mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-15 06:14:57 +01:00
43fa250334
Old version of GCC was used because of the bug in the new version of GCC that is long gone, we can safely use the current version now.
86 lines
3 KiB
Nix
86 lines
3 KiB
Nix
{ stdenv, lib, fetchFromGitLab, autoreconfHook, libpcap, db, glib, libnet, libnids, symlinkJoin, openssl
|
|
, rpcsvc-proto, libtirpc, libnsl, libnl
|
|
}:
|
|
|
|
let
|
|
/*
|
|
dsniff's build system unconditionnaly wants static libraries and does not
|
|
support multi output derivations. We do some overriding to give it
|
|
satisfaction.
|
|
*/
|
|
staticdb = symlinkJoin {
|
|
inherit (db) name;
|
|
paths = with db.overrideAttrs { dontDisableStatic = true; }; [ out dev ];
|
|
postBuild = ''
|
|
rm $out/lib/*.so*
|
|
'';
|
|
};
|
|
pcap = symlinkJoin {
|
|
inherit (libpcap) name;
|
|
paths = [ (libpcap.overrideAttrs { dontDisableStatic = true; }) ];
|
|
postBuild = ''
|
|
cp -rs $out/include/pcap $out/include/net
|
|
# prevent references to libpcap
|
|
rm $out/lib/*.so*
|
|
'';
|
|
};
|
|
net = symlinkJoin {
|
|
inherit (libnet) name;
|
|
paths = [ (libnet.overrideAttrs { dontDisableStatic = true; }) ];
|
|
postBuild = ''
|
|
# prevent dynamic linking, now that we have a static library
|
|
rm $out/lib/*.so*
|
|
'';
|
|
};
|
|
nids = libnids.overrideAttrs {
|
|
dontDisableStatic = true;
|
|
};
|
|
ssl = symlinkJoin {
|
|
inherit (openssl) name;
|
|
paths = with openssl.override { static = true; }; [ out dev ];
|
|
};
|
|
in stdenv.mkDerivation rec {
|
|
pname = "dsniff";
|
|
version = "2.4b1";
|
|
# upstream is so old that nearly every distribution packages the beta version.
|
|
# Also, upstream only serves the latest version, so we use debian's sources.
|
|
# this way we can benefit the numerous debian patches to be able to build
|
|
# dsniff with recent libraries.
|
|
src = fetchFromGitLab {
|
|
domain = "salsa.debian.org";
|
|
owner = "pkg-security-team";
|
|
repo = "dsniff";
|
|
rev = "debian/${version}+debian-30";
|
|
sha256 = "1fk2k0sfdp5g27i11g0sbzm7al52raz5yr1aibzssnysv7l9xgzh";
|
|
name = "dsniff.tar.gz";
|
|
};
|
|
|
|
nativeBuildInputs = [ autoreconfHook rpcsvc-proto ];
|
|
buildInputs = [ glib pcap libtirpc libnsl libnl ];
|
|
NIX_CFLAGS_LINK = "-lglib-2.0 -lpthread -ltirpc -lnl-3 -lnl-genl-3";
|
|
env.NIX_CFLAGS_COMPILE = toString [ "-I${libtirpc.dev}/include/tirpc" ];
|
|
postPatch = ''
|
|
for patch in debian/patches/*.patch; do
|
|
patch < $patch
|
|
done;
|
|
'';
|
|
configureFlags = [
|
|
"--with-db=${staticdb}"
|
|
"--with-libpcap=${pcap}"
|
|
"--with-libnet=${net}"
|
|
"--with-libnids=${nids}"
|
|
"--with-openssl=${ssl}"
|
|
];
|
|
|
|
meta = with lib; {
|
|
description = "collection of tools for network auditing and penetration testing";
|
|
longDescription = ''
|
|
dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.
|
|
'';
|
|
homepage = "https://www.monkey.org/~dugsong/dsniff/";
|
|
license = licenses.bsd3;
|
|
maintainers = [ maintainers.symphorien ];
|
|
# bsd and solaris should work as well
|
|
platforms = platforms.linux;
|
|
};
|
|
}
|