2 How to compile the library?

Requirements for compiling the library:

• a working C compiler (C++ compilers won’t work due to variable casts)
• development package for the C library (like glibc-devel and glibc-headers).
  
  NOTE Some glibc versions (2.11 is known of this) have a bug in their ‘dl(v)sym()’ implementation, which may cause LibHideIP to hang during searching for the original versions of the substituted C functions. If you observe this, it is best to upgrade glibc. If not possible, you can start deleting substituted functions from ‘open()’ and check each time if your current version started to work (yes, this decreases security).

  NOTE Also, some glibc versions have a bug in their ‘gethostbyaddr_r()’ and related functions’ implementations, causing overflows (probably stack) which impact the environment variables’ usage and thus may disable banning files except the global file. Probably fixed in version 2.22.

  The sys/stat.h header contains functions needed to check an executable’s type. If it is a symbolic link, LibHideIP will follow it.

  The dlfcn.h header contains functions needed to call the original functions. It has to have RTLD_NEXT defined. LibHideIP wouldn’t work without this, so it won’t compile without this.

  The stdarg.h/varargs.h header contains stuff needed to intercept ‘ioctl()’ and the opening functions.

• The libdl library (usually part of the C library) for dynamic function addressing (unless the required functions are in the C library)
• the make program

Type

./configure

to configure LibHideIP for your system.

If you want to enable the public interface of LibHideIP, configure the library with

‘./configure --enable-public-interface’

See the chapter on developing to learn how to use LibHideIP (Developing).

LibHideIP allows some programs to be banned (not allowed to run under LibHideIP, because they might need access to the IP address). One banning file is always supported - ${sysconfdir}/libhideip.progban (${sysconfdir} is /usr/local/etc unless set otherwise during configure).

If you want to disable additional banning files pointed to by environment variables, configure the library with

‘./configure --enable-environment=no’

If you want to disable additional banning files in users’ home directories, configure the library with

‘./configure --enable-user-files=no’

If you want to allow X-based (GUI) applications to run under LibHideIP, configure the library with

‘./configure --enable-gui-applications=yes’

Note, however, that this disables one of the functions (gethostname). In other words, this function will not be intercepted by LibHideIP, so programs using it will be able to get its real result.

Type

make

to compile the library.

LibHideIP assumes that your host has maximum 100 aliases and addresses, unless you have the ‘malloc()’ function. If you think this number is not enough and you don’t have the ‘malloc()’ function, configure LibHideIP with

‘./configure --with-max-host-names=n’

or compile LibHideIP with:

‘make CFLAGS='-DLHIP_MAX_HOSTNAMES=n'’

where n is your desired number (10 is minimum).

Documentation comes compiled (and can be copied right away), but can be changed and recompiled, if you have the makeinfo program (texinfo package).

Type

‘make install’

to install the library.

To make LibHideIP impossible to detect, you must change all the internal public function names. To do this, you can use the name randomizing scripts in the src directory. You will need the sed and sort programs and either Perl or GNU awk. You can change the name prefix at the top of these scripts to something unique. When the script is done working, reconfigure, recompile and reinstall the library.

Thus, a typical build sequence with less detection would be

./configure

‘cd src’

./randomize_names_gawk.sh (or ‘make x-randomnames’)

‘cd ..’

make

If you want to do this manually (or you don’t have sed or sort and Perl or GNU awk), open the src/lhip_priv.h file in a text editor and look for lines starting with extern. The __lhip... names in these lines are the function names to convert. Take each name and substitute all its appearances in each source file in the src directory using a text editor or the following commands:

‘sed -i 's/__lhip_real_gethostbyaddr_location/_your_function_name1/g' *.c* *.h*’

‘sed -i 's/__lhip_real_gethostbyaddr_r_location/_your_function_name2/g' *.c* *.h*’

...

‘sed -i 's/__lhip_get_init_stage/_your_function_nameN/g' *.c* *.h*’

Then find other symbols that start with __lhip in other files and change them too (using a text editor or commands similar to the above).

Then reconfigure, recompile and reinstall the library.

NOTE: ‘make install’ is NOT recommended. Create and install an RPM package instead, if possible.

To create an RPM package:

1. copy the libhideip.spec file to $HOME/rpmbuild/SPECS
2. copy the source package libhideip-2.2.tar.gz to $HOME/rpmbuild/SOURCES
3. type ‘rpmbuild -bb $HOME/rpmbuild/SPECS/libhideip.spec’
4. get the RPMs from $HOME/rpmbuild/RPMS/

To create an RPM package (the old way):

1. copy the libhideip.spec file to /usr/src/redhat/SPECS
2. copy the source package libhideip-2.2.tar.gz to /usr/src/redhat/SOURCES
3. type ‘rpmbuild -bb /usr/src/redhat/SPECS/libhideip.spec’
4. get the RPMs from /usr/src/redhat/RPMS/

NOTE: some systems may use other directories than these.