Package: knocker Version: 0.7.1-3.1 Severity: normal Tags: patch ipv6 I can offer a patch to implement support for IPv6 probing. Successfully tested for GNU/Linux and GNU/kFreeBSD.
Best regards, Mats Erik Andersson, DM
Description: Adapt code and manpage to IPv6.
Standard changes are implemented to make the
knocker service able to probe also IPv6 hosts.
.
New command line options "-4/--ipv4" and "-6/--ipv6"
restrict to a predetermined address domain.
.
A misconceived test for the root user is corrected
in passing.
Author: Mats Erik Andersson <deb...@gisladisker.se>
Forwarded: no
Last-Update: 2011-03-03
diff -Naur knocker-0.7.1.debian/debian/knocker.1 knocker-0.7.1/debian/knocker.1
--- knocker-0.7.1.debian/debian/knocker.1 2011-03-03 09:48:59.000000000 +0100
+++ knocker-0.7.1/debian/knocker.1 2011-03-03 12:25:00.000000000 +0100
@@ -26,6 +26,12 @@
\fB\-EP\fr, \fB\-\-end-port\fR
port number to end the scan at
.TP
+\fB\-4\fr, \fB\-\-ipv4\fR
+only IPv4 addressing (default is first address available)
+.TP
+\fB\-6\fr, \fB\-\-ipv6\fR
+use only IPv6 addressing
+.TP
\fB\-\-last-host\fR
uses the last scanned host as target
.TP
diff -Naur knocker-0.7.1.debian/src/knocker_args.c knocker-0.7.1/src/knocker_args.c
--- knocker-0.7.1.debian/src/knocker_args.c 2002-05-24 01:58:33.000000000 +0200
+++ knocker-0.7.1/src/knocker_args.c 2011-03-03 12:19:12.000000000 +0100
@@ -80,9 +80,11 @@
fprintf (stdout, " %s performs again the last port scan\n", LAST_SCAN_LONG_OPT);
fprintf (stdout, "\n");
fprintf (stdout, "Extra options:\n");
+ fprintf (stdout, " %s, %s only IPv4 host addressing\n", HOST_IPV4_SHORT_OPT, HOST_IPV4_LONG_OPT);
+ fprintf (stdout, " %s, %s only IPv6 host addressing\n", HOST_IPV6_SHORT_OPT, HOST_IPV6_LONG_OPT);
fprintf (stdout, " %s, %s quiet mode (no console output, logs to file)\n", QUIET_MODE_SHORT_OPT, QUIET_MODE_LONG_OPT);
fprintf (stdout, " %s, %s <logfile> log scan results to the specified file\n", ENABLE_LOGFILE_SHORT_OPT, ENABLE_LOGFILE_LONG_OPT);
- fprintf (stdout, " %s, %s disable fency output\n", NO_FENCY_SHORT_OPT, NO_FENCY_LONG_OPT);
+ fprintf (stdout, " %s, %s disable fancy output\n", NO_FENCY_SHORT_OPT, NO_FENCY_LONG_OPT);
fprintf (stdout, " %s, %s disable colored output\n", NO_COLORS_SHORT_OPT, NO_COLORS_LONG_OPT);
fprintf (stdout, "\n");
fprintf (stdout, " %s let you configure %s\n", CONFIGURE_LONG_OPT, PACKAGE);
@@ -105,6 +107,7 @@
args->hname = NULL;
args->hip = NULL;
args->lfname = NULL;
+ args->hfamily = AF_UNSPEC;
args->port = 0;
args->sport = 0;
args->eport = 0;
@@ -189,6 +192,16 @@
}
return (0); /* we should have all arguments here */
}
+ else if ((!strcmp (argv[i], HOST_IPV4_SHORT_OPT)) || (!strcmp (argv[i], HOST_IPV4_LONG_OPT)))
+ {
+ /* Accept only IPv4 addressing. */
+ args->hfamily = AF_INET;
+ }
+ else if ((!strcmp (argv[i], HOST_IPV6_SHORT_OPT)) || (!strcmp (argv[i], HOST_IPV6_LONG_OPT)))
+ {
+ /* Accept only IPv6 addressing. */
+ args->hfamily = AF_INET6;
+ }
else if ((!strcmp (argv[i], NO_FENCY_SHORT_OPT)) || (!strcmp (argv[i], NO_FENCY_LONG_OPT)))
{
/* Disable fency output */
diff -Naur knocker-0.7.1.debian/src/knocker_args.h knocker-0.7.1/src/knocker_args.h
--- knocker-0.7.1.debian/src/knocker_args.h 2002-05-24 01:58:35.000000000 +0200
+++ knocker-0.7.1/src/knocker_args.h 2011-03-03 12:18:00.000000000 +0100
@@ -33,6 +33,12 @@
/* host to scan, got with lasthost */
#define LAST_HOST_LONG_OPT "--last-host"
+ /* preferred address family for hosts */
+#define HOST_IPV4_SHORT_OPT "-4"
+#define HOST_IPV4_LONG_OPT "--ipv4"
+#define HOST_IPV6_SHORT_OPT "-6"
+#define HOST_IPV6_LONG_OPT "--ipv6"
+
/* single port number */
#define SINGLE_PORT_SHORT_OPT "-P"
#define SINGLE_PORT_LONG_OPT "--port"
@@ -82,6 +88,7 @@
char *hname; /* hostname string */
char *hip; /* host IP string */
char *lfname; /* logfile name */
+ int hfamily; /* desired address domain */
unsigned int port; /* Single port number, -P */
unsigned int sport; /* Start port number, -SP */
unsigned int eport; /* End port number, -EP */
diff -Naur knocker-0.7.1.debian/src/knocker_core.c knocker-0.7.1/src/knocker_core.c
--- knocker-0.7.1.debian/src/knocker_core.c 2002-05-24 01:58:51.000000000 +0200
+++ knocker-0.7.1/src/knocker_core.c 2011-03-03 11:58:35.000000000 +0100
@@ -33,13 +33,13 @@
static int knocker_core_init_socket_data (knocker_core_socket_t * sock);
static void knocker_core_free_socket_data (knocker_core_socket_t * sock);
-static int knocker_core_open_socket (knocker_core_socket_t * sock, int protocol);
+static int knocker_core_open_socket (knocker_core_socket_t * sock, int family, int protocol);
static void knocker_core_close_socket (knocker_core_socket_t * sock);
static int knocker_core_init_host_data (knocker_core_host_t * host);
static void knocker_core_free_host_data (knocker_core_host_t * host);
-static int knocker_core_gethostbyname (knocker_core_host_t * hinfo, const char *hostname);
+static int knocker_core_gethostbyname (knocker_core_host_t * hinfo, const char *hostname, int family);
static int knocker_core_getservbyport (char *service, unsigned int port, int protocol);
static char *knocker_core_get_host_name_string (knocker_core_host_t * hinfo);
@@ -364,7 +364,7 @@
fprintf (stderr, "debug: connecting to port: %d\n", port);
#endif
- if (knocker_core_open_socket (&data->socket, PROTO_TCP) == KNOCKER_SOCKET_ERROR)
+ if (knocker_core_open_socket (&data->socket, data->host.hostaddr.ss_family, PROTO_TCP) == KNOCKER_SOCKET_ERROR)
{
#ifdef DEBUG
fprintf (stderr, "debug: socket error, couldn't connect.\n");
@@ -372,12 +372,16 @@
return -1;
}
- data->host.sockaddr_in.sin_family = AF_INET;
- data->host.sockaddr_in.sin_port = htons (port);
- data->host.sockaddr_in.sin_addr = *((struct in_addr *) data->host.info->h_addr);
- memset (&(data->host.sockaddr_in.sin_zero), 0, 8);
+ memcpy (&(data->host.sockaddr_st), &(data->host.hostaddr), data->host.addrlen);
+ switch (data->host.hostaddr.ss_family) {
+ case AF_INET6:
+ ((struct sockaddr_in6 *) &(data->host.sockaddr_st))->sin6_port = htons (port);
+ case AF_INET:
+ default:
+ ((struct sockaddr_in *) &(data->host.sockaddr_st))->sin_port = htons (port);
+ }
- if (!connect (data->socket.fd, (struct sockaddr *) &data->host.sockaddr_in, sizeof (struct sockaddr)))
+ if (!connect (data->socket.fd, (struct sockaddr *) &data->host.sockaddr_st, data->host.addrlen))
/* here the port is open */
{
knocker_core_close_socket (&data->socket);
@@ -401,9 +405,9 @@
============================================================================
============================================================================
*/
-char *knocker_core_resolve_host (knocker_core_portscan_data_t * data, const char *hostname)
+char *knocker_core_resolve_host (knocker_core_portscan_data_t * data, const char *hostname, int family)
{
- if (knocker_core_gethostbyname (&data->host, hostname) == -1)
+ if (knocker_core_gethostbyname (&data->host, hostname, family) == -1)
return NULL;
else
return (data->host.ip);
@@ -506,14 +510,14 @@
============================================================================
============================================================================
*/
-static int knocker_core_open_socket (knocker_core_socket_t * sock, int protocol)
+static int knocker_core_open_socket (knocker_core_socket_t * sock, int family, int protocol)
{
#ifdef DEBUG
fprintf (stderr, "debug: function knocker_core_open_socket (...) called.\n");
#endif
if (protocol == PROTO_TCP)
{
- if ((sock->fd = socket (AF_INET, SOCK_STREAM, 0)) == KNOCKER_SOCKET_ERROR)
+ if ((sock->fd = socket (family, SOCK_STREAM, 0)) == KNOCKER_SOCKET_ERROR)
{
#ifdef DEBUG
fprintf (stderr, "debug: couldn't open the socket: ");
@@ -524,7 +528,7 @@
}
else if (protocol == PROTO_UDP)
{
- if ((sock->fd = socket (AF_INET, SOCK_DGRAM, 0)) == KNOCKER_SOCKET_ERROR)
+ if ((sock->fd = socket (family, SOCK_DGRAM, 0)) == KNOCKER_SOCKET_ERROR)
{
#ifdef DEBUG
fprintf (stderr, "debug: couldn't open the socket: ");
@@ -579,13 +583,47 @@
============================================================================
============================================================================
*/
-static int knocker_core_gethostbyname (knocker_core_host_t * hinfo, const char *hostname)
+static int knocker_core_gethostbyname (knocker_core_host_t * hinfo, const char *hostname, int family)
{
- if ((hinfo->info = gethostbyname (hostname)) == NULL)
+ struct addrinfo hints, *res, *ai;
+ char hostip[INET6_ADDRSTRLEN];
+ int err, fd;
+
+ memset (&hints, 0, sizeof (hints));
+ hints.ai_family = family;
+ hints.ai_flags = AI_ADDRCONFIG;
+
+ if ( (err = getaddrinfo (hostname, NULL, &hints, &res)) ) {
+#ifdef DEBUG
+ fprintf (stderr, "debug: knocker_core_gethostbyname(): %s", gai_strerror(err));
+#endif
+ return -1;
+ }
+
+ for (ai = res; ai; ai = ai->ai_next) {
+ if ( (ai->ai_family != AF_INET) && (ai->ai_family != AF_INET6) )
+ continue;
+
+ fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+ if (fd < 0)
+ continue;
+ /* Valid socket indicates a functional address; accept it. */
+ close (fd);
+ hinfo->addrlen = ai->ai_addrlen;
+ memcpy(&(hinfo->hostaddr), ai->ai_addr, ai->ai_addrlen);
+ break;
+ }
+
+ if (res)
+ freeaddrinfo(res);
+
+ if (ai == NULL)
return -1;
knocker_core_set_host_name_string (hinfo, hostname);
- knocker_core_set_host_ip_string (hinfo, inet_ntoa (*(struct in_addr *) *hinfo->info->h_addr_list));
+ getnameinfo ((struct sockaddr *) &(hinfo->hostaddr), hinfo->addrlen,
+ hostip, sizeof (hostip), NULL, 0, NI_NUMERICHOST);
+ knocker_core_set_host_ip_string (hinfo, hostip);
return 0;
}
diff -Naur knocker-0.7.1.debian/src/knocker_core.h knocker-0.7.1/src/knocker_core.h
--- knocker-0.7.1.debian/src/knocker_core.h 2002-05-24 01:58:53.000000000 +0200
+++ knocker-0.7.1/src/knocker_core.h 2011-03-03 11:59:27.000000000 +0100
@@ -135,8 +135,9 @@
*/
typedef struct {
- struct hostent *info; /* hostent structure */
- struct sockaddr_in sockaddr_in; /* sockaddr_in structure */
+ struct sockaddr_storage hostaddr; /* template address */
+ socklen_t addrlen; /* active length */
+ struct sockaddr_storage sockaddr_st; /* working address */
char *name; /* hostname string */
char *ip; /* host IP address string */
} knocker_core_host_t;
@@ -185,7 +186,7 @@
int knocker_core_validate_port_number (unsigned int port);
/* returns host ip address on success, NULL on failure */
-char *knocker_core_resolve_host (knocker_core_portscan_data_t *data, const char *hostname);
+char *knocker_core_resolve_host (knocker_core_portscan_data_t *data, const char *hostname, int family);
/* return the hostname string from the structure */
char *knocker_core_get_hostname (knocker_core_portscan_data_t *data);
@@ -203,13 +204,13 @@
static int knocker_core_init_socket_data (knocker_core_socket_t *sock);
static void knocker_core_free_socket_data (knocker_core_socket_t *sock);
-static int knocker_core_open_socket (knocker_core_socket_t *sock, int protocol);
+static int knocker_core_open_socket (knocker_core_socket_t *sock, int family, int protocol);
static void knocker_core_close_socket (knocker_core_socket_t *sock);
static int knocker_core_init_host_data (knocker_core_host_t *host);
static void knocker_core_free_host_data (knocker_core_host_t *host);
-static int knocker_core_gethostbyname (knocker_core_host_t *hinfo, const char *hostname);
+static int knocker_core_gethostbyname (knocker_core_host_t *hinfo, const char *hostname, int family);
static int knocker_core_getservbyport (char *service, unsigned int port, int protocol);
static char *knocker_core_get_host_name_string (knocker_core_host_t *hinfo);
diff -Naur knocker-0.7.1.debian/src/knocker_main.c knocker-0.7.1/src/knocker_main.c
--- knocker-0.7.1.debian/src/knocker_main.c 2011-03-03 09:48:59.000000000 +0100
+++ knocker-0.7.1/src/knocker_main.c 2011-03-03 12:00:20.000000000 +0100
@@ -132,7 +132,7 @@
*/
static void resolve (void)
{
- if (knocker_core_resolve_host (&pscan_data, knocker_args.hname) == NULL)
+ if (knocker_core_resolve_host (&pscan_data, knocker_args.hname, knocker_args.hfamily) == NULL)
{
knocker_output_resolve_error (knocker_args.hname);
knocker_log_resolve_error (knocker_args.hname);
diff -Naur knocker-0.7.1.debian/src/knocker_user.c knocker-0.7.1/src/knocker_user.c
--- knocker-0.7.1.debian/src/knocker_user.c 2002-05-24 02:00:03.000000000 +0200
+++ knocker-0.7.1/src/knocker_user.c 2011-03-03 11:48:06.000000000 +0100
@@ -82,7 +82,7 @@
_dir_create (user->dir);
}
- if (knocker_user_is_root)
+ if (knocker_user_is_root())
user->super = 1;
else
user->super = 0;
signature.asc
Description: Digital signature
