diff --git a/CHANGELOG b/CHANGELOG index bcc0a02a5..be2269781 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,12 @@ # Nmap Changelog ($Id$); -*-text-*- +o [libpcap] Added a --disable-packet-ring option to force the use of + an older, slower packet capture mechanism on Linux. Before Linux + 2.6.27, the packet ring mechanism uses different-sized kernel + structures on 32- and 64-bit architectures, so a 32-bit program will + not run correctly on a 64-bit kernel. The older mechanism does not + have this flaw. + o UDP payloads are now stored in an external data file, nmap-payloads, instead of being hard-coded in the executable. This makes it easier to add your own payloads or disable those you find problematic. Jay diff --git a/libpcap/NMAP_MODIFICATIONS b/libpcap/NMAP_MODIFICATIONS index 7357073f1..f0d90b697 100644 --- a/libpcap/NMAP_MODIFICATIONS +++ b/libpcap/NMAP_MODIFICATIONS @@ -133,4 +133,72 @@ o Eliminated Lex/Yacc requirement and added the generated files: AC_SUBST(DYEXT) AC_SUBST(DAGLIBS) +o Added a --disable-packet-ring configure option to allow the creation + of 32-bit binaries compatible with 64-bit Linux kernels before 2.6.27. + +Index: configure.in +=================================================================== +--- configure.in (revision 17694) ++++ configure.in (working copy) +@@ -1396,6 +1396,24 @@ + AC_SUBST(CAN_SRC) + fi + ++dnl The packet ring capture facility of Linux, described in ++dnl Documentation/networking/packet_mmap.txt, is not 32/64-bit compatible before ++dnl version 2.6.27. A 32-bit kernel requires a 32-bit userland, and likewise for ++dnl 64-bit. The effect of this is that a 32-bit libpcap binary will not run ++dnl correctly on a 64-bit kernel (the binary will use the wrong offsets into a ++dnl kernel struct). This problem was solved in Linux 2.6.27. Use ++dnl --disable-packet-ring whenever a 32-bit application must run on a 64-bit ++dnl target host, and either the build host or the target host run Linux 2.6.26 ++dnl or earlier. ++AC_ARG_ENABLE([packet-ring], ++[AC_HELP_STRING([--enable-packet-ring],[enable Linux packet ring support @<:@default=yes@:>@])], ++,enable_packet_ring=yes) ++ ++if test "x$enable_packet_ring" != "xno" ; then ++ AC_DEFINE(PCAP_SUPPORT_PACKET_RING, 1, [use Linux packet ring capture if available]) ++ AC_SUBST(PCAP_SUPPORT_PACKET_RING) ++fi ++ + AC_PROG_INSTALL + + AC_CONFIG_HEADER(config.h) +Index: pcap-linux.c +=================================================================== +--- pcap-linux.c (revision 17694) ++++ pcap-linux.c (working copy) +@@ -232,17 +232,19 @@ + # endif /* PACKET_HOST */ + + +- /* check for memory mapped access avaibility. We assume every needed +- * struct is defined if the macro TPACKET_HDRLEN is defined, because it +- * uses many ring related structs and macros */ +-# ifdef TPACKET_HDRLEN +-# define HAVE_PACKET_RING +-# ifdef TPACKET2_HDRLEN +-# define HAVE_TPACKET2 +-# else +-# define TPACKET_V1 0 +-# endif /* TPACKET2_HDRLEN */ +-# endif /* TPACKET_HDRLEN */ ++# ifdef PCAP_SUPPORT_PACKET_RING ++ /* check for memory mapped access avaibility. We assume every needed ++ * struct is defined if the macro TPACKET_HDRLEN is defined, because it ++ * uses many ring related structs and macros */ ++# ifdef TPACKET_HDRLEN ++# define HAVE_PACKET_RING ++# ifdef TPACKET2_HDRLEN ++# define HAVE_TPACKET2 ++# else ++# define TPACKET_V1 0 ++# endif /* TPACKET2_HDRLEN */ ++# endif /* TPACKET_HDRLEN */ ++# endif /* PCAP_SUPPORT_PACKET_RING */ + #endif /* PF_PACKET */ + + #ifdef SO_ATTACH_FILTER + o Regenerated configure. diff --git a/libpcap/config.h.in b/libpcap/config.h.in index 55e13dad7..ce2933aa3 100644 --- a/libpcap/config.h.in +++ b/libpcap/config.h.in @@ -217,6 +217,9 @@ /* target host supports CAN sniffing */ #undef PCAP_SUPPORT_CAN +/* use Linux packet ring capture if available */ +#undef PCAP_SUPPORT_PACKET_RING + /* target host supports USB sniffing */ #undef PCAP_SUPPORT_USB diff --git a/libpcap/configure b/libpcap/configure index daf0be828..05d76acc5 100755 --- a/libpcap/configure +++ b/libpcap/configure @@ -596,6 +596,7 @@ ac_subst_vars='LTLIBOBJS INSTALL_DATA INSTALL_SCRIPT INSTALL_PROGRAM +PCAP_SUPPORT_PACKET_RING CAN_SRC PCAP_SUPPORT_CAN BT_SRC @@ -702,6 +703,7 @@ with_snf_includes with_snf_libraries enable_bluetooth enable_can +enable_packet_ring ' ac_precious_vars='build_alias host_alias @@ -1335,6 +1337,7 @@ Optional Features: available] --enable-can enable CAN support [default=yes, if support available] + --enable-packet-ring enable Linux packet ring support [default=yes] Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] @@ -7179,6 +7182,21 @@ $as_echo "$as_me: no CAN sniffing support implemented for $host_os" >&6;} esac +fi + +# Check whether --enable-packet-ring was given. +if test "${enable_packet_ring+set}" = set; then : + enableval=$enable_packet_ring; +else + enable_packet_ring=yes +fi + + +if test "x$enable_packet_ring" != "xno" ; then + +$as_echo "#define PCAP_SUPPORT_PACKET_RING 1" >>confdefs.h + + fi # Find a good install program. We prefer a C program (faster), diff --git a/libpcap/configure.in b/libpcap/configure.in index 58996b11a..84fc31f14 100644 --- a/libpcap/configure.in +++ b/libpcap/configure.in @@ -1396,6 +1396,24 @@ if test "x$enable_can" != "xno" ; then AC_SUBST(CAN_SRC) fi +dnl The packet ring capture facility of Linux, described in +dnl Documentation/networking/packet_mmap.txt, is not 32/64-bit compatible before +dnl version 2.6.27. A 32-bit kernel requires a 32-bit userland, and likewise for +dnl 64-bit. The effect of this is that a 32-bit libpcap binary will not run +dnl correctly on a 64-bit kernel (the binary will use the wrong offsets into a +dnl kernel struct). This problem was solved in Linux 2.6.27. Use +dnl --disable-packet-ring whenever a 32-bit application must run on a 64-bit +dnl target host, and either the build host or the target host run Linux 2.6.26 +dnl or earlier. +AC_ARG_ENABLE([packet-ring], +[AC_HELP_STRING([--enable-packet-ring],[enable Linux packet ring support @<:@default=yes@:>@])], +,enable_packet_ring=yes) + +if test "x$enable_packet_ring" != "xno" ; then + AC_DEFINE(PCAP_SUPPORT_PACKET_RING, 1, [use Linux packet ring capture if available]) + AC_SUBST(PCAP_SUPPORT_PACKET_RING) +fi + AC_PROG_INSTALL AC_CONFIG_HEADER(config.h) diff --git a/libpcap/pcap-linux.c b/libpcap/pcap-linux.c index af125433f..dedfb6dc4 100644 --- a/libpcap/pcap-linux.c +++ b/libpcap/pcap-linux.c @@ -232,17 +232,19 @@ static const char rcsid[] _U_ = # endif /* PACKET_HOST */ - /* check for memory mapped access avaibility. We assume every needed - * struct is defined if the macro TPACKET_HDRLEN is defined, because it - * uses many ring related structs and macros */ -# ifdef TPACKET_HDRLEN -# define HAVE_PACKET_RING -# ifdef TPACKET2_HDRLEN -# define HAVE_TPACKET2 -# else -# define TPACKET_V1 0 -# endif /* TPACKET2_HDRLEN */ -# endif /* TPACKET_HDRLEN */ +# ifdef PCAP_SUPPORT_PACKET_RING + /* check for memory mapped access avaibility. We assume every needed + * struct is defined if the macro TPACKET_HDRLEN is defined, because it + * uses many ring related structs and macros */ +# ifdef TPACKET_HDRLEN +# define HAVE_PACKET_RING +# ifdef TPACKET2_HDRLEN +# define HAVE_TPACKET2 +# else +# define TPACKET_V1 0 +# endif /* TPACKET2_HDRLEN */ +# endif /* TPACKET_HDRLEN */ +# endif /* PCAP_SUPPORT_PACKET_RING */ #endif /* PF_PACKET */ #ifdef SO_ATTACH_FILTER