diff options
author | David Spencer <baildon.research@googlemail.com> | 2016-04-26 22:04:17 +0100 |
---|---|---|
committer | Willy Sudiarto Raharjo <willysr@slackbuilds.org> | 2016-04-27 18:16:06 +0700 |
commit | e6a2a7937c43e96cbf20f22880056a266b5d938e (patch) | |
tree | 43090f6a56aeffa0c2c6dbe2dcfa6fb8ac527008 /network/sslscan | |
parent | 15c65d39f2c812bedb61aa0e16d6e22905ad7a27 (diff) |
network/sslscan: Updated for version 1.10.2.
There are multiple forks of the original upstream (now dead and
fails to build). Arch uses this fork, but Debian and Fedora use
github.com/rbsec which is more active but wants a fresh git clone
of openssl for every build, so anyone who prefers rbsec is welcome
to fix that.
Actually, just use network/ssllabs-scan instead of this.
Signed-off-by: David Spencer <baildon.research@googlemail.com>
Diffstat (limited to 'network/sslscan')
-rw-r--r-- | network/sslscan/add-checks-for-ssl3.patch | 133 | ||||
-rw-r--r-- | network/sslscan/sslscan.SlackBuild | 20 | ||||
-rw-r--r-- | network/sslscan/sslscan.info | 8 |
3 files changed, 148 insertions, 13 deletions
diff --git a/network/sslscan/add-checks-for-ssl3.patch b/network/sslscan/add-checks-for-ssl3.patch new file mode 100644 index 0000000000000..61cbc38557e8a --- /dev/null +++ b/network/sslscan/add-checks-for-ssl3.patch @@ -0,0 +1,133 @@ +diff -uprb sslscan-1.10.2.orig/sslscan.c sslscan-1.10.2/sslscan.c +--- sslscan-1.10.2.orig/sslscan.c 2014-02-14 16:59:08.000000000 +0200 ++++ sslscan-1.10.2/sslscan.c 2016-03-02 22:24:34.714187733 +0200 +@@ -1083,8 +1083,9 @@ int testCipher(struct sslCheckOptions *o + } + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, " sslversion=\""); ++ if (0) {} + #ifndef OPENSSL_NO_SSL2 +- if (sslCipherPointer->sslMethod == SSLv2_client_method()) ++ else if (sslCipherPointer->sslMethod == SSLv2_client_method()) + { + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, "SSLv2\" bits=\""); +@@ -1093,10 +1094,9 @@ int testCipher(struct sslCheckOptions *o + else + printf("SSLv2 "); + } +- else if (sslCipherPointer->sslMethod == SSLv3_client_method()) +-#else +- if (sslCipherPointer->sslMethod == SSLv3_client_method()) + #endif ++#ifndef OPENSSL_NO_SSL3 ++ else if (sslCipherPointer->sslMethod == SSLv3_client_method()) + { + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, "SSLv3\" bits=\""); +@@ -1105,6 +1105,7 @@ int testCipher(struct sslCheckOptions *o + else + printf("SSLv3 "); + } ++#endif + else if (sslCipherPointer->sslMethod == TLSv1_client_method()) + { + if (options->xmlOutput != 0) +@@ -1238,8 +1239,9 @@ int defaultCipher(struct sslCheckOptions + cipherStatus = SSL_connect(ssl); + if (cipherStatus == 0 || cipherStatus == 1) + { ++ if (0) {} + #ifndef OPENSSL_NO_SSL2 +- if (sslMethod == SSLv2_client_method()) ++ else if (sslMethod == SSLv2_client_method()) + { + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv2\" bits=\""); +@@ -1248,10 +1250,9 @@ int defaultCipher(struct sslCheckOptions + else + printf(" SSLv2 "); + } +- else if (sslMethod == SSLv3_client_method()) +-#else +- if (sslMethod == SSLv3_client_method()) + #endif ++#ifndef OPENSSL_NO_SSL3 ++ else if (sslMethod == SSLv3_client_method()) + { + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv3\" bits=\""); +@@ -1260,6 +1261,7 @@ int defaultCipher(struct sslCheckOptions + else + printf(" SSLv3 "); + } ++#endif + else if (sslMethod == TLSv1_client_method()) + { + if (options->xmlOutput != 0) +@@ -1937,8 +1939,10 @@ int testHost(struct sslCheckOptions *opt + if (status != false) + status = defaultCipher(options, SSLv2_client_method()); + #endif ++#ifndef OPENSSL_NO_SSL3 + if (status != false) + status = defaultCipher(options, SSLv3_client_method()); ++#endif + if (status != false) + status = defaultCipher(options, TLSv1_client_method()); + +@@ -1957,7 +1961,9 @@ int testHost(struct sslCheckOptions *opt + #endif + break; + case ssl_v3: ++#ifndef OPENSSL_NO_SSL3 + status = defaultCipher(options, SSLv3_client_method()); ++#endif + break; + case tls_v1: + status = defaultCipher(options, TLSv1_client_method()); +@@ -2142,9 +2148,11 @@ int main(int argc, char *argv[]) + options.sslVersion = ssl_v2; + #endif // #ifndef OPENSSL_NO_SSL2 + ++#ifndef OPENSSL_NO_SSL3 + // SSL v3 only... + else if (strcmp("--ssl3", argv[argLoop]) == 0) + options.sslVersion = ssl_v3; ++#endif // #ifndef OPENSSL_NO_SSL3 + + // TLS v1 only... + else if (strcmp("--tls1", argv[argLoop]) == 0) +@@ -2249,7 +2257,9 @@ int main(int argc, char *argv[]) + #ifndef OPENSSL_NO_SSL2 + printf(" %s--ssl2%s Only check SSLv2 ciphers.\n", COL_GREEN, RESET); + #endif // #ifndef OPENSSL_NO_SSL2 ++#ifndef OPENSSL_NO_SSL3 + printf(" %s--ssl3%s Only check SSLv3 ciphers.\n", COL_GREEN, RESET); ++#endif // #ifndef OPENSSL_NO_SSL3 + printf(" %s--tls1%s Only check TLSv1 ciphers.\n", COL_GREEN, RESET); + #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL + printf(" %s--tls11%s Only check TLSv11 ciphers.\n", COL_GREEN, RESET); +@@ -2299,7 +2309,10 @@ int main(int argc, char *argv[]) + populateCipherList(&options, SSLv2_client_method()); + #endif + ++#ifndef OPENSSL_NO_SSL3 + populateCipherList(&options, SSLv3_client_method()); ++#endif ++ + populateCipherList(&options, TLSv1_client_method()); + + #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL +@@ -2313,9 +2326,11 @@ int main(int argc, char *argv[]) + populateCipherList(&options, SSLv2_client_method()); + break; + #endif ++#ifndef OPENSSL_NO_SSL3 + case ssl_v3: + populateCipherList(&options, SSLv3_client_method()); + break; ++#endif + case tls_v1: + populateCipherList(&options, TLSv1_client_method()); + break; diff --git a/network/sslscan/sslscan.SlackBuild b/network/sslscan/sslscan.SlackBuild index 29218f803daaa..5fdbdb9ea9b59 100644 --- a/network/sslscan/sslscan.SlackBuild +++ b/network/sslscan/sslscan.SlackBuild @@ -27,8 +27,8 @@ # 2010 June 16 - initial release PRGNAM=sslscan -VERSION=${VERSION:-1.8.2} -BUILD=${BUILD:-2} +VERSION=${VERSION:-1.10.2} +BUILD=${BUILD:-1} TAG=${TAG:-_SBo} if [ -z "$ARCH" ]; then @@ -39,7 +39,6 @@ if [ -z "$ARCH" ]; then esac fi - CWD=$(pwd) TMP=${TMP:-/tmp/SBo} PKG=$TMP/package-$PRGNAM @@ -65,18 +64,21 @@ rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT cd $TMP rm -rf $PRGNAM-$VERSION -tar xvf $CWD/$PRGNAM-$VERSION.tgz +tar xvf $CWD/$PRGNAM-$VERSION.tar.gz || tar xvf $CWD/$VERSION.tar.gz cd $PRGNAM-$VERSION chown -R root:root . find -L . \ - \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + +# Thanks to Arch for this patch: +patch -p1 < $CWD/add-checks-for-ssl3.patch mkdir -p $PKG/usr/bin $PKG/usr/man/man1 -make CFLAGS="$SLKCFLAGS" MANPATH=/usr/man/ LDFLAGS="-lcrypto" +make CFLAGS="$SLKCFLAGS" LDFLAGS="-lssl -lcrypto" make install BINPATH=$PKG/usr/bin MANPATH=$PKG/usr/man/ find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ diff --git a/network/sslscan/sslscan.info b/network/sslscan/sslscan.info index e8b8c220c715c..0f930d48fb0be 100644 --- a/network/sslscan/sslscan.info +++ b/network/sslscan/sslscan.info @@ -1,8 +1,8 @@ PRGNAM="sslscan" -VERSION="1.8.2" -HOMEPAGE="http://sourceforge.net/projects/sslscan/" -DOWNLOAD="http://downloads.sourceforge.net/sslscan/sslscan-1.8.2.tgz" -MD5SUM="1a890d031996ab252efb535511bd58db" +VERSION="1.10.2" +HOMEPAGE="https://github.com/DinoTools/sslscan" +DOWNLOAD="https://github.com/DinoTools/sslscan/archive/1.10.2.tar.gz" +MD5SUM="41ecff92303cecfd00bf3c7de509af14" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" |