Commit 1800f08e authored by Raphaël Hertzog's avatar Raphaël Hertzog

Import Upstream version 0.7

parent c7a56e72
Moxie Marlinspike
moxie@thoughtcrime.org
http://www.thoughtcrime.org
Contributions:
Daniel Roethlisberger <daniel@roe.ch> -
Bug fixes and BSD pf support.
\ No newline at end of file
......@@ -53,7 +53,8 @@ bool HTTPSBridge::readFromClient() {
int bytesWritten;
do {
if ((bytesRead = SSL_read(clientSession, buf, sizeof(buf))) <= 0) return false;
if ((bytesRead = SSL_read(clientSession, buf, sizeof(buf))) <= 0)
return SSL_get_error(clientSession, bytesRead) == SSL_ERROR_WANT_READ ? true : false;
Logger::logFromClient(serverName, buf, bytesRead);
......
......@@ -2,10 +2,12 @@ Installation Instructions
*************************
Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
2006, 2007, 2008 Free Software Foundation, Inc.
2006, 2007, 2008, 2009 Free Software Foundation, Inc.
This file is free documentation; the Free Software Foundation gives
unlimited permission to copy, distribute and modify it.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved. This file is offered as-is,
without warranty of any kind.
Basic Installation
==================
......@@ -13,7 +15,11 @@ Basic Installation
Briefly, the shell commands `./configure; make; make install' should
configure, build, and install this package. The following
more-detailed instructions are generic; see the `README' file for
instructions specific to this package.
instructions specific to this package. Some packages provide this
`INSTALL' file but do not implement all of the features documented
below. The lack of an optional feature in a given package is not
necessarily a bug. More recommendations for GNU packages can be found
in *note Makefile Conventions: (standards)Makefile Conventions.
The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
......@@ -42,7 +48,7 @@ may remove or edit it.
you want to change it or regenerate `configure' using a newer version
of `autoconf'.
The simplest way to compile this package is:
The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system.
......@@ -53,12 +59,22 @@ The simplest way to compile this package is:
2. Type `make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with
the package.
the package, generally using the just-built uninstalled binaries.
4. Type `make install' to install the programs and any data files and
documentation.
5. You can remove the program binaries and object files from the
documentation. When installing into a prefix owned by root, it is
recommended that the package be configured and built as a regular
user, and only the `make install' phase executed with root
privileges.
5. Optionally, type `make installcheck' to repeat any self-tests, but
this time using the binaries in their final installed location.
This target does not install anything. Running this target as a
regular user, particularly if the prior `make install' required
root privileges, verifies that the installation completed
correctly.
6. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the
files that `configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is
......@@ -67,8 +83,15 @@ The simplest way to compile this package is:
all sorts of other programs in order to regenerate files that came
with the distribution.
6. Often, you can also type `make uninstall' to remove the installed
files again.
7. Often, you can also type `make uninstall' to remove the installed
files again. In practice, not all packages have tested that
uninstallation works correctly, even though it is required by the
GNU Coding Standards.
8. Some packages, particularly those that use Automake, provide `make
distcheck', which can by used by developers to test that all other
targets like `make install' and `make uninstall' work correctly.
This target is generally not run by end users.
Compilers and Options
=====================
......@@ -93,7 +116,8 @@ same time, by placing the object files for each architecture in their
own directory. To do this, you can use GNU `make'. `cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
source code in the directory that `configure' is in and in `..'.
source code in the directory that `configure' is in and in `..'. This
is known as a "VPATH" build.
With a non-GNU `make', it is safer to compile the package for one
architecture at a time in the source code directory. After you have
......@@ -120,7 +144,8 @@ Installation Names
By default, `make install' installs the package's commands under
`/usr/local/bin', include files under `/usr/local/include', etc. You
can specify an installation prefix other than `/usr/local' by giving
`configure' the option `--prefix=PREFIX'.
`configure' the option `--prefix=PREFIX', where PREFIX must be an
absolute file name.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
......@@ -131,15 +156,46 @@ Documentation and other data files still use the regular prefix.
In addition, if you use an unusual directory layout you can give
options like `--bindir=DIR' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories
you can set and what kinds of files go in them.
you can set and what kinds of files go in them. In general, the
default for these options is expressed in terms of `${prefix}', so that
specifying just `--prefix' will affect all of the other directory
specifications that were not explicitly provided.
The most portable way to affect installation locations is to pass the
correct locations to `configure'; however, many packages provide one or
both of the following shortcuts of passing variable assignments to the
`make install' command line to change installation locations without
having to reconfigure or recompile.
The first method involves providing an override variable for each
affected directory. For example, `make install
prefix=/alternate/directory' will choose an alternate location for all
directory configuration variables that were expressed in terms of
`${prefix}'. Any directories that were specified during `configure',
but not in terms of `${prefix}', must each be overridden at install
time for the entire installation to be relocated. The approach of
makefile variable overrides for each directory variable is required by
the GNU Coding Standards, and ideally causes no recompilation.
However, some platforms have known limitations with the semantics of
shared libraries that end up requiring recompilation when using this
method, particularly noticeable in packages that use GNU Libtool.
The second method involves providing the `DESTDIR' variable. For
example, `make install DESTDIR=/alternate/directory' will prepend
`/alternate/directory' before all installation names. The approach of
`DESTDIR' overrides is not required by the GNU Coding Standards, and
does not work on platforms that have drive letters. On the other hand,
it does better at avoiding recompilation issues, and works well even
when some directory options were not specified in terms of `${prefix}'
at `configure' time.
Optional Features
=================
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
Optional Features
=================
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE
......@@ -152,6 +208,13 @@ find the X include and library files automatically, but if it doesn't,
you can use the `configure' options `--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations.
Some packages offer the ability to configure how verbose the
execution of `make' will be. For these packages, running `./configure
--enable-silent-rules' sets the default to minimal output, which can be
overridden with `make V=1'; while running `./configure
--disable-silent-rules' sets the default to verbose, which can be
overridden with `make V=0'.
Particular systems
==================
......@@ -159,7 +222,7 @@ Particular systems
CC is not installed, it is recommended to use the following options in
order to use an ANSI C compiler:
./configure CC="cc -Ae"
./configure CC="cc -Ae -D_XOPEN_SOURCE=500"
and if that doesn't work, install pre-built binaries of GCC for HP-UX.
......@@ -174,6 +237,16 @@ and if that doesn't work, try
./configure CC="cc -nodtk"
On Solaris, don't put `/usr/ucb' early in your `PATH'. This
directory contains several dysfunctional programs; working variants of
these programs are available in `/usr/bin'. So, if you need `/usr/ucb'
in your `PATH', put it _after_ `/usr/bin'.
On Haiku, software installed for all users goes in `/boot/common',
not `/usr/local'. It is recommended to use the following options:
./configure --prefix=/boot/common
Specifying the System Type
==========================
......@@ -189,7 +262,8 @@ type, such as `sun4', or a canonical name which has the form:
where SYSTEM can have one of these forms:
OS KERNEL-OS
OS
KERNEL-OS
See the file `config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't
......@@ -277,7 +351,7 @@ operates.
`configure' can determine that directory automatically.
`--prefix=DIR'
Use DIR as the installation prefix. *Note Installation Names::
Use DIR as the installation prefix. *note Installation Names::
for more details, including other options available for fine-tuning
the installation locations.
......
......@@ -2,7 +2,7 @@ AM_CXXFLAGS = -ggdb
bin_PROGRAMS = sslsniff
sslsniff_SOURCES = Bridge.hpp SSLConnectionManager.cpp FingerprintManager.hpp FirefoxAddonUpdater.hpp FirefoxUpdater.hpp HTTPSBridge.hpp Logger.hpp RawBridge.hpp SessionCache.hpp SSLBridge.hpp SSLConnectionManager.hpp sslsniff.hpp UpdateManager.hpp certificate/AuthorityCertificateManager.hpp certificate/Certificate.hpp certificate/CertificateManager.hpp certificate/TargetedCertificateManager.hpp http/HttpBridge.hpp http/HttpConnectionManager.hpp http/HttpHeaders.hpp http/OCSPDenier.hpp util/Destination.hpp util/Util.hpp FirefoxUpdater.cpp Logger.cpp SessionCache.cpp SSLBridge.cpp HTTPSBridge.cpp sslsniff.cpp FingerprintManager.cpp certificate/AuthorityCertificateManager.cpp certificate/TargetedCertificateManager.cpp certificate/CertificateManager.cpp http/HttpBridge.cpp http/HttpConnectionManager.cpp http/HttpHeaders.cpp UpdateManager.cpp http/OCSPDenier.cpp FirefoxAddonUpdater.cpp
sslsniff_SOURCES = Bridge.hpp SSLConnectionManager.cpp FingerprintManager.hpp FirefoxAddonUpdater.hpp FirefoxUpdater.hpp HTTPSBridge.hpp Logger.hpp RawBridge.hpp SessionCache.hpp SSLBridge.hpp SSLConnectionManager.hpp sslsniff.hpp UpdateManager.hpp certificate/AuthorityCertificateManager.hpp certificate/Certificate.hpp certificate/CertificateManager.hpp certificate/TargetedCertificateManager.hpp http/HttpBridge.hpp http/HttpConnectionManager.hpp http/HttpHeaders.hpp http/OCSPDenier.hpp util/Destination.cpp util/Destination.hpp util/Util.hpp FirefoxUpdater.cpp Logger.cpp SessionCache.cpp SSLBridge.cpp HTTPSBridge.cpp sslsniff.cpp FingerprintManager.cpp certificate/AuthorityCertificateManager.cpp certificate/TargetedCertificateManager.cpp certificate/CertificateManager.cpp http/HttpBridge.cpp http/HttpConnectionManager.cpp http/HttpHeaders.cpp UpdateManager.cpp http/OCSPDenier.cpp FirefoxAddonUpdater.cpp
sslsniff_LDFLAGS = -lssl -lboost_filesystem -lpthread -lboost_thread -llog4cpp
......
This diff is collapsed.
sslsniff v0.6
sslsniff v0.7
Moxie Marlinspike <moxie@thoughtcrime.org>
------------------------------------
REQUIRES: openssl, libboost1.35-dev, libboost-filesystem1.35-dev,
libboost-thread1.35-dev, liblog4cpp5-dev, Linux 2.4/2.6
libboost-thread1.35-dev, liblog4cpp5-dev, Linux 2.4/2.6 (or BSD)
The three steps to get this running are:
* Download and run sslsniff-0.6.tar.gz
* Setup iptables
* Setup iptables (or pf on BSD)
* Run arpspoof (or whatever method you'd like to use to redirect traffic).
Installing sslsniff
-------------------
* Unpack sslsniff-0.6.tar.gz, run "./configure" and "make".
* Unpack sslsniff-0.6.tar.gz, run "./configure" and "make". (You'll have
to make some changes to build on BSD systems, see below under "Setting up
pf")
* There are two ways to run this: in "authority" mode or "targeted" mode.
Authority Mode:
......@@ -98,6 +100,13 @@ Setting up iptables
(iptables -t nat -A PREROUTING -p tcp --destination-port 6697 \
-j REDIRECT --to-ports <$listenPort>)
Setting up pf
-------------
Basic support for pf is now included. Set up firewall rules similar to
those above, and change util/Destination.cpp by undefining HAVE_NETFILTER
and defining HAVE_PF at the top.
Running arpspoof
--------------------------
......
......@@ -125,7 +125,7 @@ void SSLBridge::shuttleData() {
if (isAvailable(fds[0].revents)) if (!readFromClient()) return;
if (isAvailable(fds[1].revents)) if (!readFromServer()) return;
if (isClosed(fds[0].revents)) return;
if (isClosed(fds[0].revents)) return;
if (isClosed(fds[1].revents)) return;
}
}
......@@ -144,12 +144,15 @@ bool SSLBridge::readFromClient() {
int bytesWritten;
do {
if ((bytesRead = SSL_read(clientSession, buf, sizeof(buf))) <= 0) return false;
if ((bytesWritten = SSL_write(serverSession, buf, bytesRead)) <= 0) return false;
if ((bytesRead = SSL_read(clientSession, buf, sizeof(buf))) <= 0)
return SSL_get_error(clientSession, bytesRead) == SSL_ERROR_WANT_READ ? true : false;
if ((bytesWritten = SSL_write(serverSession, buf, bytesRead)) <= 0)
return false; // FIXME
Logger::logFromClient(serverName, buf, bytesRead);
} while (SSL_pending(serverSession));
} while (SSL_pending(clientSession));
return true;
}
......@@ -160,8 +163,11 @@ bool SSLBridge::readFromServer() {
int bytesWritten;
do {
if ((bytesRead = SSL_read(serverSession, buf, sizeof(buf))) <= 0) return false;
if ((bytesWritten = SSL_write(clientSession, buf, bytesRead)) < bytesRead) return false;
if ((bytesRead = SSL_read(serverSession, buf, sizeof(buf))) <= 0)
return SSL_get_error(serverSession, bytesRead) == SSL_ERROR_WANT_READ ? true : false;
if ((bytesWritten = SSL_write(clientSession, buf, bytesRead)) < bytesRead)
return false; // FIXME
Logger::logFromServer(serverName, buf, bytesRead);
} while (SSL_pending(serverSession));
......
This diff is collapsed.
This diff is collapsed.
AC_INIT(sslsniff.cpp)
AM_INIT_AUTOMAKE(sslsniff,0.6)
AM_INIT_AUTOMAKE(sslsniff,0.7)
AC_PROG_CC
AC_PROG_CXX
AC_PROG_INSTALL
......
#! /bin/sh
# depcomp - compile a program generating dependencies as side-effects
scriptversion=2007-03-29.01
scriptversion=2009-04-28.21; # UTC
# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007 Free Software
# Foundation, Inc.
# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009 Free
# Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
......@@ -17,9 +17,7 @@ scriptversion=2007-03-29.01
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301, USA.
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
......@@ -87,6 +85,15 @@ if test "$depmode" = dashXmstdout; then
depmode=dashmstdout
fi
cygpath_u="cygpath -u -f -"
if test "$depmode" = msvcmsys; then
# This is just like msvisualcpp but w/o cygpath translation.
# Just convert the backslash-escaped backslashes to single forward
# slashes to satisfy depend.m4
cygpath_u="sed s,\\\\\\\\,/,g"
depmode=msvisualcpp
fi
case "$depmode" in
gcc3)
## gcc 3 implements dependency tracking that does exactly what
......@@ -192,14 +199,14 @@ sgi)
' < "$tmpdepfile" \
| sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \
tr '
' ' ' >> $depfile
echo >> $depfile
' ' ' >> "$depfile"
echo >> "$depfile"
# The second pass generates a dummy entry for each header file.
tr ' ' '
' < "$tmpdepfile" \
| sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
>> $depfile
>> "$depfile"
else
# The sourcefile does not contain any dependencies, so just
# store a dummy comment line, to avoid errors with the Makefile
......@@ -328,7 +335,12 @@ hp2)
if test -f "$tmpdepfile"; then
sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile"
# Add `dependent.h:' lines.
sed -ne '2,${; s/^ *//; s/ \\*$//; s/$/:/; p;}' "$tmpdepfile" >> "$depfile"
sed -ne '2,${
s/^ *//
s/ \\*$//
s/$/:/
p
}' "$tmpdepfile" >> "$depfile"
else
echo "#dummy" > "$depfile"
fi
......@@ -404,7 +416,7 @@ dashmstdout)
# Remove the call to Libtool.
if test "$libtool" = yes; then
while test $1 != '--mode=compile'; do
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
......@@ -455,32 +467,39 @@ makedepend)
"$@" || exit $?
# Remove any Libtool call
if test "$libtool" = yes; then
while test $1 != '--mode=compile'; do
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
# X makedepend
shift
cleared=no
for arg in "$@"; do
cleared=no eat=no
for arg
do
case $cleared in
no)
set ""; shift
cleared=yes ;;
esac
if test $eat = yes; then
eat=no
continue
fi
case "$arg" in
-D*|-I*)
set fnord "$@" "$arg"; shift ;;
# Strip any option that makedepend may not understand. Remove
# the object too, otherwise makedepend will parse it as a source file.
-arch)
eat=yes ;;
-*|$object)
;;
*)
set fnord "$@" "$arg"; shift ;;
esac
done
obj_suffix="`echo $object | sed 's/^.*\././'`"
obj_suffix=`echo "$object" | sed 's/^.*\././'`
touch "$tmpdepfile"
${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
rm -f "$depfile"
......@@ -500,7 +519,7 @@ cpp)
# Remove the call to Libtool.
if test "$libtool" = yes; then
while test $1 != '--mode=compile'; do
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
......@@ -538,13 +557,27 @@ cpp)
msvisualcpp)
# Important note: in order to support this mode, a compiler *must*
# always write the preprocessed file to stdout, regardless of -o,
# because we must use -o when running libtool.
# always write the preprocessed file to stdout.
"$@" || exit $?
# Remove the call to Libtool.
if test "$libtool" = yes; then
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
IFS=" "
for arg
do
case "$arg" in
-o)
shift
;;
$object)
shift
;;
"-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
set fnord "$@"
shift
......@@ -557,16 +590,23 @@ msvisualcpp)
;;
esac
done
"$@" -E |
sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::echo "`cygpath -u \\"\1\\"`":p' | sort | uniq > "$tmpdepfile"
"$@" -E 2>/dev/null |
sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile"
rm -f "$depfile"
echo "$object : \\" > "$depfile"
. "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s:: \1 \\:p' >> "$depfile"
sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s:: \1 \\:p' >> "$depfile"
echo " " >> "$depfile"
. "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::\1\::p' >> "$depfile"
sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile"
rm -f "$tmpdepfile"
;;
msvcmsys)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
none)
exec "$@"
;;
......@@ -585,5 +625,6 @@ exit 0
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-end: "$"
# time-stamp-time-zone: "UTC"
# time-stamp-end: "; # UTC"
# End:
......@@ -29,9 +29,6 @@
#include <string>
#include <map>
#include <linux/netfilter_ipv4.h>
#include <arpa/inet.h>
#include "../util/Destination.hpp"
#include "../util/Util.hpp"
#include "../FingerprintManager.hpp"
......
#!/bin/sh
# install - install a program, script, or datafile
scriptversion=2006-12-25.00
scriptversion=2009-04-28.21; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
......@@ -515,5 +515,6 @@ done
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-end: "$"
# time-stamp-time-zone: "UTC"
# time-stamp-end: "; # UTC"
# End:
#! /bin/sh
# Common stub for a few missing GNU programs while installing.
scriptversion=2006-05-10.23
scriptversion=2009-04-28.21; # UTC
# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006
# Free Software Foundation, Inc.
# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006,
# 2008, 2009 Free Software Foundation, Inc.
# Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify
......@@ -18,9 +18,7 @@ scriptversion=2006-05-10.23
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301, USA.
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
......@@ -89,6 +87,9 @@ Supported PROGRAM values:
tar try tar, gnutar, gtar, then tar without non-portable flags
yacc create \`y.tab.[ch]', if possible, from existing .[ch]
Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and
\`g' are ignored when checking the name.
Send bug reports to <bug-automake@gnu.org>."
exit $?
;;
......@@ -106,15 +107,22 @@ Send bug reports to <bug-automake@gnu.org>."
esac
# normalize program name to check for.
program=`echo "$1" | sed '
s/^gnu-//; t
s/^gnu//; t
s/^g//; t'`
# Now exit if we have it, but it failed. Also exit now if we
# don't have it and --version was passed (most likely to detect
# the program).
# the program). This is about non-GNU programs, so use $1 not
# $program.
case $1 in
lex|yacc)
lex*|yacc*)
# Not GNU programs, they don't have --version.
;;
tar)
tar*)
if test -n "$run"; then
echo 1>&2 "ERROR: \`tar' requires --run"
exit 1
......@@ -138,7 +146,7 @@ esac
# If it does not exist, or fails to run (possibly an outdated version),
# try to emulate it.
case $1 in
case $program in
aclocal*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
......@@ -148,7 +156,7 @@ WARNING: \`$1' is $msg. You should only need it if
touch aclocal.m4
;;
autoconf)
autoconf*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified \`${configure_ac}'. You might want to install the
......@@ -157,7 +165,7 @@ WARNING: \`$1' is $msg. You should only need it if
touch configure
;;
autoheader)
autoheader*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified \`acconfig.h' or \`${configure_ac}'. You might want
......@@ -187,7 +195,7 @@ WARNING: \`$1' is $msg. You should only need it if
while read f; do touch "$f"; done
;;
autom4te)
autom4te*)
echo 1>&2 "\
WARNING: \`$1' is needed, but is $msg.
You might have modified some files without having the
......@@ -210,7 +218,7 @@ WARNING: \`$1' is needed, but is $msg.
fi
;;
bison|yacc)
bison*|yacc*)
echo 1>&2 "\
WARNING: \`$1' $msg. You should only need it if
you modified a \`.y' file. You may need the \`Bison' package
......@@ -240,7 +248,7 @@ WARNING: \`$1' $msg. You should only need it if
fi
;;
lex|flex)
lex*|flex*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified a \`.l' file. You may need the \`Flex' package
......@@ -263,7 +271,7 @@ WARNING: \`$1' is $msg. You should only need it if
fi
;;
help2man)
help2man*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified a dependency of a manual page. You may need the
......@@ -277,11 +285,11 @@ WARNING: \`$1' is $msg. You should only need it if
else
test -z "$file" || exec >$file
echo ".ab help2man is required to generate this page"
exit 1
exit $?
fi
;;
makeinfo)
makeinfo*)
echo 1>&2 "\
WARNING: \`$1' is $msg. You should only need it if
you modified a \`.texi' or \`.texinfo' file, or any other file
......@@ -310,7 +318,7 @@ WARNING: \`$1' is $msg. You should only need it if
touch $file
;;
tar)
tar*)
shift
# We have already tried tar in the generic part.
......@@ -363,5 +371,6 @@ exit 0
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-end: "$"
# time-stamp-time-zone: "UTC"
# time-stamp-end: "; # UTC"
# End:
/*
* Copyright (c) 2002-2009 Moxie Marlinspike
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
* USA
*/
// XXX define one of these through autoconf
//#define HAVE_PF
#define HAVE_NETFILTER
#include <arpa/inet.h>
#ifdef HAVE_NETFILTER
#include <limits.h>
#include <linux/netfilter_ipv4.h>
#endif
#ifdef HAVE_PF
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/fcntl.h>
#include <net/if.h>
#include <netinet/in.h>
#include <net/pfvar.h>
#endif
#include "util/Destination.hpp"
int Destination::getOriginalDestination(boost::asio::ip::tcp::socket &socket,
boost::asio::ip::tcp::endpoint &originalDestination)
{
#ifdef HAVE_NETFILTER
struct sockaddr_in serverAddr;
int fd = (int)socket.native();
int size = sizeof(serverAddr);
if (getsockopt(fd, SOL_IP, SO_ORIGINAL_DST, &serverAddr, (socklen_t*)&size) < 0) {