|
|
|
Table of contents:
Wireshark is a great tool for network troubleshooting or any other task involving network packet capture and analysis. But you have to build it yourself on OpenBSD, and the compilation will fail.
The OpenBSD community hasn't built Wireshark packages for a while, since Wireshark has a bad security track record. It has to run with root privileges to do most of what people find useful, and its packet dissectors (the modules analyzing the large set of supported protocols) are very complicated and prone to bugs. A privileged process running untrusted code leads to big security problems!
On top of this, the Wireshark community hasn't seemed to worry about making Wireshark build cleanly from source on OpenBSD.
Here is the trick for compiling Ethereal on OpenBSD, based on what I found at http://www.linbsd.org/ethereal_on_openbsd38.html The followed has worked with Ethereal, and it works with Wireshark.
% pkg_info autoconf | head -1 % pkg_info automake | head -1 % ls /usr/local/bin/auto*
% su -
# setenv AUTOCONF_VERSION 2.59 # setenv AUTOMAKE_VERSION 1.9
# export AUTOCONF_VERSION=2.59 # export AUTOMAKE_VERSION=1.9
# ./autogen.sh
# cd /usr/local/bin # ln -s python2.* python
# setenv CC egccIf you're running bash, do this:
# export CC=egcc
# ./configure
# gmake
# gmake install
In file included from packet-dplay.c:33: /usr/include/sys/socket.h:147: error: expected specifier-qualifier-list before 'u_int8_t' /usr/include/sys/socket.h:165: error: expected specifier-qualifier-list before 'u_int8_t' /usr/include/sys/socket.h:233: error: expected specifier-qualifier-list before 'uid_t' /usr/include/sys/socket.h:354: error: expected specifier-qualifier-list before 'socklen_t' /usr/include/sys/socket.h:380: error: expected specifier-qualifier-list before 'socklen_t' /usr/include/sys/socket.h:436: error: expected specifier-qualifier-list before 'caddr_t'Fix — Use an older version of Wireshark. I have had the above problem trying to compile Wireshark 1.0.4 on OpenBSD 4.4 through 4.6. I rolled back to Wireshark 1.0.0 (I had kept the old tar files) and that version compiles and runs just fine.
AM_NON_GENERATED_CFLAGS = -WerrorBy Wireshark 1.0.4, the Makefile came with that already commented out....
# gmake uninstall
# find * -name 'libwireshark*'
# cd epan
# gmake # gmake install
# cd .. # gmake
Child capture process died: Segmentation violation - core dumped
(ethereal-capture:PID): GdkPixbuf-WARNING **: Cannot open pixbuf loader module file '/var/db/gtk-2.0/gdk-pixbuf.loaders': Too many open files
% su root -c 'ulimit -n 512 ; wireshark &'Or, more extremely:
% su root -c 'ulimit -n unlimited ; wireshark &'For more details see man bash and read the ulimit section.
|
|
| Histogram equalization. |
The OpenCV (Open Computer Vision) package is great! It lets you very quickly develop code for dealing with arbitrary image file formats. I got my global and localized histogram equalization algorithms working on JPEG images in about half a day, much of that time taken up by my rustiness at C/C++ programming....
However, OpenCV isn't included in the OpenBSD packages collection, and building it from source wasn't as obvious as I had hoped.
First, though, learn about and get OpenCV:
% cd /path/to/working/area % svn co https://opencvlibrary.svn.sourceforge.net/svnroot/opencvlibrary/trunkThe problem is that the very latest version will likely require a very recent version of autoconf or automake or another related tool, more recent than is available as a downloadable compiled package on your system.
Now, to build OpenCV. You've downloaded and extracted the archive, and changed to the newly created directory. Start by configuring the build:
% autoreconf -i --force % ./configure
You could add the --enable-static option to the second command, and it will certainly build the static libraries. However, my experience is that they aren't too useful as you will also need to link your program with many other libraries for which only shared libraries are available. In fact, that set of other libraries is the reason this was harder than I expected, and why this section appears on this page....
Second, build the libraries. This takes about five minutes on my powerhouse computing system (2.20 GHz Intel Celeron CPU, 512 MB RAM). Be certain to use gmake and not make!
% gmake
If that worked, install the libraries. If it didn't work, then in my experience you skipped either the autoreconf or ./configure step.
% sudo make install
You are now ready to compile OpenCV code, if you know how to go about it. Based on what I had seen while doing the initial development on Linux, I thought that I could put something like the following in ~/src/Makefile
CFLAGS = -O3 -Wall -pedantic
TARGET = /home/cromwell/bin/bsd
${TARGET}/histogram-equalize: histogram-equalize.cc
g++ ${CFLAGS} histogram-equalize.cc \
-o ${TARGET}/histogram-equalize -lcv -lhighgui
That fails because the compiler can't find the include files. You get errors like this:
histogram-equalize.cc:53:47: cv.h: No such file or directory histogram-equalize.cc:54:47: highgui.h: No such file or directory histogram-equalize.cc: In function `int main(int, char**)': histogram-equalize.cc:84: error: `IplImage' undeclared (first use this function) histogram-equalize.cc:84: error: (Each undeclared identifier is reported only once for each function it appears in.)
So, expand the Makefile:
CFLAGS = -O3 -Wall -pedantic
TARGET = /home/cromwell/bin/bsd
${TARGET}/histogram-equalize: histogram-equalize.cc
g++ ${CFLAGS} histogram-equalize.cc \
-o ${TARGET}/histogram-equalize \
-I /usr/local/include/opencv \
-lcv -lhighgui
That reveals that the OpenCV code is not clean enough to compile with the -pedantic option!
In file included from /usr/local/include/opencv/cxcore.h:69, from /usr/local/include/opencv/cv.h:58, from histogram-equalize.cc:53: /usr/local/include/opencv/cxtypes.h:144: error: ISO C++ does not support `long long' /usr/local/include/opencv/cxtypes.h:145: error: ISO C++ does not support `long long'
So, modify the compiler parameters:
CFLAGS = -O3 -Wall -pedantic
TARGET = /home/cromwell/bin/bsd
${TARGET}/histogram-equalize: histogram-equalize.cc
g++ -O3 -Wall histogram-equalize.cc \
-o ${TARGET}/histogram-equalize \
-I /usr/local/include/opencv \
-lcv -lhighgui
That modification gets it through the initial compilation, but it fails on the ld stage:
/usr/bin/ld: cannot find -lcv collect2: ld returned 1 exit status
I should have seen that coming.... I need to specify the OpenCV shared library locations because they're under /usr/local/lib on OpenBSD and the compiler doesn't look there by default:
CFLAGS = -O3 -Wall -pedantic
TARGET = /home/cromwell/bin/bsd
${TARGET}/histogram-equalize: histogram-equalize.cc
g++ -O3 -Wall histogram-equalize.cc \
-o ${TARGET}/histogram-equalize \
-I /usr/local/include/opencv \
-L /usr/local/lib \
-lcv -lhighgui
Wow, that generates a lot of errors! I see some fairly obvious X11 warning messages:
/usr/bin/ld: warning: libfreetype.so.16.1, needed by /usr/local/lib/libhighgui.so.1.0, not found (try using -rpath or -rpath-link) /usr/bin/ld: warning: libXdmcp.so.9.0, needed by /usr/X11R6/lib/libX11.so.11.1, not found (try using -rpath or -rpath-link) /usr/bin/ld: warning: libXau.so.9.0, needed by /usr/X11R6/lib/libX11.so.11.1, not found (try using -rpath or -rpath-link) /usr/bin/ld: warning: libX11.so.11.1, needed by /usr/X11R6/lib/libXrender.so.5.0, not found (try using -rpath or -rpath-link) /usr/bin/ld: warning: libXrender.so.5.0, needed by /usr/local/lib/libcairo.so.9.2, not found (try using -rpath or -rpath-link) /usr/bin/ld: warning: libfontconfig.so.5.1, needed by /usr/local/lib/libcairo.so.9.2, not found (try using -rpath or -rpath-link) /usr/bin/ld: warning: libpixman-1.so.12.0, needed by /usr/local/lib/libcairo.so.9.2, not found (try using -rpath or -rpath-link) /usr/bin/ld: warning: libXfixes.so.5.0, needed by /usr/X11R6/lib/libXdamage.so.3.1, not found (try using -rpath or -rpath-link) /usr/bin/ld: warning: libXext.so.10.0, needed by /usr/X11R6/lib/libXcomposite.so.3.0, not found (try using -rpath or -rpath-link)
But then more mysteriously, at least to me, a bunch of similar errors involving the cairo and pango software, undefined references to symbols with names starting "FT_":
/usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_PS_Font_Info' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Init_FreeType' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_Sfnt_Name' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Load_Glyph' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Done_Face' /usr/local/lib/libcairo.so.9.2: undefined reference to `FT_GlyphSlot_Embolden' /usr/local/lib/libpangoft2-1.0.so.1800.0: undefined reference to `FT_Render_Glyph' /usr/local/lib/libpangoft2-1.0.so.1800.0: undefined reference to `FT_Get_Kerning' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_Char_Index' /usr/local/lib/libcairo.so.9.2: undefined reference to `FT_Outline_Translate' /usr/local/lib/libpangoft2-1.0.so.1800.0: undefined reference to `FT_Set_Charmap' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_Sfnt_Table' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Has_PS_Glyph_Names' /usr/local/lib/libcairo.so.9.2: undefined reference to `FT_Outline_Decompose' /usr/local/lib/libcairo.so.9.2: undefined reference to `FT_Set_Pixel_Sizes' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_Glyph_Name' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Select_Charmap' /usr/local/lib/libcairo.so.9.2: undefined reference to `FT_Outline_Transform' /usr/local/lib/libpangoft2-1.0.so.1800.0: undefined reference to `FT_MulFix' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_Next_Char' /usr/local/lib/libcairo.so.9.2: undefined reference to `FT_Outline_Get_Bitmap' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Load_Sfnt_Table' /usr/local/lib/libpangoft2-1.0.so.1800.0: undefined reference to `FT_Vector_Transform' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Done_FreeType' /usr/local/lib/libpangoft2-1.0.so.1800.0: undefined reference to `FT_Set_Char_Size' /usr/local/lib/libpangoft2-1.0.so.1800.0: undefined reference to `FT_Set_Transform' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_Sfnt_Name_Count' /usr/local/lib/libcairo.so.9.2: undefined reference to `FT_Outline_Get_CBox' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_X11_Font_Format' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_BDF_Property' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_Get_First_Char' /usr/X11R6/lib/libfontconfig.so.5.1: undefined reference to `FT_New_Face' collect2: ld returned 1 exit status
To jump ahead to the solution, I carefully examined the output in the window where I built the libraries. I got fresh output by recompiling:
% gmake clean % gmake
I saw that the OpenCV libraries are linked against a large number of shared libraries stored under /usr/local/lib and so software using the OpenCV libraries will also need to be similarly linked. Here's the Makefile entry that solved my problem, with all my changes highlighted
CFLAGS = -O3 -Wall -pedantic
TARGET = /home/cromwell/bin/bsd
${TARGET}/histogram-equalize: histogram-equalize.cc
g++ -O3 -Wall histogram-equalize.cc \
-o ${TARGET}/histogram-equalize \
-I /usr/local/include/opencv \
-L /usr/local/lib -L /usr/X11R6/lib \
-lcv -lhighgui \
-lgtk-x11-2.0 -lgdk-x11-2.0 -lpangocairo-1.0 \
-lgthread-2.0 -lglib-2.0 -lintl -liconv -lXi \
-lXrandr -lXcursor -lXcomposite -lXext \
-lXdamage -lXfixes -latk-1.0 -lcairo -lpixman-1 -lglitz
One page I found through Google suggests that this may also be an issue with libcairo.so on Linux.
The Open Vulnerability Assessment System (OpenVAS) security tool is great! It's a free fork of the Nessus project. It is a network security scanner with a graphical front end, and it applies many thousands of vulnerability tests to machines across a network.
The only problem, as often happens with OpenBSD, is that its developers didn't include what's needed to get it to compile there without a little help. But it isn't hard, just a little tedious:
$ cd /tmp $ wget ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.4.tar.gz $ gtar xvf libgcrypt-1.4.4.tar.gz $ cd libgcrypt-1.4.4 $ ./configure $ make $ su root -c 'make install'
$ cd /tmp $ wget ftp://ftp.openbsd.org/pub/OpenBSD/`uname -r`/ports.tar.gz $ su Password: # cd /usr # gtar xvf /tmp/ports.tar.gz
# cd /usr/ports/security # gtar xvf /tmp/openvas2.0.tgz
# cd /usr/lib # ln -s /usr/local/lib/libgcrypt.so.16.2
# cd /usr/ports/security/openvas # make # make install
I found this archived e-mail very useful.
Project RainbowCrack was originally Zhu Shuanglei's implementation, it's not clear to me if the project is still just his or if it's even been maintained for a while. His page seems to have been last updated in August 2007.
The Project RainbowCrack web page has three versions — 1.2 (Windows XP/Vista binary, and source code for Windows and Linux), 1.3 (Windows XP/Vista binary only), and 1.4 (Windows XP/Vista binary only).
The version 1.2 source code does not compile on OpenBSD, and in my experience it doesn't compile on Linux, either. It seems to date from 2004 at the earliest, and I think it makes some version-2.4 assumptions about kernel headers.
Here is how to get it to compile on OpenBSD.
Someone,
it isn't clear just who,
wrote in May 2004:
OpenBSD patch for RainbowCrack v1.2 (11 May 2004)
In 2004, RainbowCrack didn't work on OpenBSD,
so I wrote
a patch.
That may have worked in 2004, but it didn't quite work for me some 5.5 years later. I don't know why, but the patch file (the output of diff) included there could not be applied.
Do the following to compile and install RainbowCrack on OpenBSD:
$ unzip rainbowcrack-1.2-src.zip
$ cd rainbowcrack-1.2-src/src $ cp Public.cpp Public.cpp-ORIGINAL
$ make -f makefile.openbsd
$ su # chown root.root rcrack rtdump rtgen rtsort # cp rcrack rtdump rtgen rtsort /usr/local/bin # mkdir /usr/local/share/doc/rainbowcrack # cp -r ../src/* /usr/local/share/doc/rainbowcrack
|
|
|||||||||
|
|||||||||
|
| © Bob Cromwell Mar 2010. Created with /bin/vi and ImageMagick, hosted on OpenBSD with Apache. Root password available here, privacy policy here. |