diff options
| author | Carlo Landmeter <clandmeter@gmail.com> | 2016-08-25 15:26:24 +0200 |
|---|---|---|
| committer | Carlo Landmeter <clandmeter@gmail.com> | 2016-08-25 15:26:24 +0200 |
| commit | b6af1e02efe594039707cd882517663d5370f375 (patch) | |
| tree | ff9c2d55873e051e82972ba64c017352d3a75d34 /unmaintained/dsniff/10_urlsnarf_escape.patch | |
| parent | a71346b7acebc600960a98c84fb32cfd72fe864b (diff) | |
| download | aports-b6af1e02efe594039707cd882517663d5370f375.tar.bz2 aports-b6af1e02efe594039707cd882517663d5370f375.tar.xz | |
testing/[multiple]: move unmaintained packages
This moves all packages from testing to unmaintained which have not been
updated for atleast 6 months. If you are affected by this commit please follow
this proceddure:
* make sure your packages build on all architectures
* move your pacakge(s) back to testing
* if you want to keep this package and can maintain it (or find somebody to
maintain it for you) for a minimum of 6 months ask it to be moved to community
Diffstat (limited to 'unmaintained/dsniff/10_urlsnarf_escape.patch')
| -rw-r--r-- | unmaintained/dsniff/10_urlsnarf_escape.patch | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/unmaintained/dsniff/10_urlsnarf_escape.patch b/unmaintained/dsniff/10_urlsnarf_escape.patch new file mode 100644 index 0000000000..c1aad38cba --- /dev/null +++ b/unmaintained/dsniff/10_urlsnarf_escape.patch @@ -0,0 +1,85 @@ +Author: Hilko Bengen <bengen@debian.org> +Description: Escape user, vhost, uri, referer, agent strings in log (Closes: #372536). +--- a/urlsnarf.c 2011-06-19 17:15:18.023999373 -0500 ++++ b/urlsnarf.c 2011-06-19 17:15:21.627999373 -0500 +@@ -84,6 +84,43 @@ + return (tstr); + } + ++static char * ++escape_log_entry(char *string) ++{ ++ char *out; ++ unsigned char *c, *o; ++ size_t len; ++ ++ if (!string) ++ return NULL; ++ ++ /* Determine needed length */ ++ for (c = string, len = 0; *c; c++) { ++ if ((*c < 32) || (*c >= 128)) ++ len += 4; ++ else if ((*c == '"') || (*c =='\\')) ++ len += 2; ++ else ++ len++; ++ } ++ out = malloc(len+1); ++ if (!out) ++ return NULL; ++ for (c = string, o = out; *c; c++, o++) { ++ if ((*c < 32) || (*c >= 128)) { ++ snprintf(o, 5, "\\x%02x", *c); ++ o += 3; ++ } else if ((*c == '"') || ((*c =='\\'))) { ++ *(o++) = '\\'; ++ *o = *c; ++ } else { ++ *o = *c; ++ } ++ } ++ out[len]='\0'; ++ return out; ++} ++ + static int + process_http_request(struct tuple4 *addr, u_char *data, int len) + { +@@ -142,18 +179,26 @@ + buf_tok(NULL, NULL, i); + } + } +- if (user == NULL) +- user = "-"; +- if (vhost == NULL) +- vhost = libnet_addr2name4(addr->daddr, Opt_dns); +- if (referer == NULL) +- referer = "-"; +- if (agent == NULL) +- agent = "-"; +- ++ user = escape_log_entry(user); ++ vhost = escape_log_entry(vhost); ++ uri = escape_log_entry(uri); ++ referer = escape_log_entry(referer); ++ agent = escape_log_entry(agent); ++ + printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n", + libnet_addr2name4(addr->saddr, Opt_dns), +- user, timestamp(), req, vhost, uri, referer, agent); ++ (user?user:"-"), ++ timestamp(), req, ++ (vhost?vhost:libnet_addr2name4(addr->daddr, Opt_dns)), ++ uri, ++ (referer?referer:"-"), ++ (agent?agent:"-")); ++ ++ free(user); ++ free(vhost); ++ free(uri); ++ free(referer); ++ free(agent); + } + fflush(stdout); + |