+rust-sniffglue (0.12.1-1) UNRELEASED-FIXME-AUTOGENERATED-DEBCARGO; urgency=medium
+
+ * Team upload.
+ * Package sniffglue 0.12.1 from crates.io using debcargo 2.4.4
+ * Revert nom 6 / tls-parser 0.10 related changes as we don't have those in Debian yet.
+ * Adjust relax-deps.patch for new upstream.
+ * Remove fix-dep.diff (no longer needed)
+
+ -- Peter Michael Green <plugwash@debian.org> Sun, 22 Aug 2021 13:36:05 +0000
+
rust-sniffglue (0.11.1-6) unstable; urgency=medium
* Team upload.
+++ /dev/null
-Index: sniffglue/benches/bench.rs
-===================================================================
---- sniffglue.orig/benches/bench.rs
-+++ sniffglue/benches/bench.rs
-@@ -43,7 +43,8 @@ mod tests {
- use structs::tcp::TCP::Text;
-
- use pktparse::ethernet::{MacAddress, EtherType, EthernetFrame};
-- use pktparse::ipv4::{IPv4Header, IPv4Protocol};
-+ use pktparse::ipv4::IPv4Header;
-+ use pktparse::ip::IPProtocol;
- use pktparse::tcp::TcpHeader;
-
- let mut pkt = Vec::new();
-@@ -72,7 +73,7 @@ mod tests {
- flags: 2,
- fragment_offset: 0,
- ttl: 55,
-- protocol: IPv4Protocol::TCP,
-+ protocol: IPProtocol::TCP,
- chksum: 64371,
- source_addr: "93.184.216.34".parse().unwrap(),
- dest_addr: "192.168.44.55".parse().unwrap(),
-@@ -98,14 +99,14 @@ mod tests {
- Text(String::from_utf8(HTML.to_vec()).unwrap())
- ))));
-
-- let x = centrifuge::parse(&pkt);
-+ let x = centrifuge::parse_eth(&pkt);
- assert_eq!(expected, x);
- }
-
- #[bench]
- fn bench_empty(b: &mut Bencher) {
- b.iter(|| {
-- centrifuge::parse(&[]).ok();
-+ centrifuge::parse_eth(&[]).ok();
- });
- }
-
-@@ -123,7 +124,7 @@ mod tests {
- pkt.extend(HTML.iter());
-
- b.iter(|| {
-- centrifuge::parse(&pkt).ok();
-+ centrifuge::parse_eth(&pkt).ok();
- });
- }
- }
+++ /dev/null
-Index: sniffglue/Cargo.toml
-===================================================================
---- sniffglue.orig/Cargo.toml
-+++ sniffglue/Cargo.toml
-@@ -89,7 +89,7 @@ version = "1.0"
- version = "1.0"
-
- [dependencies.sha2]
--version = "0.8"
-+version = "0.9"
-
- [dependencies.structopt]
- version = "0.3"
---- a/Cargo.toml
-+++ b/Cargo.toml
-@@ -43,7 +43,7 @@
- version = "0.2.0"
+Index: sniffglue/Cargo.toml
+===================================================================
+--- sniffglue.orig/Cargo.toml
++++ sniffglue/Cargo.toml
+@@ -52,7 +52,7 @@ version = "2.0"
+ version = "0.8"
- [dependencies.dirs]
--version = "2.0"
-+version = "3.0"
+ [dependencies.env_logger]
+-version = "0.8"
++version = "0.7"
- [dependencies.dns-parser]
- version = "0.8"
-@@ -61,7 +61,7 @@
+ [dependencies.libc]
+ version = "0.2"
+@@ -61,7 +61,7 @@ version = "0.2"
version = "0.4"
[dependencies.nix]
--version = "0.17"
+-version = "0.20"
+version = "0.19"
[dependencies.nom]
- version = "5"
-@@ -105,6 +105,6 @@
- [dev-dependencies.boxxy]
- version = "0.11"
- [target."cfg(target_os=\"linux\")".dependencies.syscallz]
--version = "0.14.0"
-+version = "0.15.0"
- [badges.travis-ci]
- repository = "kpcyrd/sniffglue"
+ version = "6"
@@ -102,8 +102,6 @@ version = "0.5"
[dependencies.users]
- version = "0.10"
+ version = "0.11"
-[dev-dependencies.boxxy]
-version = "0.11"
[target."cfg(target_os=\"linux\")".dependencies.syscallz]
- version = "0.15.0"
+ version = "0.15"
[badges.travis-ci]
Index: sniffglue/examples/boxxy.rs
===================================================================
-
-fn stage1(sh: &mut boxxy::Shell, _args: Vec<String>) -> Result<(), boxxy::Error> {
- shprintln!(sh, "[*] starting stage1");
-- sniffglue::sandbox::activate_stage1().unwrap();
+- sniffglue::sandbox::activate_stage1(false).unwrap();
- shprintln!(sh, "[+] activated!");
- Ok(())
-}
-
-fn stage2(sh: &mut boxxy::Shell, _args: Vec<String>) -> Result<(), boxxy::Error> {
- shprintln!(sh, "[*] starting stage2");
-- sniffglue::sandbox::activate_stage2().unwrap();
+- sniffglue::sandbox::activate_stage2(false).unwrap();
- shprintln!(sh, "[+] activated!");
- Ok(())
-}
--- /dev/null
+Index: sniffglue/src/centrifuge/tls.rs
+===================================================================
+--- sniffglue.orig/src/centrifuge/tls.rs
++++ sniffglue/src/centrifuge/tls.rs
+@@ -1,7 +1,10 @@
++use std::str;
++
++use tls_parser::tls::{TlsMessage, TlsMessageHandshake};
++use tls_parser::tls_extensions::{TlsExtension, parse_tls_extension};
+ use crate::structs::{tls, CentrifugeError};
+ use crate::structs::tls::{TLS, ClientHello, ServerHello};
+-use std::str;
+-use tls_parser::{TlsMessage, TlsMessageHandshake, TlsExtension, parse_tls_extension};
++
+
+ pub fn extract(remaining: &[u8]) -> Result<tls::TLS, CentrifugeError> {
+ if let Ok((_remaining, tls)) = tls_parser::parse_tls_plaintext(remaining) {
+Index: sniffglue/src/structs/tls.rs
+===================================================================
+--- sniffglue.orig/src/structs/tls.rs
++++ sniffglue/src/structs/tls.rs
+@@ -1,5 +1,7 @@
+ use serde::Serialize;
+-use tls_parser::{TlsVersion, TlsClientHelloContents, TlsServerHelloContents};
++use tls_parser::TlsClientHelloContents;
++use tls_parser::TlsServerHelloContents;
++use tls_parser::tls::TlsVersion;
+
+ #[derive(Debug, PartialEq, Serialize)]
+ pub enum TLS {
+Index: sniffglue/Cargo.toml
+===================================================================
+--- sniffglue.orig/Cargo.toml
++++ sniffglue/Cargo.toml
+@@ -64,7 +64,7 @@ version = "0.4"
+ version = "0.19"
+
+ [dependencies.nom]
+-version = "6"
++version = "5"
+
+ [dependencies.num_cpus]
+ version = "1.6"
+@@ -95,7 +95,7 @@ version = "0.9"
+ version = "0.3"
+
+ [dependencies.tls-parser]
+-version = "0.10"
++version = "0.9"
+
+ [dependencies.toml]
+ version = "0.5"
+++ /dev/null
-diff --git a/src/sandbox/seccomp.rs b/src/sandbox/seccomp.rs
-index bfa2e49..0cb5837 100644
---- a/src/sandbox/seccomp.rs
-+++ b/src/sandbox/seccomp.rs
-@@ -43,6 +44,8 @@ pub fn activate_stage1() -> Result<(), syscallz::Error> {
- #[cfg(target_arch = "arm")]
- ctx.allow_syscall(Syscall::send)?;
- ctx.allow_syscall(Syscall::sendto)?;
-+ #[cfg(target_arch = "arm")]
-+ ctx.allow_syscall(Syscall::recv)?;
- ctx.allow_syscall(Syscall::recvfrom)?;
- ctx.allow_syscall(Syscall::sendmsg)?;
- ctx.allow_syscall(Syscall::recvmsg)?;
-@@ -99,7 +102,7 @@ pub fn activate_stage1() -> Result<(), syscallz::Error> {
- ctx.allow_syscall(Syscall::exit_group)?;
- ctx.allow_syscall(Syscall::set_robust_list)?;
- ctx.allow_syscall(Syscall::openat)?;
-- #[cfg(target_arch = "aarch64")]
-+ #[cfg(any(target_arch = "x86_64", target_arch = "aarch64"))]
- ctx.allow_syscall(Syscall::newfstatat)?;
- ctx.allow_syscall(Syscall::seccomp)?; // needed for stage2
- ctx.allow_syscall(Syscall::getrandom)?;
-@@ -117,6 +120,7 @@ pub fn activate_stage1() -> Result<(), syscallz::Error> {
- #[cfg(not(target_arch = "aarch64"))]
- ctx.allow_syscall(Syscall::access)?; // needed for debian /etc/ld.so.nohwcap
- ctx.allow_syscall(Syscall::faccessat)?; // needed for debian /etc/ld.so.nohwcap
-+ ctx.allow_syscall(Syscall::eventfd2)?;
-
- ctx.load()?;
-
-@@ -153,13 +157,15 @@ pub fn activate_stage2() -> Result<(), syscallz::Error> {
- // ctx.allow_syscall(Syscall::socket)?;
- // ctx.allow_syscall(Syscall::connect)?;
- // ctx.allow_syscall(Syscall::sendto)?;
-+ #[cfg(target_arch = "arm")]
-+ ctx.allow_syscall(Syscall::recv)?;
- // ctx.allow_syscall(Syscall::recvfrom)?;
- // ctx.allow_syscall(Syscall::sendmsg)?;
- // ctx.allow_syscall(Syscall::recvmsg)?;
- // ctx.allow_syscall(Syscall::bind)?;
-- // ctx.allow_syscall(Syscall::getsockname)?;
-+ ctx.allow_syscall(Syscall::getsockname)?;
- ctx.allow_syscall(Syscall::setsockopt)?;
-- // ctx.allow_syscall(Syscall::getsockopt)?;
-+ ctx.allow_syscall(Syscall::getsockopt)?;
- ctx.allow_syscall(Syscall::clone)?;
- // ctx.allow_syscall(Syscall::uname)?;
- // ctx.allow_syscall(Syscall::fcntl)?;
relax-deps.patch
-fix-dep.diff
-seccomp.patch
remove-boxxy.patch
-fix-bench.patch
+revert-nom-and-tls-parser.patch