devel, %{_includedir}/pcap.h
-%if 0%{?rhel}%{?fedora} > 6
-BuildRequires:	libdb-devel
+Summary:        Tools for network auditing and penetration testing
+Name:           dsniff
+Version:        2.4
+Release:        0.39.b1%{?dist}
+License:        BSD
+URL:            https://www.monkey.org/~dugsong/%{name}/
+Source0:        https://www.monkey.org/~dugsong/%{name}/beta/%{name}-%{version}b1.tar.gz
+Patch0:         dsniff-2.4-time_h.patch
+Patch1:         dsniff-2.4-mailsnarf_corrupt.patch
+Patch2:         dsniff-2.4-pcap_read_dump.patch
+Patch3:         dsniff-2.4-multiple_intf.patch
+Patch4:         dsniff-2.4-amd64_fix.patch
+Patch5:         dsniff-2.4-urlsnarf_zeropad.patch
+Patch6:         dsniff-2.4-libnet_11.patch
+Patch7:         dsniff-2.4-checksum.patch
+Patch8:         dsniff-2.4-openssl_098.patch
+Patch9:         dsniff-2.4-sshcrypto.patch
+Patch10:        dsniff-2.4-sysconf_clocks.patch
+Patch11:        dsniff-2.4-urlsnarf_escape.patch
+Patch12:        dsniff-2.4-string_header.patch
+Patch13:        dsniff-2.4-arpa_inet_header.patch
+Patch14:        dsniff-2.4-pop_with_version.patch
+Patch15:        dsniff-2.4-obsolete_time.patch
+Patch16:        dsniff-2.4-checksum_libnids.patch
+Patch17:        dsniff-2.4-fedora_dirs.patch
+Patch18:        dsniff-2.4-glib2.patch
+Patch19:        dsniff-2.4-link_layer_offset.patch
+Patch20:        dsniff-2.4-tds_decoder.patch
+Patch21:        dsniff-2.4-msgsnarf_segfault.patch
+Patch22:        dsniff-2.4-urlsnarf_timestamp.patch
+Patch23:        dsniff-2.4-arpspoof_reverse.patch
+Patch24:        dsniff-2.4-arpspoof_multiple.patch
+Patch25:        dsniff-2.4-arpspoof_hwaddr.patch
+Patch26:        dsniff-2.4-modernize_pop.patch
+Patch27:        dsniff-2.4-libnet_name2addr4.patch
+Patch28:        dsniff-2.4-pntohl_shift.patch
+Patch29:        dsniff-2.4-rpc_segfault.patch
+Patch30:        dsniff-2.4-openssl_110.patch
+Patch31:        dsniff-2.4-remote_typo.patch
+Patch32:        dsniff-2.4-smp_mflags.patch
+Patch33:        dsniff-2.4-libtirpc.patch
+Patch34:        dsniff-2.4-pcap_init.patch
+BuildRequires:  gcc
+BuildRequires:  libnet-devel
+%if 0%{?fedora} || 0%{?rhel} >= 8
+BuildRequires:  openssl-devel
 %else
-BuildRequires:	db4-devel
+BuildRequires:  openssl11-devel
 %endif
-%if 0%{?rhel}%{?fedora} >= 5
-BuildRequires:	libXmu-devel
-%else
-BuildRequires:	xorg-x11-devel
+BuildRequires:  libnids-devel
+BuildRequires:  glib2-devel
+BuildRequires:  libpcap-devel
+BuildRequires:  libdb-devel
+BuildRequires:  libXmu-devel
+%if 0%{?fedora} || 0%{?rhel} >= 8
+BuildRequires:  rpcgen
+BuildRequires:  libtirpc-devel
+BuildRequires:  libnsl2-devel
 %endif
-BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildRequires:  make
 
 %description
 A collection of tools for network auditing and penetration testing. Dsniff,
@@ -63,9 +80,7 @@ by exploiting weak bindings in ad-hoc PKI.
 %patch7 -p1 -b .checksum
 %patch8 -p1 -b .openssl_098
 %patch9 -p1 -b .sshcrypto
-%if 0%{?rhel}%{?fedora} >= 5
 %patch10 -p1 -b .sysconf_clocks
-%endif
 %patch11 -p1 -b .urlsnarf_escape
 %patch12 -p1 -b .string_header
 %patch13 -p1 -b .arpa_inet_header
@@ -78,22 +93,40 @@ by exploiting weak bindings in ad-hoc PKI.
 %patch20 -p1 -b .tds_decoder
 %patch21 -p1 -b .msgsnarf_segfault
 %patch22 -p1 -b .urlsnarf_timestamp
+%patch23 -p1 -b .arpspoof_reverse
+%patch24 -p1 -b .arpspoof_multiple
+%patch25 -p1 -b .arpspoof_hwaddr
+%patch26 -p1 -b .modernize_pop
+%patch27 -p1 -b .libnet_name2addr4
+%patch28 -p1 -b .pntohl_shift
+%patch29 -p1 -b .rpc_segfault
+%patch30 -p1 -b .openssl_110
+%patch31 -p1 -b .remote_typo
+%patch32 -p1 -b .smp_mflags
+%if 0%{?fedora} || 0%{?rhel} >= 8
+%patch33 -p1 -b .libtirpc
+%endif
+%patch34 -p1 -b .pcap_init
 
 %build
+%if 0%{?rhel} == 7
+sed \
+  -e 's|include/openssl/|include/openssl11/openssl/|g' \
+  -e 's|\(SSLINC="\)-I${prefix}/include|\1$(pkg-config --cflags openssl11)|g' \
+  -e 's|\(SSLLIB="\)-L${prefix}/lib -lssl -lcrypto|\1$(pkg-config --libs openssl11)|g' \
+  -i configure
+%endif
+
 %configure
-make %{?_smp_mflags}
+%make_build
 
 %install
-rm -rf $RPM_BUILD_ROOT
-make install_prefix=$RPM_BUILD_ROOT INSTALL='install -p' install
-
-%clean
-rm -rf $RPM_BUILD_ROOT
+%make_install install_prefix=$RPM_BUILD_ROOT
 
 %files
-%defattr(-,root,root,-)
-%doc CHANGES LICENSE README TODO
-%dir %{_sysconfdir}/%{name}
+%license LICENSE
+%doc CHANGES README TODO
+%dir %{_sysconfdir}/%{name}/
 %config(noreplace) %{_sysconfdir}/%{name}/*
 %{_sbindir}/arpspoof
 %{_sbindir}/dnsspoof
@@ -125,6 +158,90 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/webspy.8*
 
 %changelog
+* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.39.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.38.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 2.4-0.37.b1
+- Rebuilt with OpenSSL 3.0.0
+
+* Sun Jul 25 2021 Robert Scheck <robert@fedoraproject.org> 2.4-0.36.b1
+- Added patch to work around pcap_init() API change in libpcap
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.35.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.34.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.33.b1
+- Second attempt - Rebuilt for
+  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.32.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.31.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.30.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.29.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.28.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Sun May 27 2018 Robert Scheck <robert@fedoraproject.org> 2.4-0.27.b1
+- Added patch to allow building dsniff against libtirpc (#1582770)
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.26.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.25.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.24.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Sat Feb 11 2017 Robert Scheck <robert@fedoraproject.org> 2.4-0.23.b1
+- Added patch to allow building dsniff with OpenSSL >= 1.1.0
+- Added patch to correct a typo related to the -remote option
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.22.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-0.21.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.20.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.19.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.18.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Fri Dec 20 2013 Robert Scheck <robert@fedoraproject.org> 2.4-0.17.b1
+- Corrected patch which touches tabular data stream protocol handler
+- Added a patch to add both communication partners in arpspoof
+- Added patch to allow multiple targets to be imitated simultaniously
+- Added patch to allow the selection of source hw address in arpspoof
+- Added a patch which fixes and modernizes the POP decoder
+- Fixed segmentation faults related to libnet_name2addr4() (#1009879)
+- Added a patch to fix bit-shift in pntohl() macro (#714958, #850496)
+- Avoid xdrs being used without being initialised (#715042, #850494)
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.16.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-0.15.b1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
 * Mon Jul 30 2012 Robert Scheck <robert@fedoraproject.org> 2.4-0.14.b1
 - Added a patch which adds further link layer offsets
 - Avoid opportunity for DoS in tabular data stream protocol handler
@@ -161,7 +278,7 @@ rm -rf $RPM_BUILD_ROOT
 * Sat Aug 30 2008 Robert Scheck <robert@fedoraproject.org> 2.4-0.4.b1
 - Re-diffed dsniff url log escaping patch for no fuzz
 
-* Wed May 29 2008 Robert Scheck <robert@fedoraproject.org> 2.4-0.3.b1
+* Thu May 29 2008 Robert Scheck <robert@fedoraproject.org> 2.4-0.3.b1
 - Rebuild against libnids 1.23
 
 * Sun Feb 10 2008 Robert Scheck <robert@fedoraproject.org> 2.4-0.2.b1

sources

@@ -1 +1 @@
-2f761fa3475682a7512b0b43568ee7d6  dsniff-2.4b1.tar.gz
+SHA512 (dsniff-2.4b1.tar.gz) = 62dafab293de6dc3e9b01561b3627d63ca334467c01c3550a6318d8bcbe99d5a301ec16967af34065a14e8bca1c4b6a41da766cbd51ebd8338615b950c4f642f