From 0a91d701340645d345594b8dd4223a756a722d3c Mon Sep 17 00:00:00 2001
From: Symphorien Gibol <symphorien+git@xlumurb.eu>
Date: Mon, 3 Dec 2018 00:59:11 +0100
Subject: [PATCH] dsniff: init at 2.4b1
---
pkgs/tools/networking/dsniff/default.nix | 82 ++++++++++++++++++++++++
pkgs/top-level/all-packages.nix | 2 +
2 files changed, 84 insertions(+)
create mode 100644 pkgs/tools/networking/dsniff/default.nix
diff --git a/pkgs/tools/networking/dsniff/default.nix b/pkgs/tools/networking/dsniff/default.nix
new file mode 100644
index 000000000000..41acb533a3de
--- /dev/null
+++ b/pkgs/tools/networking/dsniff/default.nix
@@ -0,0 +1,82 @@
+{ stdenv, fetchFromGitLab, autoreconfHook, libpcap, db, glib, libnet, libnids, symlinkJoin, openssl_1_1 }:
+let
+ /*
+ dsniff's build system unconditionnaly wants static libraries and does not
+ support multi output derivations. We do some overriding to give it
+ satisfaction.
+ */
+ staticdb = symlinkJoin {
+ inherit (db) name;
+ paths = with db.overrideAttrs(old: { dontDisableStatic = true; }); [ out dev ];
+ postBuild = ''
+ rm $out/lib/*.so*
+ '';
+ };
+ pcap = symlinkJoin {
+ inherit (libpcap) name;
+ paths = [ libpcap ];
+ postBuild = ''
+ cp -rs $out/include/pcap $out/include/net
+ # prevent references to libpcap
+ rm $out/lib/*.so*
+ '';
+ };
+ net = symlinkJoin {
+ inherit (libnet) name;
+ paths = [ (libnet.overrideAttrs(old: { dontDisableStatic = true; })) ];
+ postBuild = ''
+ # prevent dynamic linking, now that we have a static library
+ rm $out/lib/*.so*
+ '';
+ };
+ nids = libnids.overrideAttrs(old: {
+ dontDisableStatic = true;
+ });
+ ssl = symlinkJoin {
+ inherit (openssl_1_1) name;
+ paths = with openssl_1_1.override { static = true; }; [ out dev ];
+ };
+in stdenv.mkDerivation {
+ pname = "dsniff";
+ version = "2.4b1";
+ # upstream is so old that nearly every distribution packages the beta version.
+ # Also, upstream only serves the latest version, so we use debian's sources.
+ # this way we can benefit the numerous debian patches to be able to build
+ # dsniff with recent libraries.
+ src = fetchFromGitLab {
+ domain = "salsa.debian.org";
+ owner = "pkg-security-team";
+ repo = "dsniff";
+ rev = "debian%2F2.4b1%2Bdebian-29"; # %2B = urlquote("+"), %2F = urlquote("/")
+ sha256 = "10zz9krf65jsqvlcr72ycp5cd27xwr18jkc38zqp2i4j6x0caj2g";
+ name = "dsniff.tar.gz";
+ };
+
+ nativeBuildInputs = [ autoreconfHook ];
+ buildInputs = [ glib pcap ];
+ NIX_CFLAGS_LINK = "-lglib-2.0";
+ postPatch = ''
+ for patch in debian/patches/*.patch; do
+ patch < $patch
+ done;
+ '';
+ configureFlags = [
+ "--with-db=${staticdb}"
+ "--with-libpcap=${pcap}"
+ "--with-libnet=${net}"
+ "--with-libnids=${nids}"
+ "--with-openssl=${ssl}"
+ ];
+
+ meta = with stdenv.lib; {
+ description = "collection of tools for network auditing and penetration testing";
+ longDescription = ''
+ dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.
+ '';
+ homepage = https://www.monkey.org/~dugsong/dsniff/;
+ license = licenses.bsd3;
+ maintainers = [ maintainers.symphorien ];
+ # bsd and solaris should work as well
+ platforms = platforms.linux;
+ };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 6c58fa68abcb..ecab87c027e9 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -22975,6 +22975,8 @@ with pkgs;
inherit (darwin) libresolv;
};
+ dsniff = callPackage ../tools/networking/dsniff {};
+
wal-g = callPackage ../tools/backup/wal-g {};
tlwg = callPackage ../data/fonts/tlwg { };