diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c3367d2 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/dionaea-*.tar.gz diff --git a/README.md b/README.md new file mode 100644 index 0000000..a90c42e --- /dev/null +++ b/README.md @@ -0,0 +1,24 @@ +# dionaea + +Dionaea honeypot is low interaction honeypot, embedding python +as scripting language, using libemu to detect shell-codes, supporting +ipv6 and TLS. + +## Dependencies +- libidn https://src.fedoraproject.org/rpms/libidn +- loudmouth https://src.fedoraproject.org/rpms/loudmouth +- udns https://src.fedoraproject.org/rpms/udns +- libev https://src.fedoraproject.org/rpms/libev +- python3-bson https://src.fedoraproject.org/rpms/python-pymongo +- libdasm https://src.fedoraproject.org/rpms/libdasm +- libemu https://src.fedoraproject.org/rpms/libemu + +## Packages +- dionaea +- python3-dionaea +- dionaea-doc + +## Known issues +- p0f - the p0f API used in upstream dionaea code is currently (2024) referring to version 2.* of p0f, + while we have version 3.* in Fedora. Configuring p0f interface to dionaea in /etc/dionaea/services-enabled/p0f.yaml currently results in severe segfaults especially when blackhole module is used for handling a port. + diff --git a/changelog b/changelog new file mode 100644 index 0000000..e1c6d04 --- /dev/null +++ b/changelog @@ -0,0 +1,163 @@ +* Fri Sep 19 2025 Python Maint - 0.11.0-9.20210228git4e459f1 +- Rebuilt for Python 3.14.0rc3 bytecode + +* Fri Aug 15 2025 Python Maint - 0.11.0-8.20210228git4e459f1 +- Rebuilt for Python 3.14.0rc2 bytecode + +* Tue Aug 05 2025 Charalampos Stratakis - 0.11.0-7.20210228git4e459f1 +- Fix compatibility with Cython >= 3.1 +- Fixes: rhbz#2377036 + +* Wed Jul 23 2025 Fedora Release Engineering - 0.11.0-6.20210228git4e459f1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Tue Jun 03 2025 Python Maint - 0.11.0-5.20210228git4e459f1 +- Rebuilt for Python 3.14 + +* Tue Feb 11 2025 Zbigniew Jędrzejewski-Szmek - 0.11.0-4.20210228git4e459f1 +- Add sysusers.d config file to allow rpm to create users/groups automatically + +* Thu Jan 16 2025 Fedora Release Engineering - 0.11.0-3.20210228git4e459f1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Wed Aug 28 2024 Miroslav Suchý - 0.11.0-2.20210228git4e459f1 +- convert license to SPDX + +* Thu Jul 04 2024 Michal Ambroz 0.11.0-1 +- bump to 0.11.0 + +* Fri Jun 07 2024 Python Maint - 0.7.0-29 +- Rebuilt for Python 3.13 + +* Mon Mar 25 2024 Nils Philippsen - 0.7.0-28 +- Revert constraining SQLAlchemy version + +* Tue Mar 19 2024 Nils Philippsen - 0.7.0-27 +- Add dependency on setuptools Python package + +* Tue Mar 19 2024 Nils Philippsen - 0.7.0-26 +- Depend on SQLAlchemy < 2 + +* Wed Jan 24 2024 Fedora Release Engineering - 0.7.0-25 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 0.7.0-24 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Oct 05 2023 Michal Ambroz 0.7.0-22 +- add version metadata to the python module to fix FTBFS + +* Sun Jul 23 2023 Python Maint - 0.7.0-21 +- Rebuilt for Python 3.12 + +* Wed Jul 19 2023 Fedora Release Engineering - 0.7.0-20 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Wed Jun 14 2023 Python Maint - 0.7.0-19 +- Rebuilt for Python 3.12 + +* Thu Jan 19 2023 Fedora Release Engineering - 0.7.0-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Thu Jul 21 2022 Fedora Release Engineering - 0.7.0-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon Jun 13 2022 Python Maint - 0.7.0-16 +- Rebuilt for Python 3.11 + +* Thu Jan 20 2022 Fedora Release Engineering - 0.7.0-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Tue Sep 14 2021 Sahana Prasad - 0.7.0-14 +- Rebuilt with OpenSSL 3.0.0 + +* Wed Jul 21 2021 Fedora Release Engineering - 0.7.0-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri Jun 04 2021 Python Maint - 0.7.0-12 +- Rebuilt for Python 3.10 + +* Tue Jan 26 2021 Fedora Release Engineering - 0.7.0-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Mon Jul 27 2020 Fedora Release Engineering - 0.7.0-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue May 26 2020 Miro Hrončok - 0.7.0-9 +- Rebuilt for Python 3.9 + +* Tue Jan 28 2020 Fedora Release Engineering - 0.7.0-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Oct 24 2019 Michal Ambroz 0.7.0-7 +- switch to glib2 based on #1766678 to modernize and prepare for epel8 + +* Thu Oct 24 2019 Michal Ambroz 0.7.0-6 +- rebuilt rawhide after ressurection of libdasm/libemu + +* Mon Aug 19 2019 Miro Hrončok - 0.7.0-5.3 +- Rebuilt for Python 3.8 + +* Wed Jul 24 2019 Fedora Release Engineering - 0.7.0-5.2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu Jan 31 2019 Fedora Release Engineering - 0.7.0-5.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Jul 30 2018 Adam Williamson - 0.7.0-5 +- Disable -Werror to fix build (see upstream #225) + +* Thu Jul 12 2018 Fedora Release Engineering - 0.7.0-4.2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Jun 19 2018 Miro Hrončok - 0.7.0-4.1 +- Rebuilt for Python 3.7 + +* Mon Jun 18 2018 Michal Ambroz 0.7.0-4 +- anothe improvement of logrotate script +- add the empty files for dionaea.sqlite dionaea_incident.sqlite sipaccounts.sqlite + +* Mon Jun 04 2018 Michal Ambroz 0.7.0-3 +- fix logrotate script +- use the current version of openssl (needs to be same as curllib is using) + +* Thu May 10 2018 Michal Ambroz 0.7.0-1 +- bump to release 0.7.0 + +* Mon May 07 2018 Michal Ambroz 0.6.0-10.20180326git1748f3b +- cosmetics, changing description in the systemd service + +* Mon Apr 30 2018 Michal Ambroz 0.6.0-9.20180326git1748f3b +- add runtime python dependencies +- fix location of sip user database + +* Mon Apr 30 2018 Iryna Shcherbina - 0.6.0-8.20180326git1748f3b +- Fix condition for python-sphinx on Fedora + +* Fri Apr 20 2018 Michal Ambroz 0.6.0-7.20180326git1748f3b +- fix the link creation to python core library + +* Mon Apr 09 2018 Michal Ambroz 0.6.0-6.20180326git1748f3b +- fix log rotation, move the logs to /var/log/dionaea +- create user dionaea:dionaea +- grant shared stare dir/files to the dionaea user account + +* Mon Apr 09 2018 Michal Ambroz 0.6.0-5.20180326git1748f3b +- clean-up based on review in #1564716 + +* Fri Apr 06 2018 Michal Ambroz 0.6.0-4.20180326git1748f3b +- update to current git snapshot, add logrotate and service files + +* Wed Mar 21 2018 Michal Ambroz 0.6.0-3.20180313gitd2efb76 +- fix openssl dependency for EPEL7 build + +* Wed Mar 21 2018 Michal Ambroz 0.6.0-2.20180313gitd2efb76 +- bump to commit d2efb768e753a7f1ddca6dbf402548d741f33574 +- unbundle pyev and refer to system-installed pyev +- remove the hardcoded default prefix /opt/dionaea +- move from /var/dionaea to /var/lib/dionaea +- fix the doc generation warnings + +* Thu Dec 28 2017 Michal Ambroz 0.6.0-1 +- initial package + diff --git a/dead.package b/dead.package deleted file mode 100644 index c10d36e..0000000 --- a/dead.package +++ /dev/null @@ -1,3 +0,0 @@ -Retired: Package fails to install for 8+ weeks - -See https://pagure.io/releng/issue/10067 diff --git a/dionaea-01_glib.patch b/dionaea-01_glib.patch new file mode 100644 index 0000000..860bc8b --- /dev/null +++ b/dionaea-01_glib.patch @@ -0,0 +1,105 @@ +Use the glib CFLAGS and LDFLAGS during build where necessary +https://github.com/DinoTools/dionaea/issues/161 +https://github.com/DinoTools/dionaea/pull/160 +Merged in in https://github.com/DinoTools/dionaea/commit/1748f3b3936aa1da2d92500251ae8010fe181dfc +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/curl/Makefile.am dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/curl/Makefile.am +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/curl/Makefile.am 2016-11-14 23:26:58.000000000 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/curl/Makefile.am 2018-03-21 10:34:08.529280378 +0100 +@@ -5,9 +5,12 @@ + AM_CFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/src + AM_CFLAGS += -fno-strict-aliasing + +-AM_CFLAGS += $(LIB_CURL_CFLAGS) ++AM_CFLAGS += $(LIB_CURL_CFLAGS) + AM_LDFLAGS = $(LIB_CURL_LIBS) + ++AM_CFLAGS += $(LIB_GLIB_CFLAGS) ++AM_LDFLAGS += $(LIB_GLIB_LDFLAGS) ++ + pkglib_LTLIBRARIES = curl.la + + curl_la_SOURCES = module.c module.h +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/emu/Makefile.am dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/emu/Makefile.am +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/emu/Makefile.am 2016-11-14 23:26:58.000000000 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/emu/Makefile.am 2018-03-21 10:34:08.529280378 +0100 +@@ -8,9 +8,13 @@ + AM_CFLAGS += $(LIB_EMU_CFLAGS) + AM_LDFLAGS = $(LIB_EMU_LIBS) + ++AM_CFLAGS += $(LIB_GLIB_CFLAGS) ++AM_LDFLAGS += $(LIB_GLIB_LDFLAGS) ++ ++ + + pkglib_LTLIBRARIES = emu.la + + emu_la_SOURCES = module.c module.h detect.c emulate.c profile.c hooks.c + +-emu_la_LDFLAGS = -module -no-undefined -avoid-version ${AM_LDFLAGS} ++emu_la_LDFLAGS = -module -no-undefined -avoid-version ${AM_LDFLAGS} +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/nc/Makefile.am dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/nc/Makefile.am +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/nc/Makefile.am 2016-11-14 23:26:58.000000000 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/nc/Makefile.am 2018-03-21 10:34:39.534850615 +0100 +@@ -7,6 +7,10 @@ + AM_CFLAGS += + AM_LDFLAGS = + ++AM_CFLAGS += $(LIB_GLIB_CFLAGS) ++AM_LDFLAGS += $(LIB_GLIB_LDFLAGS) ++ ++ + + pkglib_LTLIBRARIES = nc.la + +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/nfq/Makefile.am dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/nfq/Makefile.am +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/nfq/Makefile.am 2016-11-14 23:26:58.000000000 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/nfq/Makefile.am 2018-03-21 10:34:08.530280363 +0100 +@@ -5,8 +5,8 @@ + AM_CFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/src -pipe -D _GNU_SOURCE -fno-strict-aliasing + AM_CFLAGS += -Wall -Werror + +-AM_CFLAGS += ${LIB_GLIB_CFLAGS} +-AM_LDFLAGS = ${LIB_GLIB_LIBS} ++AM_CFLAGS += ${LIB_GLIB_CFLAGS} ++AM_LDFLAGS = ${LIB_GLIB_LIBS} + + + pkglib_LTLIBRARIES = nfq.la +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/nl/Makefile.am dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/nl/Makefile.am +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/nl/Makefile.am 2016-11-14 23:26:58.000000000 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/nl/Makefile.am 2018-03-21 10:34:08.530280363 +0100 +@@ -10,6 +10,8 @@ + #AM_LDFLAGS = -Wl,-rpath,/opt/dionaea/lib -L/opt/dionaea/lib -lnl -lnl-route -lnl-genl -lnl-nf + AM_LDFLAGS = $(LIB_NL_LIBS) + ++AM_CFLAGS += $(LIB_GLIB_CFLAGS) ++AM_LDFLAGS += $(LIB_GLIB_LDFLAGS) + + pkglib_LTLIBRARIES = nl.la + +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/pcap/Makefile.am dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/pcap/Makefile.am +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/pcap/Makefile.am 2016-11-14 23:26:58.000000000 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/pcap/Makefile.am 2018-03-21 10:34:08.531280350 +0100 +@@ -8,6 +8,9 @@ + AM_CFLAGS += $(LIB_PCAP_CFLAGS) + AM_LDFLAGS = $(LIB_PCAP_LIBS) + ++AM_CFLAGS += $(LIB_GLIB_CFLAGS) ++AM_LDFLAGS += $(LIB_GLIB_LDFLAGS) ++ + pkglib_LTLIBRARIES = pcap.la + + pcap_la_SOURCES = pcap.c +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/xmatch/Makefile.am dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/xmatch/Makefile.am +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/xmatch/Makefile.am 2016-11-14 23:26:58.000000000 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/xmatch/Makefile.am 2018-03-21 10:34:08.531280350 +0100 +@@ -8,6 +8,9 @@ + AM_CFLAGS += $(LIB_XMATCH_CFLAGS) + AM_LDFLAGS = $(LIB_XMATCH_LIBS) + ++AM_CFLAGS += $(LIB_GLIB_CFLAGS) ++AM_LDFLAGS += $(LIB_GLIB_LDFLAGS) ++ + pkglib_LTLIBRARIES = xmatch.la + + xmatch_la_SOURCES = module.c xmatch.c diff --git a/dionaea-02_warnerror.patch b/dionaea-02_warnerror.patch new file mode 100644 index 0000000..61b3afa --- /dev/null +++ b/dionaea-02_warnerror.patch @@ -0,0 +1,20 @@ +Get rid of the warning about not used return value from chdir. +https://github.com/DinoTools/dionaea/issues/162 +https://github.com/DinoTools/dionaea/pull/163 +Merged in in https://github.com/DinoTools/dionaea/commit/ea5d54060af53250abfe3dde9f36af399fa30524 + +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/src/dionaea.c dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/src/dionaea.c +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/src/dionaea.c 2018-03-21 04:21:30.201354584 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/src/dionaea.c 2018-03-21 04:22:07.529846514 +0100 +@@ -723,7 +723,10 @@ + g_error("Could not chroot(\"%s\") (%s)", opt->root, strerror(errno)); + } else + { +- chdir("/"); ++ if ( chdir("/") != 0 ) { ++ g_error("Could change to root directory '/' ... this shuoldn't happen exitting.\nErr: (%s)", strerror(errno)); ++ return EXIT_FAILURE; ++ } + } + } + diff --git a/dionaea-03_in6_pktinfo.patch b/dionaea-03_in6_pktinfo.patch new file mode 100644 index 0000000..07f6ffe --- /dev/null +++ b/dionaea-03_in6_pktinfo.patch @@ -0,0 +1,18 @@ +ipv6 structures in are used by the so it should be included first +ipv6 structures needs explicit CFLAGS " -D_GNU_SOURCE" to compile on linux +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/include/connection.h dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/include/connection.h +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/include/connection.h 2018-03-21 04:21:30.193354693 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/include/connection.h 2018-03-21 04:46:46.450694148 +0100 +@@ -28,11 +28,11 @@ + #ifndef HAVE_CONNECTION_H + #define HAVE_CONNECTION_H + ++#include + #include + #include + #include + +-#include + //#include + #include + #include diff --git a/dionaea-04_pyev.patch b/dionaea-04_pyev.patch new file mode 100644 index 0000000..24a3ba8 --- /dev/null +++ b/dionaea-04_pyev.patch @@ -0,0 +1,110 @@ +diff --git a/modules/python/Makefile.am b/modules/python/Makefile.am +index 5beb169..aa273d3 100644 +--- a/modules/python/Makefile.am ++++ b/modules/python/Makefile.am +@@ -4,19 +4,20 @@ AUTOMAKE_OPTIONS = foreign + + SUBDIRS = dionaea util + ++PYTHON_SITEARCH=$(pkglibdir)"/python" ++ + all: binding.c + + binding.c: setup.py setup.py.in binding.pyx module.c module.h ../../config.h ../../include/protocol.h ../../include/dionaea.h + $(PYTHON) setup.py build + + install-exec-am: all +- cp build/*/dionaea/*.so $(DESTDIR)$(pkglibdir)/python.so +- (cd $(DESTDIR)$(pkglibdir)/python/dionaea && rm -f core.so && ln -s ../../python.so core.so) +- (cd $(DESTDIR)$(pkglibdir)/python/dionaea && rm -f pyev.so && ln -s ../../python.so pyev.so) ++ $(PYTHON) setup.py install -O1 --skip-build --root $(DESTDIR) --install-lib $(PYTHON_SITEARCH) ++ (cd $(DESTDIR)$(PYTHON_SITEARCH)/dionaea && export X=`ls core*.so | head -n 1` && ln -s $(PYTHON_SITEARCH)/dionaea/$$X python.so && mv python.so $(DESTDIR)$(pkglibdir)/python.so) + + clean: + $(PYTHON) setup.py clean +- rm -rf ./build binding.{c,h} ++ rm -rf ./build binding.{c,h} + + dist-clean: clean + +diff --git a/modules/python/dionaea/hpfeeds.py b/modules/python/dionaea/hpfeeds.py +index 3674f4b..9a92e0d 100644 +--- a/modules/python/dionaea/hpfeeds.py ++++ b/modules/python/dionaea/hpfeeds.py +@@ -38,7 +38,7 @@ import datetime + from time import gmtime, strftime + + try: +- from dionaea import pyev ++ import pyev + except ImportError: + pyev = None + +diff --git a/modules/python/dionaea/sip/__init__.py b/modules/python/dionaea/sip/__init__.py +index 66cb86e..48100f0 100644 +--- a/modules/python/dionaea/sip/__init__.py ++++ b/modules/python/dionaea/sip/__init__.py +@@ -36,9 +36,10 @@ import random + import os + import datetime + import tempfile ++import pyev + + from dionaea.core import connection, g_dionaea, incident +-from dionaea import pyev, ServiceLoader ++from dionaea import ServiceLoader + + from dionaea.sip.extras import msg_to_icd, SipConfig, ErrorWithResponse + +diff --git a/modules/python/dionaea/submit_http.py b/modules/python/dionaea/submit_http.py +index 20d645d..66c166c 100644 +--- a/modules/python/dionaea/submit_http.py ++++ b/modules/python/dionaea/submit_http.py +@@ -1,7 +1,8 @@ + from dionaea.core import ihandler, incident, g_dionaea + from dionaea.util import md5file, sha512file +-from dionaea import pyev, IHandlerLoader ++from dionaea import IHandlerLoader + ++import pyev + import logging + import uuid + import struct +diff --git a/modules/python/dionaea/virustotal.py b/modules/python/dionaea/virustotal.py +index f2508a7..3e96c3d 100644 +--- a/modules/python/dionaea/virustotal.py ++++ b/modules/python/dionaea/virustotal.py +@@ -32,7 +32,7 @@ import logging + import json + import uuid + import sqlite3 +-from dionaea import pyev ++import pyev + + logger = logging.getLogger('virustotal') + logger.setLevel(logging.DEBUG) +diff --git a/modules/python/setup.py.in b/modules/python/setup.py.in +index 17d71c0..97da738 100644 +--- a/modules/python/setup.py.in ++++ b/modules/python/setup.py.in +@@ -86,7 +86,7 @@ PYEV_VERSION = "\"{0}\"".format(pyev_version) + + ext_modules=[ + Extension("dionaea.core", +- ['binding.pyx', 'module.c', 'pyev/pyev.c'], ++ ['binding.pyx', 'module.c'], + language="c", + include_dirs=['../../include', '../../'] + [k for k in sorted(include_dir_dict)], + extra_compile_args=[k for k in sorted(extra_compile_dict)], +diff --git a/modules/python/CMakeLists.txt b/modules/python/CMakeLists.txt +index 483eacb..bcd1df4 100644 +--- a/modules/python/CMakeLists.txt ++++ b/modules/python/CMakeLists.txt +@@ -1,6 +1,6 @@ + if (PYTHONINTERP_FOUND) + #set(SETUP_PY_IN "${CMAKE_CURRENT_SOURCE_DIR}/setup.py") +- set(SETUP_PY_IN "${CMAKE_CURRENT_SOURCE_DIR}/setup.py.in2") ++ set(SETUP_PY_IN "${CMAKE_CURRENT_SOURCE_DIR}/setup.py.in") + set(SETUP_PY "${CMAKE_CURRENT_BINARY_DIR}/setup.py") + #set(DEPS "${CMAKE_CURRENT_SOURCE_DIR}/module/__init__.py") + set(OUTPUT "${CMAKE_CURRENT_BINARY_DIR}/build/timestamp") diff --git a/dionaea-05_sitelib.patch b/dionaea-05_sitelib.patch new file mode 100644 index 0000000..a3ccb72 --- /dev/null +++ b/dionaea-05_sitelib.patch @@ -0,0 +1,28 @@ +Have a dedicated variable for the python sitelib, so it can be easily changed externally when building the system package. +diff -ru dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/python/dionaea/Makefile.am dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/python/dionaea/Makefile.am +--- dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.orig/modules/python/dionaea/Makefile.am 2018-03-21 04:21:30.195354666 +0100 ++++ dionaea-793accd84432a77309fa8b81e1f5e9b5bd9ee7a3.new/modules/python/dionaea/Makefile.am 2018-03-21 07:36:59.780218852 +0100 +@@ -2,6 +2,9 @@ + + AUTOMAKE_OPTIONS = foreign + ++PYTHON_SITELIB=$(pkglibdir)"/python" ++ ++ + PYSCRIPTS = blackhole.py + PYSCRIPTS += emu_scripts/__init__.py + PYSCRIPTS += emu_scripts/handler.py +@@ -83,11 +86,11 @@ + + + all: $(PYSCRIPTS) +- ++ + + install-data-am: all + for i in $(PYSCRIPTS); do \ +- location=$(DESTDIR)$(pkglibdir)"/python/dionaea/$$i"; \ ++ location=$(DESTDIR)$(PYTHON_SITELIB)"/dionaea/$$i"; \ + scriptdir=`dirname "$$location"`; \ + if [ ! -d $$scriptdir ]; then \ + $(mkinstalldirs) $$scriptdir; \ diff --git a/dionaea-06_docswarn.patch b/dionaea-06_docswarn.patch new file mode 100644 index 0000000..ee3d4bb --- /dev/null +++ b/dionaea-06_docswarn.patch @@ -0,0 +1,760 @@ +https://github.com/DinoTools/dionaea/issues/170 +https://github.com/DinoTools/dionaea/pull/179 +diff --git a/doc/source/ihandler/log_sqlite.rst b/doc/source/ihandler/log_sqlite.rst +index 040a2a8..e6cca5b 100644 +--- a/doc/source/ihandler/log_sqlite.rst ++++ b/doc/source/ihandler/log_sqlite.rst +@@ -28,21 +28,18 @@ when retrieving the data from the database: + + Additionally, you can query the database for many different things, refer to: + +-* dionaea sql logging 2009/11/06 +- +-* post it yourself 2009/12/08 +- +-* sqlite performance 2009/12/12 +- +-* virustotal fun 2009/12/14 +- +-* Andrew Waite's Blog for mimic-nepstats.py ++* `dionaea sql logging 2009/11/06 `_ ++* `post it yourself 2009/12/08 `_ ++* `sqlite performance 2009/12/12 `_ ++* `virustotal fun 2009/12/14 `_ ++* `Andrew Waite's Blog `_ for mimic-nepstats.py + + for more examples how to make use of the database. + + Example config + -------------- + +-.. literalinclude:: ../../../conf/ihandlers/log_sqlite.yaml.in +- :language: yaml +- :caption: ihandlers/log_sqlite.yaml ++:: ++ .. literalinclude:: ../../../conf/ihandlers/log_sqlite.yaml.in ++ :language: yaml ++ :caption: ihandlers/log_sqlite.yaml +diff --git a/doc/source/old/configuration.rst b/doc/source/old/configuration.rst +index bb46217..7f1b19f 100644 +--- a/doc/source/old/configuration.rst ++++ b/doc/source/old/configuration.rst +@@ -90,18 +90,12 @@ gnuplotsql <#gnuplotsql> script. + + The blog on logsql: + +- * 2009-11-06 dionaea sql logging +- +- * 2009-12-08 post it yourself +- +- * 2009-12-12 sqlite performance +- +- * 2009-12-14 virustotal fun +- +- * 2009-12-15 paris mission pack avs +- +- * 2010-06-06 data visualisation +- ++ * `2009-11-06 dionaea sql logging `_ ++ * `2009-12-08 post it yourself `_ ++ * `2009-12-12 sqlite performance `_ ++ * `2009-12-14 virustotal fun `_ ++ * `2009-12-15 paris mission pack avs `_ ++ * `2010-06-06 data visualisation `_ + + + logxmpp +@@ -114,9 +108,9 @@ sensors anonymously. + + The blog on logxmpp: + +- * 2010-02-10 xmpp backend +- * 2010-05-12 xmpp take #2 +- * 2010-05-15 xmpp take #3 ++ * `2010-02-10 xmpp backend `_ ++ * `2010-05-12 xmpp take #2 `_ ++ * `2010-05-15 xmpp take #3 `_ + + pg_backend <#pg_backend> can be used as a backend for xmpp logging sensors. + +@@ -130,8 +124,7 @@ and start p0f as suggested in the config. It costs nothing, and gives + some pretty cool, even if outdated, informations about the attackers + operating system, and you can look them up from the sqlite database, + even the rejected connections. +-If you face problems, here +- are some hints. ++If you face problems, `here `_ are some hints. + + + +diff --git a/doc/source/old/seagfaults.rst b/doc/source/old/seagfaults.rst +index 39b8241..e07722a 100644 +--- a/doc/source/old/seagfaults.rst ++++ b/doc/source/old/seagfaults.rst +@@ -8,218 +8,216 @@ This software just had a segmentation fault. + The bug you encountered may even be exploitable. + If you want to assist in fixing the bug, please send the backtrace below to nepenthesdev@gmail.com. + You can create better backtraces with gdb, for more information visit http://dionaea.carnivore.it/#segfault +-Once you read this message, your tty may be broken, simply type reset, so it will come to life again +- +-/opt/dionaea/bin/dionaea(sigsegv_backtrace_cb+0x20)[0x805c11e] +-[0x70d420] +-/opt/dionaea/lib/libemu/libemu.so.2(emu_env_w32_eip_check+0x94)[0x186974] +-/opt/dionaea/lib/dionaea/emu.so(run+0x39)[0x89cced] +-/opt/dionaea/lib/dionaea/emu.so(profile+0xbb)[0x89db88] +-/opt/dionaea/lib/dionaea/emu.so(proc_emu_on_io_in+0x1e1)[0x89bfc5] +-/opt/dionaea/bin/dionaea(recurse_io_process+0x31)[0x805df4a] +-/opt/dionaea/bin/dionaea(processors_io_in_thread+0x85)[0x805e08d] +-/opt/dionaea/bin/dionaea(threadpool_wrapper+0x2e)[0x805c99a] +-/opt/dionaea/lib/libglib-2.0.so.0[0xaa9498] +-/opt/dionaea/lib/libglib-2.0.so.0[0xaa7a2f] +-/lib/libpthread.so.0[0xd8973b] +-/lib/libc.so.6(clone+0x5e)[0x2b3cfe] ++Once you read this message, your tty may be broken, simply type reset, so it will come to life again:: ++ ++ /opt/dionaea/bin/dionaea(sigsegv_backtrace_cb+0x20)[0x805c11e] ++ [0x70d420] ++ /opt/dionaea/lib/libemu/libemu.so.2(emu_env_w32_eip_check+0x94)[0x186974] ++ /opt/dionaea/lib/dionaea/emu.so(run+0x39)[0x89cced] ++ /opt/dionaea/lib/dionaea/emu.so(profile+0xbb)[0x89db88] ++ /opt/dionaea/lib/dionaea/emu.so(proc_emu_on_io_in+0x1e1)[0x89bfc5] ++ /opt/dionaea/bin/dionaea(recurse_io_process+0x31)[0x805df4a] ++ /opt/dionaea/bin/dionaea(processors_io_in_thread+0x85)[0x805e08d] ++ /opt/dionaea/bin/dionaea(threadpool_wrapper+0x2e)[0x805c99a] ++ /opt/dionaea/lib/libglib-2.0.so.0[0xaa9498] ++ /opt/dionaea/lib/libglib-2.0.so.0[0xaa7a2f] ++ /lib/libpthread.so.0[0xd8973b] ++ /lib/libc.so.6(clone+0x5e)[0x2b3cfe] + + While the backtrace itself gives an idea what might be wrong, it does + not fix the problem. To fix the problem, the logfiles usually help, as + dionaea is very verbose by default. Below are some hints how to get + started with debugging, click here <#support> for assistance. + ++debugging + +- debugging + ++Valgrind ++======== + +- Valgrind +- +-Valgrind does a great job, here is how I use it: ++Valgrind does a great job, here is how I use it:: + +-valgrind -v --leak-check=full --leak-resolution=high --show-reachable=yes \ +---log-file=dionaea-debug.log /opt/dionaea/bin/dionaea --my-dionaea-options ++ valgrind -v --leak-check=full --leak-resolution=high --show-reachable=yes \ ++ --log-file=dionaea-debug.log /opt/dionaea/bin/dionaea --my-dionaea-options + + +- gdb ++ gdb + + +- logfile assisted ++ logfile assisted + + For the above example, I was able to scrape the shellcode from the + logfile, and run it in libemu, without involving dionaea at all, +-reducing the problem. +- +-gdb /opt/dionaea/bin/sctest +-(gdb) run -S -s 10000000 -g < sc.bin +-Starting program: /media/sda4/opt64/dionaea/bin/sctest -S -s 10000000 -g < sc.bin +- +-Once it crashed, I retrieved a full backtrace: +- +-Program received signal SIGSEGV, Segmentation fault. +-env_w32_hook_GetProcAddress (env=0x629a30, hook=) at environment/win32/env_w32_dll_export_kernel32_hooks.c:545 +-545 struct emu_env_hook *hook = (struct emu_env_hook *)ehi->value; +- +-(gdb) bt full +-#0 env_w32_hook_GetProcAddress (env=0x629a30, hook=) at environment/win32/env_w32_dll_export_kernel32_hooks.c:545 +- dll = 0x6366f0 +- ehi = +- hook = +- c = 0x611180 +- mem = +- eip_save = +- module = 2088763392 +- p_procname = 4289925 +- procname = +-#1 0x00007ffff7b884fb in emu_env_w32_eip_check (env=0x629a30) at environment/win32/emu_env_w32.c:306 +- dll = +- ehi = +- hook = 0x64c5b0 +- eip = +-#2 0x0000000000403995 in test (e=0x60f0e0) at sctestmain.c:277 +- hook = 0xe2 +- ev = 0x0 +- iv = +- cpu = 0x611180 +- mem = +- env = 0x629a30 +- na = +- j = 7169 +- last_vertex = 0x0 +- graph = 0x0 +- eh = 0x0 +- ehi = 0x0 +- ret = +- eipsave = 2088807840 +-#3 0x00000000004044e4 in main (argc=5, argv=0x7fffffffe388) at sctestmain.c:971 +- e = ++reducing the problem:: ++ ++ gdb /opt/dionaea/bin/sctest ++ (gdb) run -S -s 10000000 -g < sc.bin ++ Starting program: /media/sda4/opt64/dionaea/bin/sctest -S -s 10000000 -g < sc.bin ++ ++Once it crashed, I retrieved a full backtrace:: ++ ++ Program received signal SIGSEGV, Segmentation fault. ++ env_w32_hook_GetProcAddress (env=0x629a30, hook=) at environment/win32/env_w32_dll_export_kernel32_hooks.c:545 ++ 545 struct emu_env_hook *hook = (struct emu_env_hook *)ehi->value; ++ ++ (gdb) bt full ++ #0 env_w32_hook_GetProcAddress (env=0x629a30, hook=) at environment/win32/env_w32_dll_export_kernel32_hooks.c:545 ++ dll = 0x6366f0 ++ ehi = ++ hook = ++ c = 0x611180 ++ mem = ++ eip_save = ++ module = 2088763392 ++ p_procname = 4289925 ++ procname = ++ #1 0x00007ffff7b884fb in emu_env_w32_eip_check (env=0x629a30) at environment/win32/emu_env_w32.c:306 ++ dll = ++ ehi = ++ hook = 0x64c5b0 ++ eip = ++ #2 0x0000000000403995 in test (e=0x60f0e0) at sctestmain.c:277 ++ hook = 0xe2 ++ ev = 0x0 ++ iv = ++ cpu = 0x611180 ++ mem = ++ env = 0x629a30 ++ na = ++ j = 7169 ++ last_vertex = 0x0 ++ graph = 0x0 ++ eh = 0x0 ++ ehi = 0x0 ++ ret = ++ eipsave = 2088807840 ++ #3 0x00000000004044e4 in main (argc=5, argv=0x7fffffffe388) at sctestmain.c:971 ++ e = + + In this case, the problem was a bug in libemu. + +- +- gdb dump memory +- +-Once again, it broke, and we got a backtrace: +- +-#0 0xb70b0b57 in emu_queue_enqueue (eq=0xb3da0918, data=0x4724ab) at emu_queue.c:63 +- eqi = (struct emu_queue_item *) 0x0 +-#1 0xb70b15d1 in emu_shellcode_run_and_track (e=0xb4109cd0, data=0xb411c698 "", datasize=, eipoffset=, +- steps=256, etas=0xb410cd60, known_positions=0xb3d7a810, stats_tested_positions_list=0xb3da3bf0, brute_force=true) at emu_shellcode.c:408 +- current_pos_ti_diff = (struct emu_tracking_info *) 0x88c3c88 +- current_pos_ht = +- current_pos_v = +- current_pos_satii = (struct emu_source_and_track_instr_info *) 0xb407e7f8 +- bfs_queue = (struct emu_queue *) 0xb3e17668 +- ret = 4662443 +- eipsave = +- hook = +- j = 4 +- es = +- eli = (struct emu_list_item *) 0xb3e17658 +- cpu = (struct emu_cpu *) 0xb4109ab0 +- mem = (struct emu_memory *) 0xb410c3a0 +- eq = (struct emu_queue *) 0xb3da0918 +- env = (struct emu_env *) 0xb3e10208 +- eli = (struct emu_list_item *) 0x4724ab +-#2 0xb70b1a2a in emu_shellcode_test (e=0xb4109cd0, data=0xb411c698 "", size=) at emu_shellcode.c:546 +- es = (struct emu_stats *) 0xb3d92b28 +- new_results = (struct emu_list_root *) 0xb3da3bf0 +- offset = +- el = (struct emu_list_root *) 0xb4100510 +- etas = (struct emu_track_and_source *) 0xb410cd60 +- eh = (struct emu_hashtable *) 0xb3d7a810 +- eli = (struct emu_list_item *) 0xb3d92b40 +- results = (struct emu_list_root *) 0xb3d82850 +- es = +- __PRETTY_FUNCTION__ = "emu_shellcode_test" +-#3 0xb712140c in proc_emu_on_io_in (con=0x8864b58, pd=0x87dc388) at detect.c:145 +- e = (struct emu *) 0xb4109cd0 +- ctx = (struct emu_ctx *) 0x87a2400 +- offset = 14356 +- streamdata = (void *) 0xb411c698 +- size = 8196 +- ret = 0 +- __PRETTY_FUNCTION__ = "proc_emu_on_io_in" +-#4 0x0805e8be in recurse_io_process (pd=0x87dc388, con=0x8864b58, dir=bistream_in) at processor.c:167 +-No locals. +-#5 0x0805ea01 in processors_io_in_thread (data=0x8864b58, userdata=0x87dc388) at processor.c:197 +- con = (struct connection *) 0x8864b58 +- pd = (struct processor_data *) 0x87dc388 +- __PRETTY_FUNCTION__ = "processors_io_in_thread" +-#6 0x0805d2da in threadpool_wrapper (data=0x87d7bd0, user_data=0x0) at threads.c:49 +- t = (struct thread *) 0x87d7bd0 +- timer = (GTimer *) 0xb4108540 +-#7 0xb77441f6 in g_thread_pool_thread_proxy (data=0x83db460) at gthreadpool.c:265 +- task = (gpointer) 0x87d7bd0 +- pool = (GRealThreadPool *) 0x83db460 +-#8 0xb7742b8f in g_thread_create_proxy (data=0x83dc7d0) at gthread.c:635 +- __PRETTY_FUNCTION__ = "g_thread_create_proxy" +-#9 0xb76744c0 in start_thread () from /lib/i686/cmov/libpthread.so.0 +-No symbol table info available. +-#10 0xb75f36de in clone () from /lib/i686/cmov/libc.so.6 +-No symbol table info available. ++ gdb dump memory ++ ++Once again, it broke, and we got a backtrace:: ++ ++ #0 0xb70b0b57 in emu_queue_enqueue (eq=0xb3da0918, data=0x4724ab) at emu_queue.c:63 ++ eqi = (struct emu_queue_item *) 0x0 ++ #1 0xb70b15d1 in emu_shellcode_run_and_track (e=0xb4109cd0, data=0xb411c698 "", datasize=, eipoffset=, ++ steps=256, etas=0xb410cd60, known_positions=0xb3d7a810, stats_tested_positions_list=0xb3da3bf0, brute_force=true) at emu_shellcode.c:408 ++ current_pos_ti_diff = (struct emu_tracking_info *) 0x88c3c88 ++ current_pos_ht = ++ current_pos_v = ++ current_pos_satii = (struct emu_source_and_track_instr_info *) 0xb407e7f8 ++ bfs_queue = (struct emu_queue *) 0xb3e17668 ++ ret = 4662443 ++ eipsave = ++ hook = ++ j = 4 ++ es = ++ eli = (struct emu_list_item *) 0xb3e17658 ++ cpu = (struct emu_cpu *) 0xb4109ab0 ++ mem = (struct emu_memory *) 0xb410c3a0 ++ eq = (struct emu_queue *) 0xb3da0918 ++ env = (struct emu_env *) 0xb3e10208 ++ eli = (struct emu_list_item *) 0x4724ab ++ #2 0xb70b1a2a in emu_shellcode_test (e=0xb4109cd0, data=0xb411c698 "", size=) at emu_shellcode.c:546 ++ es = (struct emu_stats *) 0xb3d92b28 ++ new_results = (struct emu_list_root *) 0xb3da3bf0 ++ offset = ++ el = (struct emu_list_root *) 0xb4100510 ++ etas = (struct emu_track_and_source *) 0xb410cd60 ++ eh = (struct emu_hashtable *) 0xb3d7a810 ++ eli = (struct emu_list_item *) 0xb3d92b40 ++ results = (struct emu_list_root *) 0xb3d82850 ++ es = ++ __PRETTY_FUNCTION__ = "emu_shellcode_test" ++ #3 0xb712140c in proc_emu_on_io_in (con=0x8864b58, pd=0x87dc388) at detect.c:145 ++ e = (struct emu *) 0xb4109cd0 ++ ctx = (struct emu_ctx *) 0x87a2400 ++ offset = 14356 ++ streamdata = (void *) 0xb411c698 ++ size = 8196 ++ ret = 0 ++ __PRETTY_FUNCTION__ = "proc_emu_on_io_in" ++ #4 0x0805e8be in recurse_io_process (pd=0x87dc388, con=0x8864b58, dir=bistream_in) at processor.c:167 ++ No locals. ++ #5 0x0805ea01 in processors_io_in_thread (data=0x8864b58, userdata=0x87dc388) at processor.c:197 ++ con = (struct connection *) 0x8864b58 ++ pd = (struct processor_data *) 0x87dc388 ++ __PRETTY_FUNCTION__ = "processors_io_in_thread" ++ #6 0x0805d2da in threadpool_wrapper (data=0x87d7bd0, user_data=0x0) at threads.c:49 ++ t = (struct thread *) 0x87d7bd0 ++ timer = (GTimer *) 0xb4108540 ++ #7 0xb77441f6 in g_thread_pool_thread_proxy (data=0x83db460) at gthreadpool.c:265 ++ task = (gpointer) 0x87d7bd0 ++ pool = (GRealThreadPool *) 0x83db460 ++ #8 0xb7742b8f in g_thread_create_proxy (data=0x83dc7d0) at gthread.c:635 ++ __PRETTY_FUNCTION__ = "g_thread_create_proxy" ++ #9 0xb76744c0 in start_thread () from /lib/i686/cmov/libpthread.so.0 ++ No symbol table info available. ++ #10 0xb75f36de in clone () from /lib/i686/cmov/libc.so.6 ++ No symbol table info available. + + Again, it was a bug in libemu, an unbreakable loop consuming all memory. + To reproduce, we have to dump the tested buffer, therefore we need the + buffers address and size. Luckily the size is noted in frame #2 as 8196 + and and the data address is a parameter which got not optimized out for +-frame #2. ++frame #2:: + +-dump binary memory /tmp/sc.bin 0xb411c698 0xb411e89c ++ dump binary memory /tmp/sc.bin 0xb411c698 0xb411e89c + + Afterwards, debugging libemu by feeding the data into sctest is easy. + + I've had fun with objgraph and gdb debugging reference count leaks in + python too, here is the +-writeup. +- ++writeup:: + +- gdb python3 embedded ++ gdb python3 embedded + + Sometimes, there is something wrong with the python scripts, but gdb +-does not provide any useful output: +- +-bt full +-#12 0xb765f12d in PyEval_EvalFrameEx (f=0x825998c, throwflag=0) at Python/ceval.c:2267 +- stack_pointer = (PyObject **) 0x8259af0 +- next_instr = (unsigned char *) 0x812fabf "m'" +- opcode = 100 +- oparg = +- why = 3071731824 +- err = 1 +- x = (PyObject *) 0xb7244aac +- v = +- w = (PyObject *) 0xadb5e4dc +- u = (PyObject *) 0xb775ccb0 +- freevars = (PyObject **) 0x8259af0 +- retval = (PyObject *) 0x0 +- tstate = (PyThreadState *) 0x809aab0 +- co = (PyCodeObject *) 0xb717b800 +- instr_ub = -1 +- instr_lb = 0 +- instr_prev = -1 +- first_instr = (unsigned char *) 0x812f918 "t" +- names = (PyObject *) 0xb723f50c +- consts = (PyObject *) 0xb71c9f7c +- opcode_targets = {0xb765d202, 0xb765f60a, 0xb766133a, 0xb76612db, 0xb7661285, 0xb7661222, 0xb765d202, 0xb765d202, 0xb765d202, 0xb76611dd, +- 0xb766114b, 0xb76610b9, 0xb766100f, 0xb765d202, 0xb765d202, 0xb7660f7d, 0xb765d202, 0xb765d202, 0xb765d202, 0xb7660eb7, 0xb7660dfb, 0xb765d202, +- 0xb7660d30, 0xb7660c65, 0xb7660ba9, 0xb7660aed, 0xb7660a31, 0xb7660975, 0xb76608b9, 0xb76607fd, 0xb765d202 , 0xb7660736, 0xb766066b, +- 0xb76605af, 0xb76604f3, 0xb765d202, 0xb7660437, 0xb766035d, 0xb76602ad, 0xb7661aba, 0xb76619fe, 0xb7661942, 0xb7661886, 0xb7661b76, 0xb76614a8, +- 0xb7661413, 0xb766138e, 0xb766171f, 0xb76616e6, 0xb765d202, 0xb765d202, 0xb765d202, 0xb766162a, 0xb766156e, 0xb76601f1, 0xb7660135, 0xb76617ca, +- 0xb7660120, 0xb765fff7, 0xb765d202, 0xb765fd72, 0xb765fc6e, 0xb765d202, 0xb765fc1d, 0xb765fe17, 0xb765fd90, 0xb765fec0, 0xb765fb41, 0xb765fadc, +- 0xb765f9ed, 0xb765f94d, 0xb765f8be, 0xb765f7e3, 0xb765f779, 0xb765f6bd, 0xb765f66c, 0xb765ef1d, 0xb765eea2, 0xb765ede1, 0xb765ed1a, 0xb765ec35, +- 0xb765ebc3, 0xb765eb30, 0xb765ea69, 0xb765f1c7, 0xb765f027, 0xb765f560, 0xb765efc1, 0xb76630e3, 0xb766310c, 0xb765e64c, 0xb765e592, 0xb765f49a, +- 0xb765f3de, 0xb765d202, 0xb765d202, 0xb765f39e, 0xb7663135, 0xb766315f, 0xb765e9cb, 0xb765d202, 0xb765e948, 0xb765e8bb, 0xb765e817, 0xb765d202, +- 0xb765d202, 0xb765d202, 0xb765d2ae, 0xb765e3e0, 0xb7663275, 0xb765e1a2, 0xb766324e, 0xb765e0ba, 0xb765e01e, 0xb765df74, 0xb765d202, 0xb765d202, +- 0xb7663189, 0xb76631d3, 0xb7663220, 0xb765e149, 0xb765d202, 0xb765de09, 0xb765dec0, 0xb765f2c0, 0xb765d202 } +-#13 0xb7664ac0 in PyEval_EvalCodeEx (co=0xb717b800, globals=0xb7160b54, locals=0x0, args=0x84babb8, argcount=9, kws=0x0, kwcount=0, defs=0xb719e978, +- defcount=1, kwdefs=0x0, closure=0x0) at Python/ceval.c:3198 +- f = (PyFrameObject *) 0x825998c +- retval = +- freevars = (PyObject **) 0x8259af0 +- tstate = (PyThreadState *) 0x809aab0 +- x = +- u = ++does not provide any useful output:: ++ ++ bt full ++ #12 0xb765f12d in PyEval_EvalFrameEx (f=0x825998c, throwflag=0) at Python/ceval.c:2267 ++ stack_pointer = (PyObject **) 0x8259af0 ++ next_instr = (unsigned char *) 0x812fabf "m'" ++ opcode = 100 ++ oparg = ++ why = 3071731824 ++ err = 1 ++ x = (PyObject *) 0xb7244aac ++ v = ++ w = (PyObject *) 0xadb5e4dc ++ u = (PyObject *) 0xb775ccb0 ++ freevars = (PyObject **) 0x8259af0 ++ retval = (PyObject *) 0x0 ++ tstate = (PyThreadState *) 0x809aab0 ++ co = (PyCodeObject *) 0xb717b800 ++ instr_ub = -1 ++ instr_lb = 0 ++ instr_prev = -1 ++ first_instr = (unsigned char *) 0x812f918 "t" ++ names = (PyObject *) 0xb723f50c ++ consts = (PyObject *) 0xb71c9f7c ++ opcode_targets = {0xb765d202, 0xb765f60a, 0xb766133a, 0xb76612db, 0xb7661285, 0xb7661222, 0xb765d202, 0xb765d202, 0xb765d202, 0xb76611dd, ++ 0xb766114b, 0xb76610b9, 0xb766100f, 0xb765d202, 0xb765d202, 0xb7660f7d, 0xb765d202, 0xb765d202, 0xb765d202, 0xb7660eb7, 0xb7660dfb, 0xb765d202, ++ 0xb7660d30, 0xb7660c65, 0xb7660ba9, 0xb7660aed, 0xb7660a31, 0xb7660975, 0xb76608b9, 0xb76607fd, 0xb765d202 , 0xb7660736, 0xb766066b, ++ 0xb76605af, 0xb76604f3, 0xb765d202, 0xb7660437, 0xb766035d, 0xb76602ad, 0xb7661aba, 0xb76619fe, 0xb7661942, 0xb7661886, 0xb7661b76, 0xb76614a8, ++ 0xb7661413, 0xb766138e, 0xb766171f, 0xb76616e6, 0xb765d202, 0xb765d202, 0xb765d202, 0xb766162a, 0xb766156e, 0xb76601f1, 0xb7660135, 0xb76617ca, ++ 0xb7660120, 0xb765fff7, 0xb765d202, 0xb765fd72, 0xb765fc6e, 0xb765d202, 0xb765fc1d, 0xb765fe17, 0xb765fd90, 0xb765fec0, 0xb765fb41, 0xb765fadc, ++ 0xb765f9ed, 0xb765f94d, 0xb765f8be, 0xb765f7e3, 0xb765f779, 0xb765f6bd, 0xb765f66c, 0xb765ef1d, 0xb765eea2, 0xb765ede1, 0xb765ed1a, 0xb765ec35, ++ 0xb765ebc3, 0xb765eb30, 0xb765ea69, 0xb765f1c7, 0xb765f027, 0xb765f560, 0xb765efc1, 0xb76630e3, 0xb766310c, 0xb765e64c, 0xb765e592, 0xb765f49a, ++ 0xb765f3de, 0xb765d202, 0xb765d202, 0xb765f39e, 0xb7663135, 0xb766315f, 0xb765e9cb, 0xb765d202, 0xb765e948, 0xb765e8bb, 0xb765e817, 0xb765d202, ++ 0xb765d202, 0xb765d202, 0xb765d2ae, 0xb765e3e0, 0xb7663275, 0xb765e1a2, 0xb766324e, 0xb765e0ba, 0xb765e01e, 0xb765df74, 0xb765d202, 0xb765d202, ++ 0xb7663189, 0xb76631d3, 0xb7663220, 0xb765e149, 0xb765d202, 0xb765de09, 0xb765dec0, 0xb765f2c0, 0xb765d202 } ++ #13 0xb7664ac0 in PyEval_EvalCodeEx (co=0xb717b800, globals=0xb7160b54, locals=0x0, args=0x84babb8, argcount=9, kws=0x0, kwcount=0, defs=0xb719e978, ++ defcount=1, kwdefs=0x0, closure=0x0) at Python/ceval.c:3198 ++ f = (PyFrameObject *) 0x825998c ++ retval = ++ freevars = (PyObject **) 0x8259af0 ++ tstate = (PyThreadState *) 0x809aab0 ++ x = ++ u = + + Luckily python3 ships with some gdb macros, which assist in dealing with + this mess. You can grab them over here +@@ -234,14 +232,14 @@ SIGTTOU, Stopped (tty output).*/, run stty -nostop before running gdb, + reattach the process with fg, close gdb properly, and start over. + + Once you got the macros loaded properly at gdb startup, set a breakpoint +-on PyEval_EvalFrameEx after dionaea loaded everything: ++on PyEval_EvalFrameEx after dionaea loaded everything:: + +-break PyEval_EvalFrameEx ++ break PyEval_EvalFrameEx + +-Then we have some useful macros for gdb: ++Then we have some useful macros for gdb:: + +-up +-pyframev ++ up ++ pyframev + + pyframev combines the output of pyframe and pylocals. + +diff --git a/doc/source/old/utils.rst b/doc/source/old/utils.rst +index 752362e..657767e 100644 +--- a/doc/source/old/utils.rst ++++ b/doc/source/old/utils.rst +@@ -3,21 +3,21 @@ Utils + + Dionaea ships with some utils, as these utils are written in python and + rely on the python3 interpreter dionaea requires to operate, this +-software can be found in modules/python/utils. ++software can be found in modules/python/utils:: + + +- readlogsqltree <#readlogsqltree> - +- modules/python/readlogsqltree.py ++ readlogsqltree <#readlogsqltree> - ++ modules/python/readlogsqltree.py + + readlogsqltree is a python3 script which queries the logsql sqlite + database for attacks, and prints out all related information for every + attack. + This is an example for an attack, you get the vulnerability exploited, + the time, the attacker, information about the shellcode, the file +-offered for download, and even the virustotal report for the file. ++offered for download, and even the virustotal report for the file:: + +-2010-10-07 20:37:27 +- connection 483256 smbd tcp accept 10.0.1.11:445 <- 93.177.176.190:47650 (483256 None) ++ 2010-10-07 20:37:27 ++ connection 483256 smbd tcp accept 10.0.1.11:445 <- 93.177.176.190:47650 (483256 None) + dcerpc bind: uuid '4b324fc8-1670-01d3-1278-5a47bf6ee188' (SRVSVC) transfersyntax 8a885d04-1ceb-11c9-9fe8-08002b104860 + dcerpc bind: uuid '7d705026-884d-af82-7b3d-961deaeb179a' (None) transfersyntax 8a885d04-1ceb-11c9-9fe8-08002b104860 + dcerpc bind: uuid '7f4fdfe9-2be7-4d6b-a5d4-aa3c831503a1' (None) transfersyntax 8a885d04-1ceb-11c9-9fe8-08002b104860 +@@ -38,49 +38,47 @@ offered for download, and even the virustotal report for the file. + + + To create such report for your own honeypots activities for the last 24 +-hours run: ++hours run:: + + +-./readlogsqltree.py -t $(date '+%s')-24*3600 /opt/dionaea/var/dionaea/logsql.sqlite ++ ./readlogsqltree.py -t $(date '+%s')-24*3600 /opt/dionaea/var/dionaea/logsql.sqlite + + +- gnuplotsql <#gnuplotsql> - modules/python/gnuplotsql.py ++ gnuplotsql <#gnuplotsql> - modules/python/gnuplotsql.py + + gnuplotsql is a very slow python3 script which runs some queries on the + logsql <#logsql> sqlite database and creates graphs with gnuplot of the + data, stores them on disk and creates an index of the data. The images + are per protocol and look like this: Overview for dionaea smbd. + Here is how the whole thing looks like. +-To create such images of your own data, run: ++To create such images of your own data, run:: + + +-./gnuplotsql.py -d /opt/dionaea/var/dionaea/logsql.sqlite -p smbd -p epmapper -p mssqld -p httpd -p ftpd ++ ./gnuplotsql.py -d /opt/dionaea/var/dionaea/logsql.sqlite -p smbd -p epmapper -p mssqld -p httpd -p ftpd + + The blog got something on gnuplotsql as well: + +- * 2010-12-05 sudden death +- * 2010-10-01 Infosanity's Blog: gnuplotsql.py +- +- * 2010-09-19 gnuplotsql ++ * `2010-12-05 sudden death `_ ++ * `2010-10-01 Infosanity's Blog: gnuplotsql.py `_ ++ * `2010-09-19 gnuplotsql `_ + ++:: + +- pg_backend <#pg_backend> - modules/python/xmpp/pg_backend.py ++ pg_backend <#pg_backend> - modules/python/xmpp/pg_backend.py + + pg_backend is the backend for logxmpp <#logxmpp>, currently it is a + python2.x script which uses pyxmpp to access the xmpp service. It parses + the messages received and can store the events in a postgres database +-and the received files on disk. pg_backend requires an xmpp account. +-/without db/ ++and the received files on disk. pg_backend requires an xmpp account:: + ++ /without db/ ++ ./pg_backend.py -U USER@sensors.carnivore.it -P XMPPPASS -M dionaea.sensors.carnivore.it -C anon-files -C anon-events -f /tmp/ + +-./pg_backend.py -U USER@sensors.carnivore.it -P XMPPPASS -M dionaea.sensors.carnivore.it -C anon-files -C anon-events -f /tmp/ ++ /with db/ ++ create database + ++ psql ... + +-/with db/ create database ++ start backend + +-psql ... +- +-start backend +- +- +-./pg_backend.py -U USER@sensors.carnivore.it -P XMPPPASS -M dionaea.sensors.carnivore.it -C anon-files -C anon-events -s DBHOST -u DBUSER -d xmpp -p DBPASS -f /tmp/ ++ ./pg_backend.py -U USER@sensors.carnivore.it -P XMPPPASS -M dionaea.sensors.carnivore.it -C anon-files -C anon-events -s DBHOST -u DBUSER -d xmpp -p DBPASS -f /tmp/ +diff --git a/conf/ihandlers/log_sqlite.yaml.in b/conf/ihandlers/log_sqlite.yaml.in +index 2866f25..d781ca1 100644 +--- a/conf/ihandlers/log_sqlite.yaml.in ++++ b/conf/ihandlers/log_sqlite.yaml.in +@@ -1,3 +1,4 @@ + - name: log_sqlite + config: + file: @LOCALESTATEDIR@/dionaea/dionaea.sqlite ++ +diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst +index 962c18b..76f995c 100644 +--- a/doc/source/configuration.rst ++++ b/doc/source/configuration.rst +@@ -5,7 +5,7 @@ If you want to change the software, it is really important to understand how it + :file:`dionaea.cfg` is the main configuration file. + In the example below you can see the default configuration. + +-.. literalinclude:: ../../conf/dionaea.cfg.in ++.. literalinclude:: ../../conf/dionaea.cfg + :language: ini + :caption: dionaea.cfg + +diff --git a/doc/source/ihandler/fail2ban.rst b/doc/source/ihandler/fail2ban.rst +index d0e0fe3..e6bb225 100644 +--- a/doc/source/ihandler/fail2ban.rst ++++ b/doc/source/ihandler/fail2ban.rst +@@ -4,6 +4,6 @@ fail2ban + Example config + -------------- + +-.. literalinclude:: ../../../conf/ihandlers/fail2ban.yaml.in ++.. literalinclude:: ../../../conf/ihandlers/fail2ban.yaml + :language: yaml + :caption: ihandlers/fail2ban.yaml +\ No newline at end of file +diff --git a/doc/source/ihandler/log_db_sql.rst b/doc/source/ihandler/log_db_sql.rst +index ca85b78..a109c63 100644 +--- a/doc/source/ihandler/log_db_sql.rst ++++ b/doc/source/ihandler/log_db_sql.rst +@@ -9,7 +9,7 @@ It uses `SQLAlchemy`_ to support different databases. + Example config + -------------- + +-.. literalinclude:: ../../../conf/ihandlers/log_db_sql.yaml.in ++.. literalinclude:: ../../../conf/ihandlers/log_db_sql.yaml + :language: yaml + :caption: ihandlers/log_db_sql.yaml + +diff --git a/doc/source/ihandler/log_incident.rst b/doc/source/ihandler/log_incident.rst +index 3c62552..f9830a7 100644 +--- a/doc/source/ihandler/log_incident.rst ++++ b/doc/source/ihandler/log_incident.rst +@@ -39,6 +39,6 @@ Format + Example config + -------------- + +-.. literalinclude:: ../../../conf/ihandlers/log_incident.yaml.in ++.. literalinclude:: ../../../conf/ihandlers/log_incident.yaml + :language: yaml + :caption: ihandlers/log_incident.yaml +diff --git a/doc/source/ihandler/log_json.rst b/doc/source/ihandler/log_json.rst +index e6f3bfe..000d5ac 100644 +--- a/doc/source/ihandler/log_json.rst ++++ b/doc/source/ihandler/log_json.rst +@@ -46,6 +46,6 @@ Format of the connection information: + Example config + -------------- + +-.. literalinclude:: ../../../conf/ihandlers/log_json.yaml.in ++.. literalinclude:: ../../../conf/ihandlers/log_json.yaml + :language: yaml + :caption: ihandlers/log_json.yaml +diff --git a/doc/source/ihandler/log_sqlite.rst b/doc/source/ihandler/log_sqlite.rst +index e6cca5b..5450912 100644 +--- a/doc/source/ihandler/log_sqlite.rst ++++ b/doc/source/ihandler/log_sqlite.rst +@@ -39,7 +39,8 @@ for more examples how to make use of the database. + Example config + -------------- + +-:: +- .. literalinclude:: ../../../conf/ihandlers/log_sqlite.yaml.in ++.. literalinclude:: ../../../conf/ihandlers/log_sqlite.yaml + :language: yaml + :caption: ihandlers/log_sqlite.yaml ++ ++ +diff --git a/doc/source/ihandler/virustotal.rst b/doc/source/ihandler/virustotal.rst +index dc7923e..3f64a02 100644 +--- a/doc/source/ihandler/virustotal.rst ++++ b/doc/source/ihandler/virustotal.rst +@@ -18,7 +18,7 @@ Configuration + Example config + -------------- + +-.. literalinclude:: ../../../conf/ihandlers/virustotal.yaml.in ++.. literalinclude:: ../../../conf/ihandlers/virustotal.yaml + :language: yaml + :caption: ihandlers/virustotal.yaml + +diff --git a/doc/source/service/ftp.rst b/doc/source/service/ftp.rst +index 0f0d52b..0c54bc9 100644 +--- a/doc/source/service/ftp.rst ++++ b/doc/source/service/ftp.rst +@@ -9,6 +9,7 @@ something interesting happening on port 21. + Example config + -------------- + +-.. literalinclude:: ../../../conf/services/ftp.yaml.in ++.. literalinclude:: ../../../conf/services/ftp.yaml + :language: yaml +- :caption: services/ftp.yaml +\ No newline at end of file ++ :caption: services/ftp.yaml ++ +diff --git a/doc/source/service/http.rst b/doc/source/service/http.rst +index 9e34fce..847d928 100644 +--- a/doc/source/service/http.rst ++++ b/doc/source/service/http.rst +@@ -41,7 +41,7 @@ root + Example config + -------------- + +-.. literalinclude:: ../../../conf/services/http.yaml.in ++.. literalinclude:: ../../../conf/services/http.yaml + :language: yaml + :caption: services/http.yaml + +diff --git a/doc/source/service/tftp.rst b/doc/source/service/tftp.rst +index 436b616..6c159d8 100644 +--- a/doc/source/service/tftp.rst ++++ b/doc/source/service/tftp.rst +@@ -9,6 +9,6 @@ tftp services. + Example config + -------------- + +-.. literalinclude:: ../../../conf/services/tftp.yaml.in ++.. literalinclude:: ../../../conf/services/tftp.yaml + :language: yaml + :caption: services/tftp.yaml +diff --git a/doc/source/service/upnp.rst b/doc/source/service/upnp.rst +index fa50de7..e28f928 100644 +--- a/doc/source/service/upnp.rst ++++ b/doc/source/service/upnp.rst +@@ -4,6 +4,6 @@ UPnP + Example config + -------------- + +-.. literalinclude:: ../../../conf/services/upnp.yaml.in ++.. literalinclude:: ../../../conf/services/upnp.yaml + :language: yaml + :caption: services/upnp.yaml diff --git a/dionaea-07_cython_el7.patch b/dionaea-07_cython_el7.patch new file mode 100644 index 0000000..bf85414 --- /dev/null +++ b/dionaea-07_cython_el7.patch @@ -0,0 +1,19 @@ +On RHEL7 the python3 binary is actually naed python3.4. +The usual python3 is not available there. +Searching explicitly for python3.4 amongst the others will fix the issue. + +Merged to upstream with 0.7.0 + +https://github.com/DinoTools/dionaea/pull/180 +diff -ru dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.orig/configure.ac dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.new/configure.ac +--- dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.orig/configure.ac 2018-03-26 21:49:11.042568472 +0200 ++++ dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.new/configure.ac 2018-03-26 21:49:29.854553159 +0200 +@@ -580,7 +580,7 @@ + [cython_dir="$withval"],[cython_dir=$PATH]) + + if test x$enable_cython = "xyes" ; then +- AC_PATH_PROGS(CYTHON_BIN, [cython3 cython], "no", $cython_dir) ++ AC_PATH_PROGS(CYTHON_BIN, [cython3.4 cython3 cython], "no", $cython_dir) + if test "x$CYTHON_BIN" == "xno" ; then + enable_cython="no" + fi diff --git a/dionaea-08_modules_libdir.patch b/dionaea-08_modules_libdir.patch new file mode 100644 index 0000000..9a37f2d --- /dev/null +++ b/dionaea-08_modules_libdir.patch @@ -0,0 +1,51 @@ +fix hardcoded /lib dir +on 64 platform the RedHat based distrubutions prefer the lib directories to +have different names for 64 bit (lib64) and 32 bit (lib). +This fix allows to configure that at compile time. + +https://github.com/DinoTools/dionaea/pull/181 + +diff -ru dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.orig/modules/python/module.c dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.new/modules/python/module.c +--- dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.orig/modules/python/module.c 2018-03-26 22:14:31.519330709 +0200 ++++ dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.new/modules/python/module.c 2018-03-26 22:15:40.311274663 +0200 +@@ -348,7 +348,7 @@ + + Py_Initialize(); + +- runtime.sys_path = g_string_new(PREFIX"/lib/dionaea/python/"); ++ runtime.sys_path = g_string_new(LIBDIR"/dionaea/python/"); + + PyObject *name = PyUnicode_FromString("traceback"); + runtime.traceback.module = PyImport_Import(name); +@@ -366,7 +366,7 @@ + + for (sys_path = sys_paths; *sys_path; sys_path++) { + if( strcmp(*sys_path, "default") == 0 ) { +- sprintf(relpath, "sys.path.insert(%i, '%s/lib/dionaea/python/')", i, PREFIX); ++ sprintf(relpath, "sys.path.insert(%i, '%s/dionaea/python/')", i, LIBDIR); + } else { + // ToDO + /* if( *sys_path == '/' ) +diff -ru dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.orig/src/modules.c dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.new/src/modules.c +--- dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.orig/src/modules.c 2018-03-26 22:14:31.504330721 +0200 ++++ dionaea-d2efb768e753a7f1ddca6dbf402548d741f33574.new/src/modules.c 2018-03-26 22:21:08.852001664 +0200 +@@ -114,7 +114,7 @@ + for (name = names; *name; name++) { + + gchar module_path[1024]; +- if( g_snprintf(module_path, 1023, PREFIX"/lib/dionaea/%s.so", *name) == -1 ) ++ if( g_snprintf(module_path, 1023, LIBDIR"/dionaea/%s.so", *name) == -1 ) + return; + + g_message("loading module %s (%s)", *name, module_path); +diff -ru dionaea-0.7.0.orig/config.h.cmake dionaea-0.7.0.new/config.h.cmake +--- dionaea-0.7.0.orig/config.h.cmake 2018-05-11 01:20:46.645826049 +0200 ++++ dionaea-0.7.0.new/config.h.cmake 2018-05-11 01:18:51.860064505 +0200 +@@ -8,6 +8,7 @@ + #define DEBUG "${DEBUG}" + + #define PREFIX "${CMAKE_INSTALL_PREFIX}" ++#define LIBDIR "${CMAKE_INSTALL_FULL_LIBDIR}" + #define SYSCONFDIR "${CMAKE_INSTALL_FULL_SYSCONFDIR}" + #define LOCALSTATEDIR "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}" + #define LOCALESTATEDIR "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}" diff --git a/dionaea-09_setgroups_before_setresuid.patch b/dionaea-09_setgroups_before_setresuid.patch new file mode 100644 index 0000000..8d6d25d --- /dev/null +++ b/dionaea-09_setgroups_before_setresuid.patch @@ -0,0 +1,28 @@ +diff --git a/src/dionaea.c b/src/dionaea.c +index e52673d..d6c1e86 100644 +--- a/src/dionaea.c ++++ b/src/dionaea.c +@@ -774,10 +774,19 @@ opt->stdOUT.filter); + g_error("Could not change group"); + } + +- if( opt->user.name != NULL && +- setresuid(opt->user.id, opt->user.id, opt->user.id) < 0 ) +- { +- g_error("Could not change user"); ++ if( opt->user.name != NULL ) ++ { ++ /* try to drop any (superuser) groups before dropping root privileges */ ++ if ( setgroups(0, NULL) < 0 ) ++ { ++ g_warning("Setgroups dropping groups failed"); ++ } ++ ++ /* drop from root privileges to normal user */ ++ if( setresuid(opt->user.id, opt->user.id, opt->user.id) < 0 ) ++ { ++ g_error("Could not change user"); ++ } + } + + options_free(opt); diff --git a/dionaea-10_chdir_before_chroot.patch b/dionaea-10_chdir_before_chroot.patch new file mode 100644 index 0000000..38d46f6 --- /dev/null +++ b/dionaea-10_chdir_before_chroot.patch @@ -0,0 +1,16 @@ +Fix the potential vunerability of current working directory being off the chroot +Merged upstream in 0.7.0 +diff --git a/src/dionaea.c b/src/dionaea.c +index e52673d..88ac690 100644 +--- a/src/dionaea.c ++++ b/src/dionaea.c +@@ -720,7 +720,8 @@ opt->stdOUT.filter); + // chroot + if( opt->root != NULL ) + { +- if ( chroot(opt->root) != 0 ) ++ /* change working dir to the new root directory and chroot */ ++ if ( chdir(opt->root) != 0 && chroot(opt->root) != 0 ) + { + g_error("Could not chroot(\"%s\") (%s)", opt->root, strerror(errno)); + } else diff --git a/dionaea-11_obsolete_m4.patch b/dionaea-11_obsolete_m4.patch new file mode 100644 index 0000000..b0402a4 --- /dev/null +++ b/dionaea-11_obsolete_m4.patch @@ -0,0 +1,14 @@ +Merged upstream in 0.7.0 +diff -up dionaea-1748f3b3936aa1da2d92500251ae8010fe181dfc/configure.ac.fix_obsolete_macros dionaea-1748f3b3936aa1da2d92500251ae8010fe181dfc/configure.ac +--- dionaea-1748f3b3936aa1da2d92500251ae8010fe181dfc/configure.ac.fix_obsolete_macros 2018-03-26 12:08:28.000000000 +0200 ++++ dionaea-1748f3b3936aa1da2d92500251ae8010fe181dfc/configure.ac 2018-04-07 14:42:03.306757293 +0200 +@@ -25,7 +25,7 @@ AC_C_BIGENDIAN + # Checks for programs. + AC_PROG_CC + AC_PROG_MAKE_SET +-AC_PROG_LIBTOOL ++LT_INIT + + AC_CHECK_HEADERS([stdint.h stdlib.h string.h strings.h unistd.h netpacket/packet.h execinfo.h linux/sockios.h]) + + diff --git a/dionaea-12_py_module_version.patch b/dionaea-12_py_module_version.patch new file mode 100644 index 0000000..8fa0411 --- /dev/null +++ b/dionaea-12_py_module_version.patch @@ -0,0 +1,11 @@ +diff -ru dionaea-0.7.0/modules/python/setup.py.in dionaea-0.7.0.new/modules/python/setup.py.in +--- dionaea-0.7.0/modules/python/setup.py.in 2023-10-05 00:42:27.965474398 +0200 ++++ dionaea-0.7.0.new/modules/python/setup.py.in 2023-10-05 01:00:14.217496327 +0200 +@@ -100,6 +100,7 @@ + + setup( + name = 'dionaea', ++ version = '@VERSION@', + cmdclass = {'build_ext': build_ext}, + ext_modules = ext_modules, + ) diff --git a/dionaea-13_GetSize_deprecated.patch b/dionaea-13_GetSize_deprecated.patch new file mode 100644 index 0000000..3ca01c5 --- /dev/null +++ b/dionaea-13_GetSize_deprecated.patch @@ -0,0 +1,12 @@ +diff -ru dionaea-0.7.0/modules/python/module.c dionaea-0.7.0.new/modules/python/module.c +--- dionaea-0.7.0/modules/python/module.c 2023-10-05 02:34:45.932378106 +0200 ++++ dionaea-0.7.0.new/modules/python/module.c 2023-10-05 02:36:19.072753468 +0200 +@@ -985,7 +985,7 @@ + } else + return g_strdup(""); + +- Py_ssize_t pysize = PyUnicode_GetSize(pyobjectstr); ++ Py_ssize_t pysize = PyUnicode_GetLength(pyobjectstr); + wchar_t * str = (wchar_t *) malloc((pysize + 1) * sizeof(wchar_t)); + PyUnicode_AsWideChar(pyobjectstr, str, pysize); + str[pysize] = '\0'; diff --git a/dionaea-14_safe_load.patch b/dionaea-14_safe_load.patch new file mode 100644 index 0000000..956ed26 --- /dev/null +++ b/dionaea-14_safe_load.patch @@ -0,0 +1,14 @@ +diff -ru dionaea-0.7.0/modules/python/dionaea/__init__.py dionaea-0.7.0.new/modules/python/dionaea/__init__.py +--- dionaea-0.7.0/modules/python/dionaea/__init__.py 2018-05-01 22:22:13.000000000 +0200 ++++ dionaea-0.7.0.new/modules/python/dionaea/__init__.py 2023-10-05 04:01:50.852135935 +0200 +@@ -70,7 +70,7 @@ + for filename_pattern in filename_patterns: + for filename in glob.glob(filename_pattern): + fp = open(filename) +- file_configs = yaml.load(fp) ++ file_configs = yaml.safe_load(fp) + if isinstance(file_configs, (tuple, list)): + configs += file_configs +- return configs +\ No newline at end of file ++ return configs diff --git a/dionaea-15_pyeval_callobject.patch b/dionaea-15_pyeval_callobject.patch new file mode 100644 index 0000000..ed2cc6a --- /dev/null +++ b/dionaea-15_pyeval_callobject.patch @@ -0,0 +1,76 @@ +The PyEval_CallObject API is obsolete in python 3.12, use PyObject_CallObject instead +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/module.c dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/module.c +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/module.c 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/module.c 2024-07-04 15:38:00.956643590 +0200 +@@ -138,7 +138,7 @@ + Py_DECREF(module); + PyObject *func = PyObject_GetAttrString(module, "remoteshell"); + PyObject *arglist = Py_BuildValue("()"); +- PyObject *r = PyEval_CallObject(func, arglist); ++ PyObject *r = PyObject_CallObject(func, arglist); + Py_DECREF(arglist); + g_debug("r %p", r); + struct head +@@ -181,7 +181,7 @@ + PyObject *func = PyObject_GetAttrString(i->module, "stop"); + if ( func != NULL ) { + PyObject *arglist = Py_BuildValue("()"); +- PyObject *r = PyEval_CallObject(func, arglist); ++ PyObject *r = PyObject_CallObject(func, arglist); + traceback(); + // PyErr_Print(); + Py_DECREF(arglist); +@@ -203,7 +203,7 @@ + func = PyObject_GetAttrString(module, "new"); + if( func != NULL ) { + PyObject *arglist = Py_BuildValue("()"); +- PyObject *r = PyEval_CallObject(func, arglist); ++ PyObject *r = PyObject_CallObject(func, arglist); + traceback(); + Py_DECREF(arglist); + Py_XDECREF(r); +@@ -214,7 +214,7 @@ + func = PyObject_GetAttrString(module, "start"); + if( func != NULL ) { + PyObject *arglist = Py_BuildValue("()"); +- PyObject *r = PyEval_CallObject(func, arglist); ++ PyObject *r = PyObject_CallObject(func, arglist); + traceback(); + Py_DECREF(arglist); + Py_XDECREF(r); +@@ -239,7 +239,7 @@ + PyObject *func = PyObject_GetAttrString(module, "new"); + if( func != NULL ) { + PyObject *arglist = Py_BuildValue("()"); +- PyObject *r = PyEval_CallObject(func, arglist); ++ PyObject *r = PyObject_CallObject(func, arglist); + Py_DECREF(arglist); + Py_XDECREF(r); + Py_DECREF(func); +@@ -273,7 +273,7 @@ + if( func != NULL ) + { + PyObject *arglist = Py_BuildValue("()"); +- PyObject *r = PyEval_CallObject(func, arglist); ++ PyObject *r = PyObject_CallObject(func, arglist); + Py_DECREF(arglist); + Py_XDECREF(r); + Py_DECREF(func); +@@ -306,7 +306,7 @@ + if( func != NULL ) + { + PyObject *arglist = Py_BuildValue("()"); +- PyObject *r = PyEval_CallObject(func, arglist); ++ PyObject *r = PyObject_CallObject(func, arglist); + Py_DECREF(arglist); + Py_XDECREF(r); + Py_DECREF(func); +@@ -389,7 +389,7 @@ + PyObject *func = PyObject_GetAttrString(module, "new"); + if( func != NULL ) { + PyObject *arglist = Py_BuildValue("()"); +- PyObject *r = PyEval_CallObject(func, arglist); ++ PyObject *r = PyObject_CallObject(func, arglist); + Py_DECREF(arglist); + Py_XDECREF(r); + Py_DECREF(func); diff --git a/dionaea-16_cmake_append_flags.patch b/dionaea-16_cmake_append_flags.patch new file mode 100644 index 0000000..752b96c --- /dev/null +++ b/dionaea-16_cmake_append_flags.patch @@ -0,0 +1,13 @@ +APPEND adds unwanted ";" character if there are already some CMAKE_C_FLAGS defined +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/CMakeLists.txt 2024-07-04 21:10:43.604959260 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/CMakeLists.txt 2024-07-04 21:10:14.986830427 +0200 +@@ -31,7 +31,7 @@ + set(CMAKE_C_STANDARD 11) + set(CMAKE_C_STANDARD_REQUIRED ON) + # ToDo: move to source file? +-list(APPEND CMAKE_C_FLAGS "-D_GNU_SOURCE") ++set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_GNU_SOURCE") + + list(APPEND CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake) + diff --git a/dionaea-17_cmake_dirs.patch b/dionaea-17_cmake_dirs.patch new file mode 100644 index 0000000..014b45e --- /dev/null +++ b/dionaea-17_cmake_dirs.patch @@ -0,0 +1,183 @@ +Change handling of dirs to be able to configure/install to base system having +configuration in /etc/, +data files in /var +and rest in /usr, +while keeping the possibility to install to /opt/dionaea by default +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/cmake/InstallConfig.cmake dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/cmake/InstallConfig.cmake +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/cmake/InstallConfig.cmake 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/cmake/InstallConfig.cmake 2024-07-07 16:40:50.457869174 +0200 +@@ -12,17 +12,17 @@ + get_filename_component(src_name "${src}" NAME) + get_filename_component(basename_dest "${src}" NAME) + install(CODE " +- if(\${CMAKE_INSTALL_FULL_PREFIX} MATCHES .*/_CPack_Packages/.* OR NOT EXISTS \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${dest}/${src_name}\") +- message(STATUS \"Installing: \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${dest}/${src_name}\") ++ if(\${CMAKE_INSTALL_FULL_PREFIX} MATCHES .*/_CPack_Packages/.* OR NOT EXISTS \"\$ENV{DESTDIR}/${dest}/${src_name}\") ++ message(STATUS \"Installing: \$ENV{DESTDIR}/${dest}/${src_name}\") + execute_process(COMMAND \${CMAKE_COMMAND} -E copy \"${src}\" +- \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${dest}/${src_name}\" ++ \"\$ENV{DESTDIR}/${dest}/${src_name}\" + RESULT_VARIABLE copy_result + ERROR_VARIABLE error_output) + if(copy_result) + message(FATAL_ERROR \${error_output}) + endif() + else() +- message(STATUS \"Skipping : \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${dest}/${src_name}\") ++ message(STATUS \"Skipping : \$ENV{DESTDIR}/${dest}/${src_name}\") + endif() + ") + endfunction() +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/cmake/InstallPythonConfig.cmake dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/cmake/InstallPythonConfig.cmake +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/cmake/InstallPythonConfig.cmake 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/cmake/InstallPythonConfig.cmake 2024-07-07 13:16:38.947125822 +0200 +@@ -43,13 +43,13 @@ + if(NOT EXISTS "${_conf_dst}") + install(DIRECTORY DESTINATION "${_conf_dst}") + foreach(filename ${MY_FUNC_FILES}) +- install(CODE "message(STATUS \"Enabling Service: ${filename} in \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${_conf_dst}\")") ++ install(CODE "message(STATUS \"Enabling Service: ${filename} in \$ENV{DESTDIR}/${_conf_dst}\")") + install(CODE " + EXECUTE_PROCESS( + COMMAND \"${CMAKE_COMMAND}\" -E create_symlink + ${MY_FUNC_SOURCE_REL_DIR}/${filename} + ${filename} +- WORKING_DIRECTORY \"\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${_conf_dst}\" ++ WORKING_DIRECTORY \"\$ENV{DESTDIR}/${_conf_dst}\" + ) + ") + endforeach() +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/curl/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/curl/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/curl/CMakeLists.txt 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/curl/CMakeLists.txt 2024-07-07 21:51:47.636592554 +0200 +@@ -40,5 +40,5 @@ + + install( + TARGETS module_curl +- LIBRARY DESTINATION lib/dionaea ++ LIBRARY DESTINATION ${DIONAEA_MODDIR} + ) +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/emu/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/emu/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/emu/CMakeLists.txt 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/emu/CMakeLists.txt 2024-07-07 21:52:01.819707360 +0200 +@@ -41,5 +41,5 @@ + + install( + TARGETS module_emu +- LIBRARY DESTINATION lib/dionaea ++ LIBRARY DESTINATION ${DIONAEA_MODDIR} + ) +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/nfq/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/nfq/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/nfq/CMakeLists.txt 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/nfq/CMakeLists.txt 2024-07-07 21:52:50.925104849 +0200 +@@ -41,5 +41,5 @@ + + install( + TARGETS module_nfq +- LIBRARY DESTINATION lib/dionaea ++ LIBRARY DESTINATION ${DIONAEA_MODDIR} + ) +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/nl/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/nl/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/nl/CMakeLists.txt 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/nl/CMakeLists.txt 2024-07-07 21:52:58.748168174 +0200 +@@ -42,5 +42,5 @@ + + install( + TARGETS module_nl +- LIBRARY DESTINATION lib/dionaea ++ LIBRARY DESTINATION ${DIONAEA_MODDIR} + ) +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/pcap/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/pcap/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/pcap/CMakeLists.txt 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/pcap/CMakeLists.txt 2024-07-07 21:53:08.484246984 +0200 +@@ -39,5 +39,5 @@ + + install( + TARGETS module_pcap +- LIBRARY DESTINATION lib/dionaea ++ LIBRARY DESTINATION ${DIONAEA_MODDIR} + ) +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/xmatch/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/xmatch/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/xmatch/CMakeLists.txt 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/xmatch/CMakeLists.txt 2024-07-07 21:54:00.053664426 +0200 +@@ -27,5 +27,5 @@ + + install( + TARGETS xmatch +- LIBRARY DESTINATION lib ++ LIBRARY DESTINATION ${DIONAEA_MODDIR} + ) +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/src/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/src/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/src/CMakeLists.txt 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/src/CMakeLists.txt 2024-07-07 23:02:13.808986562 +0200 +@@ -59,7 +59,7 @@ + + install ( + TARGETS dionaea +- RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} ++ RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR} + ) + + configure_file( +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/CMakeLists.txt 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/CMakeLists.txt 2024-07-07 16:39:03.665446438 +0200 +@@ -31,7 +31,7 @@ + ) + + #install(CODE "execute_process(COMMAND ${PYTHON_EXECUTABLE} ${SETUP_PY} install --prefix=${CMAKE_INSTALL_PREFIX})") +- install(CODE "execute_process(COMMAND ${PYTHON_EXECUTABLE} ${SETUP_PY} install --install-lib=\$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${DIONAEA_PYTHON_SITELIBDIR})") ++ install(CODE "execute_process(COMMAND ${PYTHON_EXECUTABLE} ${SETUP_PY} install --install-lib=\$ENV{DESTDIR}/${DIONAEA_PYTHON_SITELIBDIR})") + endif() + + add_library( +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/CMakeLists.txt dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/CMakeLists.txt +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/CMakeLists.txt 2021-02-08 06:48:52.000000000 +0100 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/CMakeLists.txt 2024-07-08 04:14:55.578867606 +0200 +@@ -66,7 +66,27 @@ + + option(RELEASE_BUILD "Remove Git revision from program version (use for stable releases)" OFF) + ++# Default install prefix for Dionaea ++if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT) ++ message(STATUS "INFO: Setting the CMAKE_INSTALL_PREFIX to default - /opt/dionaea") ++ set_property(CACHE CMAKE_INSTALL_PREFIX PROPERTY VALUE "/opt/dionaea") ++endif() ++ ++message(STATUS "Before GNUInstallDirs: CMAKE_INSTALL_FULL_LOCALSTATEDIR = ${CMAKE_INSTALL_FULL_LOCALSTATEDIR}") + include(GNUInstallDirs) ++message(STATUS "After GNUInstallDirs: CMAKE_INSTALL_FULL_LOCALSTATEDIR = ${CMAKE_INSTALL_FULL_LOCALSTATEDIR}") ++ ++### Dionaea non-FHS compliant defaults /opt/dionaea ++# Dionaea defaults are different from FHS as used in GNUInstallDirs ++# for example the default when prefix is set to /opt/dionaea, the configuration ++# is expected in /opt/dionaea/etc and not in /etc/opt/dionaea, same for the state dirs ++# expected to be in /opt/dionaea/var/lib and not in /var/opt/dionaea/lib ++if(CMAKE_INSTALL_PREFIX STREQUAL "/opt/dionaea") ++ set(CMAKE_INSTALL_FULL_SYSCONFDIR "${CMAKE_INSTALL_PREFIX}/etc" CACHE PATH "Configuration") ++ set(CMAKE_INSTALL_FULL_LOCALSTATEDIR "${CMAKE_INSTALL_PREFIX}/var" CACHE PATH "Modifiable single-machine data (var)" FORCE) ++ set(CMAKE_INSTALL_FULL_RUNSTATEDIR "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/run" CACHE PATH "Run-time variable data (LOCALSTATEDIR/run)") ++endif() ++ + include(InstallConfig) + include(Packaging) + +@@ -90,12 +110,12 @@ + + set(DIONAEA_USER "dionaea" CACHE STRING "Dionaea user") + set(DIONAEA_GROUP "dionaea" CACHE STRING "Dionaea group") +-set(DIONAEA_MODDIR ${CMAKE_INSTALL_LIBDIR}/dionaea) +-set(DIONAEA_CONFDIR ${CMAKE_INSTALL_SYSCONFDIR}/dionaea) +-set(DIONAEA_RUNDIR "${CMAKE_INSTALL_LOCALSTATEDIR}/run" CACHE STRING "/run directory") +-set(DIONAEA_STATEDIR ${CMAKE_INSTALL_LOCALSTATEDIR}/lib/dionaea) +-set(DIONAEA_LOGDIR ${CMAKE_INSTALL_LOCALSTATEDIR}/log/dionaea) +-set(DIONAEA_PYTHON_SITELIBDIR ${CMAKE_INSTALL_LIBDIR}/dionaea/python) ++set(DIONAEA_MODDIR ${CMAKE_INSTALL_FULL_LIBDIR}/dionaea CACHE PATH "Dionaea directory for plugin modules") ++set(DIONAEA_CONFDIR ${CMAKE_INSTALL_FULL_SYSCONFDIR}/dionaea CACHE PATH "Dionaea configuration directory") ++set(DIONAEA_RUNDIR "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/run" CACHE PATH "Dionaea /run directory") ++set(DIONAEA_STATEDIR ${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/lib/dionaea CACHE PATH "Dionaea directory for storing the status") ++set(DIONAEA_LOGDIR ${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/log/dionaea CACHE PATH "Dionaea log directory") ++set(DIONAEA_PYTHON_SITELIBDIR ${CMAKE_INSTALL_FULL_LIBDIR}/dionaea/python CACHE PATH "Dionaea location of python modules") + + ########### requirements ############### + diff --git a/dionaea-18_python_regex.patch b/dionaea-18_python_regex.patch new file mode 100644 index 0000000..98ea610 --- /dev/null +++ b/dionaea-18_python_regex.patch @@ -0,0 +1,323 @@ +new versions of python 3.9+ new regex patterns defined as raw strings, otherwise report syntax error for unknown stirng escape sequence like \s +Only in dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig: 1.orig +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/doc/source/conf.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/doc/source/conf.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/doc/source/conf.py 2024-07-16 02:09:42.459377247 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/doc/source/conf.py 2024-07-16 02:08:40.881028357 +0200 +@@ -62,7 +62,7 @@ + # The short X.Y version. + version = "undefined" + regex_version = re.compile( +- "^project\s*\([^)]+?\s+VERSION\s+(?P[0-9]+\.[0-9]+\.[0-9]+)$", ++ r"^project\s*\([^)]+?\s+VERSION\s+(?P[0-9]+\.[0-9]+\.[0-9]+)$", + re.MULTILINE|re.DOTALL + ) + data = open("../../CMakeLists.txt", "r").read() +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/cmd.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/cmd.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/cmd.py 2024-07-16 02:09:42.462377264 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/cmd.py 2024-07-16 02:08:40.918028567 +0200 +@@ -29,7 +29,7 @@ + else: + self.send = self.void + self.files = {} +- self.cwd = 'C:\WINDOWS\System32' ++ self.cwd = 'C:\\WINDOWS\\System32' + + + def handle_io_in(self, data): +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/emu_scripts/handler.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/emu_scripts/handler.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/emu_scripts/handler.py 2024-07-16 02:09:42.464377275 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/emu_scripts/handler.py 2024-07-16 02:11:23.762951218 +0200 +@@ -22,7 +22,7 @@ + self._regex_detect = [] + + self._regex_url = re.compile( +- b"(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)" ++ r"(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)" + ) + + def run(self, data): +@@ -52,7 +52,7 @@ + self._config = config + + self._regex_url = re.compile( +- b"(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)" ++ r"(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)" + ) + + def run(self, data): +@@ -70,13 +70,13 @@ + + self.min_match_count = 2 + self._regex_detect = [ +- re.compile(b"New-Object\s+System\.Net\.WebClient"), +- re.compile(b"DownloadFile([^,]+?,[^,]+?)"), +- re.compile(b"Invoke-Expression([^)]+?)") ++ re.compile(r"New-Object\s+System\.Net\.WebClient"), ++ re.compile(r"DownloadFile([^,]+?,[^,]+?)"), ++ re.compile(r"Invoke-Expression([^)]+?)") + ] + + self._regex_url = re.compile( +- b"\w+\s*=\s*\"\s*(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)\s*\"" ++ r"\w+\s*=\s*\"\s*(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)\s*\"" + ) + + +@@ -88,9 +88,9 @@ + + self.min_match_count = 1 + self._regex_detect = [ +- re.compile(b"Set\s+\w+\s+=\s+CreateObject\(.*?(Msxml2.XMLHTTP|Wscript.Shell).*?\)") ++ re.compile(r"Set\s+\w+\s+=\s+CreateObject\(.*?(Msxml2.XMLHTTP|Wscript.Shell).*?\)") + ] + + self._regex_url = re.compile( +- b"\.Open\s+\"GET\"\s*,\s*\"(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)\"" ++ r"\.Open\s+\"GET\"\s*,\s*\"(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)\"" + ) +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/memcache/command.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/memcache/command.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/memcache/command.py 2024-07-16 02:09:42.466377287 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/memcache/command.py 2024-07-16 02:08:40.902028476 +0200 +@@ -18,7 +18,7 @@ + + class Decrement(Command): + name = "decr" +- regex_cmd = re.compile(b"^decr (?P\w+) (?P\d+)( (?Pnoreply))?$") ++ regex_cmd = re.compile(r"^decr (?P\w+) (?P\d+)( (?Pnoreply))?$") + + def __init__(self, key=None, value=0, no_reply=False): + self.key = key +@@ -37,7 +37,7 @@ + + class Delete(Command): + name = "delete" +- regex_cmd = re.compile(b"^(?P\w+) (?P\w+)( (?Pnoreply))?$") ++ regex_cmd = re.compile(r"^(?P\w+) (?P\w+)( (?Pnoreply))?$") + + def __init__(self, key=None, no_reply=None): + self.key = key +@@ -73,7 +73,7 @@ + + class Increment(Command): + name = "incr" +- regex_cmd = re.compile(b"^incr (?P\w+) (?P\d+)( (?Pnoreply))?$") ++ regex_cmd = re.compile(r"^incr (?P\w+) (?P\d+)( (?Pnoreply))?$") + + def __init__(self, key=None, value=0, no_reply=False): + self.key = key +@@ -91,7 +91,7 @@ + + + class StorageCommand(Command): +- regex_cmd = re.compile(b"^(?P\w+) (?P\w+) (?P\d+) (?P\d+) (?P\d+)( (?Pnoreply))?") ++ regex_cmd = re.compile(r"^(?P\w+) (?P\w+) (?P\d+) (?P\d+) (?P\d+)( (?Pnoreply))?") + + def __init__(self, key=None, flags=None, exptime=None, byte_count=None, noreply=None): + self.key = key +@@ -171,7 +171,7 @@ + + class Touch(Command): + name = "touch" +- regex_cmd = re.compile(b"^touch (?P\w+) (?P\d+)( (?Pnoreply))?$") ++ regex_cmd = re.compile(r"^touch (?P\w+) (?P\d+)( (?Pnoreply))?$") + + def __init__(self, key=None, exptime=None, no_reply=None): + self.key = key +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/mysql/mysql.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/mysql/mysql.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/mysql/mysql.py 2024-07-16 02:09:42.468377298 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/mysql/mysql.py 2024-07-16 02:13:32.901682889 +0200 +@@ -19,12 +19,12 @@ + logger = logging.getLogger('mysqld') + + re_show_var = re.compile( +- b"show\s+((?Pglobal)\s+)?variables(\s+like\s+(?P\"|')(?P.*?)(?P=sep))?", ++ r"show\s+((?Pglobal)\s+)?variables(\s+like\s+(?P\"|')(?P.*?)(?P=sep))?", + re.I + ) + + re_select_var = re.compile( +- b"select\s+(?P@(?P@)?(?P\w+))(\s+limit\s+\d+)?", ++ r"select\s+(?P@(?P@)?(?P\w+))(\s+limit\s+\d+)?", + re.I + ) + +@@ -42,7 +42,7 @@ + self.config = None + self.state = "" + self.regex_statement = re.compile( +- b"""([A-Za-z0-9_.]+\(.*?\)+|\(.*?\)+|"(?:[^"]|\"|"")*"+|'[^'](?:|\'|'')*'+|`(?:[^`]|``)*`+|[^ ,]+|,)""" ++ r"""([A-Za-z0-9_.]+\(.*?\)+|\(.*?\)+|"(?:[^"]|\"|"")*"+|'[^'](?:|\'|'')*'+|`(?:[^`]|``)*`+|[^ ,]+|,)""" + ) + self.download_dir = None + self.download_suffix = ".tmp" +@@ -146,7 +146,7 @@ + if re.match(b'set ', p.Query, re.I): + r = MySQL_Result_OK(Message="#2") + +- elif re.match(b'select\s+database\s*\(\s*\)$', p.Query, re.I): ++ elif re.match(r'select\s+database\s*\(\s*\)$', p.Query, re.I): + r = [ + MySQL_Result_Header(FieldCount=1), + MySQL_Result_Field( +@@ -167,7 +167,7 @@ + MySQL_Result_EOF(ServerStatus=0x002) + ] + +- elif re.match(b"show\s+databases$", p.Query, re.I): ++ elif re.match(r"show\s+databases$", p.Query, re.I): + r = [ + MySQL_Result_Header(FieldCount=1), + MySQL_Result_Field( +@@ -192,7 +192,7 @@ + # r.append(MySQL_Result_Row_Data(ColumnValues=['information_schema'])) + r.append(MySQL_Result_EOF(ServerStatus=0x002)) + +- elif re.match(b'show\s+tables$', p.Query, re.I): ++ elif re.match(r'show\s+tables$', p.Query, re.I): + r = [ + MySQL_Result_Header(FieldCount=1), + MySQL_Result_Field( +@@ -273,8 +273,8 @@ + if len(query) == 0: + return False + +- regex_function = re.compile(b"(?P[A-Za-z0-9_.]+)\((?P.*?)\)+") +- regex_url = re.compile(b"(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)") ++ regex_function = re.compile(r"(?P[A-Za-z0-9_.]+)\((?P.*?)\)+") ++ regex_url = re.compile(r"(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)") + + m = re_select_var.match(p.Query) + if m: +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/sip/extras.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/sip/extras.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/sip/extras.py 2024-07-16 02:09:42.471377315 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/sip/extras.py 2024-07-16 02:08:40.911028527 +0200 +@@ -261,7 +261,7 @@ + sdp = data[0] + for n,v in media_ports.items(): + if v is None: +- sdp = re.sub("\[" + n +"\].*\[\/" + n + "\]", "", sdp, 0, re.DOTALL) ++ sdp = re.sub("\\[" + n +"\\].*\\[\\/" + n + "\\]", "", sdp, 0, re.DOTALL) + else: + params[n] = v + +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/sip/rfc2396.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/sip/rfc2396.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/sip/rfc2396.py 2024-07-16 02:09:42.473377327 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/sip/rfc2396.py 2024-07-16 02:08:40.911028527 +0200 +@@ -28,9 +28,9 @@ + b'"John Doe" ' + """ + _syntax = [ +- re.compile(b'^(?P[a-zA-Z0-9\-\.\_\+\~\ \t]*)<(?P[^>]+)>( *; *(?P.*))?'), +- re.compile(b'^(?:"(?P[a-zA-Z0-9\-\.\_\+\~\ \t]+)")[\ \t]*<(?P[^>]+)>( *; *(?P.*))?'), +- re.compile(b'^[\ \t]*(?P)(?P[^;]+)( *; *(?P.*))?') ++ re.compile(r'^(?P[a-zA-Z0-9\-\.\_\+\~\ \t]*)<(?P[^>]+)>( *; *(?P.*))?'), ++ re.compile(r'^(?:"(?P[a-zA-Z0-9\-\.\_\+\~\ \t]+)")[\ \t]*<(?P[^>]+)>( *; *(?P.*))?'), ++ re.compile(r'^[\ \t]*(?P)(?P[^;]+)( *; *(?P.*))?') + ] + + def __init__(self, display_name = None, uri = None, must_quote = None, params = None): +@@ -128,12 +128,12 @@ + True + """ + +- _syntax = re.compile(b"^(?P[a-zA-Z][a-zA-Z0-9\+\-\.]*):" # scheme +- + b"(?:(?:(?P[a-zA-Z0-9\-\_\.\!\~\*\'\(\)&=\+\$,;\?\/\%]+)" # user +- + b"(?::(?P[^:@;\?]+))?)@)?" # password +- + b"(?:(?:(?P[^;\?:]*)(?::(?P[\d]+))?))" # host, port +- + b"(?:;(?P[^\?]*))?" # parameters +- + b"(?:\?(?P.*))?$" # headers ++ _syntax = re.compile(r"^(?P[a-zA-Z][a-zA-Z0-9\+\-\.]*):" # scheme ++ + r"(?:(?:(?P[a-zA-Z0-9\-\_\.\!\~\*\'\(\)&=\+\$,;\?\/\%]+)" # user ++ + r"(?::(?P[^:@;\?]+))?)@)?" # password ++ + r"(?:(?:(?P[^;\?:]*)(?::(?P[\d]+))?))" # host, port ++ + r"(?:;(?P[^\?]*))?" # parameters ++ + r"(?:\?(?P.*))?$" # headers + ) + + def __init__(self, scheme = None, user = None, password = None, host = None, port = None, params = None, headers = None): +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/sip/rfc3261.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/sip/rfc3261.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/sip/rfc3261.py 2024-07-16 02:09:42.475377338 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/sip/rfc3261.py 2024-07-16 02:08:40.911028527 +0200 +@@ -678,7 +678,7 @@ + b'z9hG4bK77asjd' b'192.0.2.207' + """ + +- _syntax = re.compile(b"SIP */ *2\.0 */ *(?P[a-zA-Z]+) *(?P
[^ :;]*) *(:(?P[0-9]+))?( *; *(?P.*))?") ++ _syntax = re.compile(r"SIP */ *2\.0 */ *(?P[a-zA-Z]+) *(?P
[^ :;]*) *(:(?P[0-9]+))?( *; *(?P.*))?") + + def __init__(self, protocol = None, address = None, port = None, params = None): + if params is None: +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/smb/include/asn1/mib.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/smb/include/asn1/mib.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/smb/include/asn1/mib.py 2024-07-16 02:09:42.478377355 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/smb/include/asn1/mib.py 2024-07-16 02:08:40.913028539 +0200 +@@ -19,12 +19,12 @@ + ## MIB parsing ## + ################# + +-_mib_re_integer = re.compile("^[0-9]+$") +-_mib_re_both = re.compile("^([a-zA-Z_][a-zA-Z0-9_-]*)\(([0-9]+)\)$") ++_mib_re_integer = re.compile(r"^[0-9]+$") ++_mib_re_both = re.compile(r"^([a-zA-Z_][a-zA-Z0-9_-]*)\(([0-9]+)\)$") + _mib_re_oiddecl = re.compile( +- "$\s*([a-zA-Z0-9_-]+)\s+OBJECT([^:\{\}]|\{[^:]+\})+::=\s*\{([^\}]+)\}",re.M) +-_mib_re_strings = re.compile('"[^"]*"') +-_mib_re_comments = re.compile('--.*(\r|\n)') ++ r"$\s*([a-zA-Z0-9_-]+)\s+OBJECT([^:\{\}]|\{[^:]+\})+::=\s*\{([^\}]+)\}",re.M) ++_mib_re_strings = re.compile(r'"[^"]*"') ++_mib_re_comments = re.compile(r'--.*(\r|\n)') + + class MIBDict(DADict): + def _findroot(self, x): +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/smb/include/fieldtypes.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/smb/include/fieldtypes.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/smb/include/fieldtypes.py 2024-07-16 02:09:42.480377366 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/smb/include/fieldtypes.py 2024-07-16 02:08:40.915028550 +0200 +@@ -188,7 +188,7 @@ + def m2i(self, pkt, x): + return str2mac(x) + def any2i(self, pkt, x): +- if type(x) is str and len(x) is 6: ++ if type(x) is str and len(x) == 6: + x = self.m2i(pkt, x) + return x + def i2repr(self, pkt, x): +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/smb/rpcservices.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/smb/rpcservices.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/smb/rpcservices.py 2024-07-16 02:09:42.484377389 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/smb/rpcservices.py 2024-07-16 02:08:40.916028556 +0200 +@@ -2802,7 +2802,7 @@ + + rpclog.debug("docname {} outputfile {}".format(DocName, OutputFile)) + +- if OutputFile.startswith('\\') and OutputFile.endswith('\PIPE\ATSVC'): ++ if OutputFile.startswith('\\\\') and OutputFile.endswith('\\PIPE\\ATSVC'): + # FIXME PIPE ATSVC COMMAND + pass + else: +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/util.py dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/util.py +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/dionaea/util.py 2024-07-16 02:09:42.489377417 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/dionaea/util.py 2024-07-16 02:08:40.918028567 +0200 +@@ -74,14 +74,14 @@ + :return: List of urls or None + """ + from dionaea.core import incident +- regex = re.compile(b"\(\)\s*\t*\{.*;\s*\}\s*;") ++ regex = re.compile(r"\(\)\s*\t*\{.*;\s*\}\s*;") + if not regex.search(data): + return None + logger.debug("Shellshock attack found") + + urls = [] + regex = re.compile( +- b"(wget|curl).+(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)" ++ r"(wget|curl).+(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)" + ) + for m in regex.finditer(data): + logger.debug("Found download command with url %s", m.group("url")) +@@ -107,7 +107,7 @@ + from dionaea.core import incident + urls = [] + regex = re.compile( +- b"(wget|curl).+(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)" ++ r"(wget|curl).+(?P(http|ftp|https)://([\w_-]+(?:(?:\.[\w_-]+)+))([\w.,@?^=%&:/~+#-]*[\w@?^=%&/~+#-])?)" + ) + for m in regex.finditer(data): + logger.debug("Found download command with url %s", m.group("url")) diff --git a/dionaea-19_setuptools.patch b/dionaea-19_setuptools.patch new file mode 100644 index 0000000..31fc139 --- /dev/null +++ b/dionaea-19_setuptools.patch @@ -0,0 +1,132 @@ +Migrate setup.py from deprecated distutils to setuptools. +Handle the building by cmake from setup.py template processed in cmake build directory. +Newer versions of setuptools complain about using absolute paths in setup. +diff -ru dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/setup.py.in2 dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/setup.py.in2 +--- dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.orig/modules/python/setup.py.in2 2024-07-17 16:08:59.696655429 +0200 ++++ dionaea-4e459f1b672a5b4c1e8335c0bff1b93738019215.new/modules/python/setup.py.in2 2024-07-30 11:32:39.198027455 +0200 +@@ -5,33 +5,46 @@ + # + # SPDX-License-Identifier: GPL-2.0-or-later + +-from distutils.core import setup +-from distutils.extension import Extension +-from distutils.util import convert_path ++from setuptools import setup, find_packages, Extension ++from setuptools.command.install import install as _install ++from setuptools.command.build_ext import build_ext as _build_ext ++ + import os +-from Cython.Distutils import build_ext ++# from Cython.Distutils import build_ext ++ ++# Helper function to get absolute path relative to this file ++def get_abs_path(rel_path): ++ return os.path.abspath(os.path.join(os.path.dirname(__file__), rel_path)) ++ ++def get_rel_path(abs_path): ++ return os.path.relpath(os.path.join(os.path.dirname(__file__), abs_path)) ++ ++# Function to process CMake-style paths ++def process_cmake_path(path): ++ if path.startswith('${CMAKE_CURRENT_SOURCE_DIR}'): ++ return get_rel_path(get_abs_path(path)) ++ return path + ++class CustomBuildExt(_build_ext): ++ def build_extensions(self): ++ if '-Wstrict-prototypes' in self.compiler.compiler_so: ++ self.compiler.compiler_so.remove('-Wstrict-prototypes') ++ super().build_extensions() + +-def find_packages(base_path): +- base_path = convert_path(base_path) +- found = [] +- for root, dirs, files in os.walk(base_path, followlinks=True): +- dirs[:] = [d for d in dirs if d[0] != '.' and d not in ('ez_setup', '__pycache__')] +- relpath = os.path.relpath(root, base_path) +- parent = relpath.replace(os.sep, '.').lstrip('.') +- if relpath != '.' and parent not in found: +- continue +- for dir in dirs: +- if os.path.isfile(os.path.join(root, dir, '__init__.py')): +- package = '.'.join((parent, dir)) if parent else dir +- found.append(package) +- return found ++class CustomInstall(_install): ++ def run(self): ++ _install.run(self) + +-core_cflags = '${GLIB2_CFLAGS};' # glib +-core_cflags += '${GMODULE2_CFLAGS}' # gmodule + +-core_ldflags = '${GLIB2_LDFLAGS};' # glib +-core_ldflags += '${GMODULE2_LDFLAGS}' # gmodule ++print("=== DEBUG: CMAKE_CURRENT_SOURCE_DIR " + "${CMAKE_CURRENT_SOURCE_DIR}") ++ ++# glib ++core_cflags = '${GLIB2_CFLAGS};' ++core_ldflags = '${GLIB2_LDFLAGS};' ++ ++# gmodule ++core_cflags += '${GMODULE2_CFLAGS}' ++core_ldflags += '${GMODULE2_LDFLAGS}' + + core_include_dirs = set() + core_extra_compile_flags = set() +@@ -39,7 +52,7 @@ + if i == '': + continue + elif i.startswith('-I'): +- core_include_dirs.add(i[2:]) ++ core_include_dirs.add(process_cmake_path(i[2:])) + else: + core_extra_compile_flags.add(i) + +@@ -53,15 +66,18 @@ + elif i.startswith('-l'): + core_libraries.add(i[2:]) + elif i.startswith('-L'): +- core_library_dirs.add(i[2:]) ++ core_library_dirs.add(process_cmake_path(i[2:])) + else: + core_library_other_flags.add(i) + +-ext_modules=[ ++ext_modules = [ + Extension("dionaea.core", + ['${CMAKE_CURRENT_SOURCE_DIR}/binding.pyx'], + language="c", +- include_dirs=['${CMAKE_CURRENT_SOURCE_DIR}/../../include', '${CMAKE_CURRENT_SOURCE_DIR}/../../'] + list(core_include_dirs), ++ include_dirs=[ ++ process_cmake_path('${CMAKE_CURRENT_SOURCE_DIR}/../../include'), ++ process_cmake_path('${CMAKE_CURRENT_SOURCE_DIR}/../../') ++ ] + list(core_include_dirs), + extra_compile_args=list(core_extra_compile_flags), + libraries=list(core_libraries), + library_dirs=list(core_library_dirs), +@@ -71,11 +87,20 @@ + ), + ] + ++d_packages = find_packages(process_cmake_path('${CMAKE_CURRENT_SOURCE_DIR}')) ++print("=== DEBUG: d_packages " + str(d_packages)) ++ ++d_dir = {'': process_cmake_path('${CMAKE_CURRENT_SOURCE_DIR}')} ++print("=== DEBUG: d_dir " + str(d_dir)) ++ + setup( +- name = 'dionaea', ++ name='dionaea', + version="${DIONAEA_VERSION}", +- cmdclass = {'build_ext': build_ext}, +- ext_modules = ext_modules, +- packages=find_packages(base_path='${CMAKE_CURRENT_SOURCE_DIR}'), +- package_dir={'': '${CMAKE_CURRENT_SOURCE_DIR}'} ++ cmdclass={ ++ 'build_ext': CustomBuildExt, ++ 'install': CustomInstall, ++ }, ++ ext_modules=ext_modules, ++ packages=d_packages, ++ package_dir=d_dir + ) diff --git a/dionaea-20_fix_cython3.1_build.patch b/dionaea-20_fix_cython3.1_build.patch new file mode 100644 index 0000000..680cd7a --- /dev/null +++ b/dionaea-20_fix_cython3.1_build.patch @@ -0,0 +1,34 @@ +From f5973bc298b6420456b762b1506f87c2aa524d8b Mon Sep 17 00:00:00 2001 +From: Charalampos Stratakis +Date: Tue, 5 Aug 2025 16:00:47 +0200 +Subject: [PATCH] Replace __pyx_empty_tuple with PyTuple_New(0) + +__pyx_empty_tuple wasn't part of Cython's public API and +the underlying mechanism for generating an empty tuple changed +with Cython 3.1. + +This change ensures that the proper macro is used and makes +dionaea compile with Cython >= 3.1. + +See also: https://github.com/cython/cython/pull/6351 +--- + modules/python/module.h | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/modules/python/module.h b/modules/python/module.h +index 726a7892..9b842df9 100644 +--- a/modules/python/module.h ++++ b/modules/python/module.h +@@ -9,9 +9,9 @@ + #include + #include "connection.h" + +-#define PY_CLONE(T) (T)->ob_type->tp_new((T)->ob_type, __pyx_empty_tuple, NULL) +-#define PY_NEW(T) (((PyTypeObject*)(T))->tp_new( (PyTypeObject*)(T), __pyx_empty_tuple, NULL)) +-#define PY_INIT(P, O) (P)->ob_type->tp_init((O), __pyx_empty_tuple, NULL) ++#define PY_CLONE(T) (T)->ob_type->tp_new((T)->ob_type, PyTuple_New(0), NULL) ++#define PY_NEW(T) (((PyTypeObject*)(T))->tp_new( (PyTypeObject*)(T), PyTuple_New(0), NULL)) ++#define PY_INIT(P, O) (P)->ob_type->tp_init((O), PyTuple_New(0), NULL) + #define REFCOUNT(T) printf("obj refcount %i\n", (int)(T)->ob_refcnt) + + #define REMOTE(C) (C)->remote diff --git a/dionaea.initd b/dionaea.initd new file mode 100644 index 0000000..52dc9ea --- /dev/null +++ b/dionaea.initd @@ -0,0 +1,102 @@ +#! /bin/sh +# +# Startup script for dionaea +# +# chkconfig: - 39 61 +# description: Starts and stops the dionaea honeypot + +### BEGIN INIT INFO +# Provides: dionaea +# Required-Start: $local_fs $network +# Required-Stop: $local_fs $network +# Default-Start: +# Default-Stop: +# Short-Description: Starts and stops the dionaea +# Description: Dionaea is a low-interaction honeypot +### END INIT INFO + +[ -f /etc/rc.d/init.d/functions ] && . /etc/rc.d/init.d/functions + +exec=/usr/sbin/dionaea +prog=dionaea +dionaea_ARGS="--detach" +[ -e /etc/sysconfig/dionaea ] && . /etc/sysconfig/dionaea +args="${dionaea_ARGS}" + +lockfile=/var/lock/subsys/$prog + +start() { + [ -x $exec ] || exit 5 + [ -f $config ] || exit 6 + echo -n $"Starting $prog: " + daemon "$exec $args" + retval=$? + echo + [ $retval -eq 0 ] && touch $lockfile + return $retval +} + +stop() { + echo -n $"Stopping $prog: " + killproc "$prog" + retval=$? + echo + [ $retval -eq 0 ] && rm -f $lockfile + return $retval +} + +restart() { + stop + start +} + +reload() { + restart +} + +force_reload() { + restart +} + +rh_status() { + # run checks to determine if the service is running or use generic status + status $prog +} + +rh_status_q() { + rh_status >/dev/null 2>&1 +} + + +case "$1" in + start) + rh_status_q && exit 0 + $1 + ;; + stop) + rh_status_q || exit 0 + $1 + ;; + restart) + $1 + ;; + reload) + rh_status_q || exit 7 + $1 + ;; + force-reload) + force_reload + ;; + status) + rh_status + ;; + condrestart|try-restart) + rh_status_q || exit 0 + restart + ;; + *) + echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" + exit 2 +esac +exit $? + diff --git a/dionaea.logrotate b/dionaea.logrotate new file mode 100644 index 0000000..73a40b5 --- /dev/null +++ b/dionaea.logrotate @@ -0,0 +1,22 @@ +# logrotate requires dionaea to be started with a pidfile +# in this case -p /opt/dionaea/var/run/dionaea.pid +# adjust the path to your needs +/var/log/dionaea/dionaea.log /var/log/dionaea/dionaea-errors.log { + daily + rotate 365 + missingok + compress + delaycompress + su dionaea dionaea + create 660 dionaea dionaea + dateext + postrotate + # Simple reload of the configuration with HUP should, but doesn't work + # https://github.com/DinoTools/dionaea/issues/206 + # https://github.com/DinoTools/dionaea/blob/master/doc/source/old/configuration.rst + # kill -HUP `cat /var/run/dionaea.pid` + + # do full service restart instead + /bin/systemctl -q is-active dionaea.service && /bin/systemctl restart dionaea.service > /dev/null 2>/dev/null || true + endscript +} diff --git a/dionaea.rpmlintrc b/dionaea.rpmlintrc new file mode 100644 index 0000000..edcbaaa --- /dev/null +++ b/dionaea.rpmlintrc @@ -0,0 +1,21 @@ +from Config import addFilter + + +addFilter('dionaea-debugsource.*no-documentation') +addFilter('dionaea.*: spelling-error.*nepenthes') +addFilter('dionaea.*: spelling-error.*libemu') +addFilter('dionaea.*: spelling-error.*shell-codes') +addFilter('dionaea.*: spelling-error.*TLS') + +# Permissions in /var/lib/dionaea /var/log/dionaea for the dionaea account are right +addFilter('dionaea.*: non-standard-uid /var/l../dionaea.*dionaea') +addFilter('dionaea.*: non-standard-gid /var/l../dionaea.*dionaea') +addFilter('dionaea.*: non-standard-dir-perm /var/l../dionaea.*750') + +# Yes the two manpages are missing +addFilter('dionaea.*: no-manual-page-for-binary gnuplotsql') +addFilter('dionaea.*: no-manual-page-for-binary readlogsqltree') + +# Postun has 2 branch conditional, is not empty +addFilter('dionaea.*: empty-%postun') + diff --git a/dionaea.service b/dionaea.service new file mode 100644 index 0000000..238a653 --- /dev/null +++ b/dionaea.service @@ -0,0 +1,17 @@ +[Unit] +Description=Dionaea low interaction honeypot +Documentation=man:dionaea https://dionaea.readthedocs.io/ +After=multi-user.target + +[Service] +Type=forking +Restart=on-abort +RestartSec=1s +PIDFile=/var/run/dionaea.pid +EnvironmentFile=-/etc/sysconfig/dionaea +ExecStart=/usr/sbin/dionaea -D $DUSER $DGROUP $DWORKDIR $LOGLEVELS $LOGDOMAINS $PIDFILE $MISC + + +[Install] +WantedBy=dionaea.target + diff --git a/dionaea.spec b/dionaea.spec new file mode 100644 index 0000000..99687ff --- /dev/null +++ b/dionaea.spec @@ -0,0 +1,447 @@ +Name: dionaea +Version: 0.11.0 +Summary: Low interaction honeypot + +%if 0%{?rhel} +# Group needed for EPEL +Group: Applications/System +%endif + +# Dionaea package is licensed with GPLv2 +# On top of that it is granting one exception extra - it is permitted by the license +# to link modified binary files in the src/ directory against the openssl libraries. +# Automatically converted from old format: GPLv2 with exceptions - review is highly recommended. +License: LicenseRef-Callaway-GPLv2-with-exceptions +URL: https://dionaea.readthedocs.io/ +# Current source: +VCS: git:https://github.com/DinoTools/dionaea +# Original site (dissappeared in 2013, but still available from archives): +# https://dionaea.carnivore.it -> https://web.archive.org/web/20150820080019/https://dionaea.carnivore.it +# Another forks: +# https://github.com/rep/dionaea +# https://gitlab.labs.nic.cz/honeynet/dionaea/ +# https://github.com/devwerks/dionaea +# https://github.com/RootingPuntoEs/DionaeaFR/ +# https://github.com/ManiacTwister/dionaea/ +# https://github.com/tklengyel/dionaea +# https://github.com/rep/dionaea +# Installation: +# https://www.aldeid.com/wiki/Dionaea/Installation + + + +# Specification of the used GIT commit +%global gituser DinoTools +%global gitname dionaea +%global commit 4e459f1b672a5b4c1e8335c0bff1b93738019215 +%global gitdate 20210228 +%global shortcommit %(c=%{commit}; echo ${c:0:7}) + + +# Use systemd unit files on Fedora and RHEL 7 and above. +%bcond_without systemd +%if (0%{?rhel} && 0%{?rhel} < 7) +%bcond_with systemd +%endif + + +# By default build from official release +# leave option here to build from git snapshot instead +%bcond_without snapshot + + +%if 0%{?with_snapshot} +# not using 0. on the beginning of release as this git snapshot is past the 0.7.0 release +Release: %autorelease -s %{gitdate}git%{shortcommit} +Source0: https://github.com/%{gituser}/%{gitname}/archive/%{commit}/%{name}-%{version}-%{shortcommit}.tar.gz +%else +Release: %autorelease +Source0: https://github.com/%{gituser}/%{gitname}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz +%endif + +Source1: %{name}.sysconfig +Source2: %{name}.initd +Source3: %{name}.service +Source4: %{name}.logrotate + + + +# ipv6 structures in are used by the +# ipv6 structures needs explicit CFLAGS " -D_GNU_SOURCE" to compile on linux +# just cosmetics +# Reported https://github.com/DinoTools/dionaea/pull/343 +Patch3: dionaea-03_in6_pktinfo.patch + + +# Fix hardcoded lib dir +# https://github.com/DinoTools/dionaea/pull/181 +# https://github.com/DinoTools/dionaea/pull/209 +# Patch8: dionaea-08_modules_libdir.patch + + +# Patch to explicitly state the python module version to the setup.py +# Patch12: dionaea-12_py_module_version.patch + +# Replace deprecated PyUnicode_GetSize with PyUnicode_GetLength +# Patch13: dionaea-13_GetSize_deprecated.patch + +# Trying to identify the mole +# Patch14: dionaea-14_safe_load.patch + +# Python 3.13 compatibility +# Change PyEval_CallObject to PyObject_CallObject +# Reported https://github.com/DinoTools/dionaea/pull/343 +Patch15: dionaea-15_pyeval_callobject.patch + +# Cmake list APPEND operation is adding unwanted semicolon to CFLAGS +# Reported https://github.com/DinoTools/dionaea/pull/343 +Patch16: dionaea-16_cmake_append_flags.patch + +# Cmake dirs +# Reported https://github.com/DinoTools/dionaea/pull/343 +Patch17: dionaea-17_cmake_dirs.patch + +# A lot of regexes in dionaea project is not declared as raw strings +# python3 tries to resolve the escape sequences +# Reported https://github.com/DinoTools/dionaea/pull/343 +Patch18: dionaea-18_python_regex.patch + +# Switch from distutils to setuptools +# do not install to egg directory +# Reported https://github.com/DinoTools/dionaea/pull/343 +Patch19: dionaea-19_setuptools.patch + +# Fix compatibility with Cython >= 3.1 +# Reported https://github.com/DinoTools/dionaea/pull/345 +Patch20: dionaea-20_fix_cython3.1_build.patch + +%if 0%{?fedora} || 0%{?rhel} >= 8 +BuildRequires: cmake +BuildRequires: cmake-rpm-macros +%else +BuildRequires: cmake3 +%endif + +BuildRequires: make +BuildRequires: libtool +BuildRequires: flex +BuildRequires: bison +BuildRequires: pkgconfig +BuildRequires: sqlite +BuildRequires: git + +BuildRequires: libev-devel +BuildRequires: libemu-devel +BuildRequires: udns-devel +BuildRequires: libnl3-devel +BuildRequires: glib2-devel +BuildRequires: curl-devel +BuildRequires: readline-devel +BuildRequires: libpcap-devel +BuildRequires: libsq3-devel +BuildRequires: sqlite +BuildRequires: openssl-devel + +BuildRequires: python%{python3_pkgversion}-devel +BuildRequires: python%{python3_pkgversion}-setuptools +BuildRequires: python%{python3_pkgversion}-Cython + +%if 0%{?with_systemd} +BuildRequires: systemd-units +%endif + + +# Optional dependencies +BuildRequires: loudmouth-devel +BuildRequires: libnetfilter_queue-devel +BuildRequires: libnl3-devel + + +# Missing dependencies + + +# Documentation generation +%if 0%{?rhel} && 0%{?rhel} <= 7 +BuildRequires: python-sphinx +%else +BuildRequires: python3-sphinx +%endif +BuildRequires: make + +Requires: logrotate + +# Base package can't run without the python module +Requires: python%{python3_pkgversion}-dionaea + +%if 0%{?with_systemd} +%{?systemd_requires} +%else +Requires(post): chkconfig +Requires(preun): chkconfig +Requires(preun): initscripts +Requires(postun): initscripts +%endif + + +%description +Dionaea is low interaction honeypot. It is meant to be a nepenthes successor, +embedding python as scripting language, using libemu to detect shell-codes, +supporting ipv6 and TLS. + + +# ============= documentation package ========================================== +%package doc +Summary: Documentation for the dionaea honeypot package +BuildArch: noarch + + +%description doc +This is documentation for the dionaea honeypot package. +Dionaea is low interaction honeypot. It is meant to be a nepenthes successor, +embedding python as scripting language, using libemu to detect shell-codes, +supporting ipv6 and TLS. + + + +# ============= python3 package ================================================ +%package -n python%{python3_pkgversion}-%{gitname} +Summary: Python3 binding for the dionaea honeypot +%{?python_provide:%python_provide python%{python3_pkgversion}-%{gitname}} + +# Runtime dependencies +Requires: python%{python3_pkgversion}-bson +Requires: python%{python3_pkgversion}-PyYAML +Requires: python%{python3_pkgversion}-scapy +Requires: python%{python3_pkgversion}-sqlalchemy + +%description -n python%{python3_pkgversion}-%{gitname} +This is a Python3 library that gives access to dionaea honeypot functionality. + + + +# ============= preparation ==================================================== +%prep +%if 0%{?with_snapshot} +# Build from git snapshot +%autosetup -p 1 -n %{gitname}-%{commit} -N +%else +# Build from git release version +%autosetup -p 1 -n %{gitname}-%{version} -N +%endif + +%autopatch -p 1 + +# Unbundle the pyev library and use the system one +# https://github.com/DinoTools/dionaea/issues/169 +rm -rf modules/python/pyev + +# Fix paths: +# - remove the hardcoded prefix /opt/dionaea +# - move /var/dionaea to /var/lib/dionaea according to Linux FHS +# https://github.com/DinoTools/dionaea/issues/168 +# https://github.com/DinoTools/dionaea/issues/256 +sed -i -e "s|/opt/dionaea[/]*|/|g; s|/var/dionaea|/var/lib/dionaea|g;" \ + modules/python/util/gnuplotsql.py \ + modules/python/util/readlogsqltree.py \ + doc/source/tips_and_tricks.rst \ + doc/html/index.html \ + doc/source/old/configuration.rst \ + doc/source/old/seagfaults.rst \ + doc/source/old/utils.rst \ + doc/source/run.rst \ + doc/source/tips_and_tricks.rst + + +# Change var/dionaea to var/lib/dionaea for the location of sip user database +sed -i -e "s|var/dionaea|var/lib/dionaea|g;" \ + modules/python/dionaea/sip/extras.py + + + +# Scripts should run with /usr/bin/python3 shabang and not /usr/bin/env python3 or /bin/python3 +# Fedora specific - not reported upstream +sed -i -e 's|#!/bin/python3|#!/usr/bin/python3|g; s|#!/usr/bin/env python3|#!/usr/bin/python3|g;' \ + modules/python/util/readlogsqltree.py \ + modules/python/util/logsql2postgres.py \ + modules/python/util/gnuplotsql.py \ + modules/python/util/updateccs.py + +# Create a sysusers.d config file +cat >dionaea.sysusers.conf </dev/null 2>&1 || : + /sbin/chkconfig --del %{name} + fi +%endif + +%postun +%if 0%{?with_systemd} + %systemd_postun %{name}.service +%else + if [ $1 -eq 1 ] ; then + /sbin/service %{name} condrestart >/dev/null 2>&1 || : + fi +%endif + + + + + + +# ============= package files ================================================== +%files +%license LICENSE src/LICENSE.openssl +%doc README.md CHANGELOG.rst CONTRIBUTING.rst +%dir %{_sysconfdir}/%{name} +%config(noreplace) %{_sysconfdir}/%{name}/* +%config(noreplace) %{_sysconfdir}/sysconfig/%{name} +%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} +%{_sbindir}/%{name} +%{_libdir}/%{name}/ +%exclude %{_libdir}/%{name}/python.so +%{_mandir}/man1/%{name}.1.* +%attr(0750,dionaea,dionaea) %dir %{_localstatedir}/log/%{name} +%attr(0750,dionaea,dionaea) %dir %{_sharedstatedir}/%{name} +%attr(0750,dionaea,dionaea) %dir %{_sharedstatedir}/%{name}/binaries +%attr(0750,dionaea,dionaea) %dir %{_sharedstatedir}/%{name}/bistreams +%attr(-,dionaea,dionaea) %{_sharedstatedir}/%{name}/roots/ +%attr(-,dionaea,dionaea) %{_sharedstatedir}/%{name}/dionaea.sqlite +%attr(-,dionaea,dionaea) %{_sharedstatedir}/%{name}/dionaea_incident.sqlite +%attr(-,dionaea,dionaea) %{_sharedstatedir}/%{name}/sipaccounts.sqlite +%{_sharedstatedir}/%{name}/http + +# TODO python utils currently not packed +# %%{_bindir}/gnuplotsql +# %%{_bindir}/readlogsqltree + + + +%if 0%{?with_systemd} +%{_unitdir}/*.service +%else +%{_initrddir}/* +%endif +%{_sysusersdir}/dionaea.conf + + + +%files doc +%doc README.md +%doc html + + + +%files -n python%{python3_pkgversion}-%{gitname} +%license LICENSE +%doc README.md +%{_libdir}/%{name}/python.so +%{python3_sitearch}/%{name}* +# %%{python3_sitearch}/%%{name}-*egg-info + + +%changelog +%autochangelog diff --git a/dionaea.sysconfig b/dionaea.sysconfig new file mode 100644 index 0000000..fcda71e --- /dev/null +++ b/dionaea.sysconfig @@ -0,0 +1,18 @@ +# Dionaea commandline options +DUSER='--user=dionaea' + +DGROUP='--group=dionaea' + +DWORKDIR='--workingdir=/' + +#LOGLEVELS='--log-levels=all' +LOGLEVELS='--log-levels=all,-debug' + +#LOGDOMAINS='--log-domains=con*,py*' +LOGDOMAINS='--log-domains=*' + +PIDFILE='--pid-file=/var/run/dionaea.pid' + +#MISC='--chroot=/dionaea/chrootdir' +MISC='' + diff --git a/sources b/sources new file mode 100644 index 0000000..90fe3da --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (dionaea-0.11.0-4e459f1.tar.gz) = d9f26b2b88d86ff5d94c80f4b0b7a22dcff062ced3cba64b295a1927e39d010d8c8dfc4e6771a1c8ed925955ea9490c50fc8f16d34e6884df24b77f9fc36326b