CVS commit: pkgsrc/net/scapy

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/net/scapy
From: "David H. Gutteridge" <gutteridge%netbsd.org@localhost>
Date: Wed, 18 Aug 2021 01:44:21 +0000

Module Name:    pkgsrc
Committed By:   gutteridge
Date:           Wed Aug 18 01:44:21 UTC 2021

Modified Files:
        pkgsrc/net/scapy: Makefile distinfo
        pkgsrc/net/scapy/patches: patch-scapy_arch_bpf_supersocket.py
Added Files:
        pkgsrc/net/scapy/patches: patch-test_bpf.uts

Log Message:
scapy: add a patch to fix lo and utun use on Darwin and FreeBSD

Tested on NetBSD to see if it made a useful difference for an example
in PR pkg/55446; it does not, but it was more revealing than before.
Adding in case it's of use for pkgsrc users on those other OSes. (I've
also added the corresponding test case, in case someone else is curious
about how this is applied.)


To generate a diff of this commit:
cvs rdiff -u -r1.35 -r1.36 pkgsrc/net/scapy/Makefile
cvs rdiff -u -r1.15 -r1.16 pkgsrc/net/scapy/distinfo
cvs rdiff -u -r1.4 -r1.5 \
    pkgsrc/net/scapy/patches/patch-scapy_arch_bpf_supersocket.py
cvs rdiff -u -r0 -r1.1 pkgsrc/net/scapy/patches/patch-test_bpf.uts

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/net/scapy/Makefile
diff -u pkgsrc/net/scapy/Makefile:1.35 pkgsrc/net/scapy/Makefile:1.36
--- pkgsrc/net/scapy/Makefile:1.35      Tue Apr 27 21:53:11 2021
+++ pkgsrc/net/scapy/Makefile   Wed Aug 18 01:44:21 2021
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.35 2021/04/27 21:53:11 gutteridge Exp $
+# $NetBSD: Makefile,v 1.36 2021/08/18 01:44:21 gutteridge Exp $
 
 DISTNAME=      scapy-2.4.5
+PKGREVISION=   1
 CATEGORIES=    net
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=secdev/}
 GITHUB_TAG=    v${PKGVERSION_NOREV}

Index: pkgsrc/net/scapy/distinfo
diff -u pkgsrc/net/scapy/distinfo:1.15 pkgsrc/net/scapy/distinfo:1.16
--- pkgsrc/net/scapy/distinfo:1.15      Sun May  2 19:28:15 2021
+++ pkgsrc/net/scapy/distinfo   Wed Aug 18 01:44:21 2021
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2021/05/02 19:28:15 gutteridge Exp $
+$NetBSD: distinfo,v 1.16 2021/08/18 01:44:21 gutteridge Exp $
 
 SHA1 (scapy-2.4.5.tar.gz) = 28f3a240cbbb3b6df45e239be8fbf5fb138591f6
 RMD160 (scapy-2.4.5.tar.gz) = d0b23b55251802fab1f78e8e2f5170fc595d1a8e
@@ -6,6 +6,7 @@ SHA512 (scapy-2.4.5.tar.gz) = b5ccd689f7
 Size (scapy-2.4.5.tar.gz) = 3323309 bytes
 SHA1 (patch-ab) = a0ef3c66ed5578e53d76ee38f6931be9c293baa5
 SHA1 (patch-ad) = bac7c72eff08608d4d73911a94bfc3125b8b53b6
-SHA1 (patch-scapy_arch_bpf_supersocket.py) = 4c11a8e9cd8212314cc3d881d906d83c893f1755
+SHA1 (patch-scapy_arch_bpf_supersocket.py) = 910c893fa3a90daffa14d8c963b65186fca313f8
 SHA1 (patch-scapy_consts.py) = c897229e444d363e2aeea12cdd7264d3d275f4ab
+SHA1 (patch-test_bpf.uts) = 628c8da78c16ab5628eb2b9a5d10229c5de197f8
 SHA1 (patch-test_run__tests) = cf152ca5a81652ff9fbfebf79d7f318e8d79e18e

Index: pkgsrc/net/scapy/patches/patch-scapy_arch_bpf_supersocket.py
diff -u pkgsrc/net/scapy/patches/patch-scapy_arch_bpf_supersocket.py:1.4 pkgsrc/net/scapy/patches/patch-scapy_arch_bpf_supersocket.py:1.5
--- pkgsrc/net/scapy/patches/patch-scapy_arch_bpf_supersocket.py:1.4    Tue Apr 27 21:53:11 2021
+++ pkgsrc/net/scapy/patches/patch-scapy_arch_bpf_supersocket.py        Wed Aug 18 01:44:21 2021
@@ -1,8 +1,12 @@
-$NetBSD: patch-scapy_arch_bpf_supersocket.py,v 1.4 2021/04/27 21:53:11 gutteridge Exp $
+$NetBSD: patch-scapy_arch_bpf_supersocket.py,v 1.5 2021/08/18 01:44:21 gutteridge Exp $
 
 Add DragonFly support.
+
 Fix NetBSD 32-bit architecture alignment.
 
+Fix send() on loopback and utun devices for Darwin and FreeBSD.
+https://github.com/secdev/scapy/pull/3257
+
 --- scapy/arch/bpf/supersocket.py.orig 2021-04-18 18:36:15.000000000 +0000
 +++ scapy/arch/bpf/supersocket.py
 @@ -18,7 +18,7 @@ from scapy.arch.bpf.consts import BIOCGB
@@ -37,3 +41,43 @@ Fix NetBSD 32-bit architecture alignment
              bh_tstamp_offset = 16
          else:
              # struct bpf_hdr
+@@ -390,14 +393,31 @@ class L3bpfSocket(L2bpfSocket):
+             self.assigned_interface = iff
+ 
+         # Build the frame
+-        if self.guessed_cls == Loopback:
+-            # bpf(4) man page (from macOS, but also for BSD):
+-            # "A packet can be sent out on the network by writing to a bpf
+-            # file descriptor. [...] Currently only writes to Ethernets and
+-            # SLIP links are supported"
+-            #
+-            # Headers are only mentioned for reads, not writes. tuntaposx's tun
+-            # device reports as a "loopback" device, but it does IP.
++        #
++        # LINKTYPE_NULL / DLT_NULL (Loopback) is a special case. From the
++        # bpf(4) man page (from macOS/Darwin, but also for BSD):
++        #
++        # "A packet can be sent out on the network by writing to a bpf file
++        # descriptor. [...] Currently only writes to Ethernets and SLIP links
++        # are supported."
++        #
++        # Headers are only mentioned for reads, not writes, and it has the
++        # name "NULL" and id=0.
++        #
++        # The _correct_ behaviour appears to be that one should add a BSD
++        # Loopback header to every sent packet. This is needed by FreeBSD's
++        # if_lo, and Darwin's if_lo & if_utun.
++        #
++        # tuntaposx appears to have interpreted "NULL" as "no headers".
++        # Thankfully its interfaces have a different name (tunX) to Darwin's
++        # if_utun interfaces (utunX).
++        #
++        # There might be other drivers which make the same mistake as
++        # tuntaposx, but these are typically provided with VPN software, and
++        # Apple are breaking these kexts in a future version of macOS... so
++        # the problem will eventually go away. They already don't work on Macs
++        # with Apple Silicon (M1).
++        if DARWIN and iff.startswith('tun') and self.guessed_cls == Loopback:
+             frame = raw(pkt)
+         else:
+             frame = raw(self.guessed_cls() / pkt)

Added files:

Index: pkgsrc/net/scapy/patches/patch-test_bpf.uts
diff -u /dev/null pkgsrc/net/scapy/patches/patch-test_bpf.uts:1.1
--- /dev/null   Wed Aug 18 01:44:21 2021
+++ pkgsrc/net/scapy/patches/patch-test_bpf.uts Wed Aug 18 01:44:21 2021
@@ -0,0 +1,31 @@
+$NetBSD: patch-test_bpf.uts,v 1.1 2021/08/18 01:44:21 gutteridge Exp $
+
+Fix send() on loopback and utun devices for Darwin and FreeBSD.
+https://github.com/secdev/scapy/pull/3257
+
+--- test/bpf.uts.orig  2021-04-18 18:36:15.000000000 +0000
++++ test/bpf.uts
+@@ -145,3 +145,23 @@ s.send(IP(dst="8.8.8.8")/ICMP())
+ s = L3bpfSocket()             
+ s.assigned_interface = conf.loopback_name
+ s.send(IP(dst="8.8.8.8")/ICMP())
++
++= L3bpfSocket - send and sniff on loopback
++~ needs_root
++
++localhost_ip = conf.ifaces[conf.loopback_name].ips[4][0]
++
++def cb():
++    # Send a ping to the loopback IP.
++    s = L3bpfSocket(iface=conf.loopback_name)
++    s.send(IP(dst=localhost_ip)/ICMP(seq=1001))
++
++t = AsyncSniffer(iface=conf.loopback_name, started_callback=cb)
++t.start()
++time.sleep(1)
++t.stop()
++t.join(timeout=1)
++
++# We expect to see our packet and kernel's response.
++len(t.results.filter(lambda p: (
++    IP in p and ICMP in p and (p[IP].src == localhost_ip or p[IP].dst == localhost_ip) and p[ICMP].seq == 1001))) == 2

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/print/zathura
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/print/zathura
Indexes:

Home | Main Index | Thread Index | Old Index