aboutsummaryrefslogtreecommitdiff
path: root/network/sslscan
diff options
context:
space:
mode:
authorDavid Spencer <baildon.research@googlemail.com>2016-04-26 22:04:17 +0100
committerWilly Sudiarto Raharjo <willysr@slackbuilds.org>2016-04-27 18:16:06 +0700
commite6a2a7937c43e96cbf20f22880056a266b5d938e (patch)
tree43090f6a56aeffa0c2c6dbe2dcfa6fb8ac527008 /network/sslscan
parent15c65d39f2c812bedb61aa0e16d6e22905ad7a27 (diff)
network/sslscan: Updated for version 1.10.2.
There are multiple forks of the original upstream (now dead and fails to build). Arch uses this fork, but Debian and Fedora use github.com/rbsec which is more active but wants a fresh git clone of openssl for every build, so anyone who prefers rbsec is welcome to fix that. Actually, just use network/ssllabs-scan instead of this. Signed-off-by: David Spencer <baildon.research@googlemail.com>
Diffstat (limited to 'network/sslscan')
-rw-r--r--network/sslscan/add-checks-for-ssl3.patch133
-rw-r--r--network/sslscan/sslscan.SlackBuild20
-rw-r--r--network/sslscan/sslscan.info8
3 files changed, 148 insertions, 13 deletions
diff --git a/network/sslscan/add-checks-for-ssl3.patch b/network/sslscan/add-checks-for-ssl3.patch
new file mode 100644
index 000000000000..61cbc38557e8
--- /dev/null
+++ b/network/sslscan/add-checks-for-ssl3.patch
@@ -0,0 +1,133 @@
+diff -uprb sslscan-1.10.2.orig/sslscan.c sslscan-1.10.2/sslscan.c
+--- sslscan-1.10.2.orig/sslscan.c 2014-02-14 16:59:08.000000000 +0200
++++ sslscan-1.10.2/sslscan.c 2016-03-02 22:24:34.714187733 +0200
+@@ -1083,8 +1083,9 @@ int testCipher(struct sslCheckOptions *o
+ }
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, " sslversion=\"");
++ if (0) {}
+ #ifndef OPENSSL_NO_SSL2
+- if (sslCipherPointer->sslMethod == SSLv2_client_method())
++ else if (sslCipherPointer->sslMethod == SSLv2_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, "SSLv2\" bits=\"");
+@@ -1093,10 +1094,9 @@ int testCipher(struct sslCheckOptions *o
+ else
+ printf("SSLv2 ");
+ }
+- else if (sslCipherPointer->sslMethod == SSLv3_client_method())
+-#else
+- if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ #endif
++#ifndef OPENSSL_NO_SSL3
++ else if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, "SSLv3\" bits=\"");
+@@ -1105,6 +1105,7 @@ int testCipher(struct sslCheckOptions *o
+ else
+ printf("SSLv3 ");
+ }
++#endif
+ else if (sslCipherPointer->sslMethod == TLSv1_client_method())
+ {
+ if (options->xmlOutput != 0)
+@@ -1238,8 +1239,9 @@ int defaultCipher(struct sslCheckOptions
+ cipherStatus = SSL_connect(ssl);
+ if (cipherStatus == 0 || cipherStatus == 1)
+ {
++ if (0) {}
+ #ifndef OPENSSL_NO_SSL2
+- if (sslMethod == SSLv2_client_method())
++ else if (sslMethod == SSLv2_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv2\" bits=\"");
+@@ -1248,10 +1250,9 @@ int defaultCipher(struct sslCheckOptions
+ else
+ printf(" SSLv2 ");
+ }
+- else if (sslMethod == SSLv3_client_method())
+-#else
+- if (sslMethod == SSLv3_client_method())
+ #endif
++#ifndef OPENSSL_NO_SSL3
++ else if (sslMethod == SSLv3_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv3\" bits=\"");
+@@ -1260,6 +1261,7 @@ int defaultCipher(struct sslCheckOptions
+ else
+ printf(" SSLv3 ");
+ }
++#endif
+ else if (sslMethod == TLSv1_client_method())
+ {
+ if (options->xmlOutput != 0)
+@@ -1937,8 +1939,10 @@ int testHost(struct sslCheckOptions *opt
+ if (status != false)
+ status = defaultCipher(options, SSLv2_client_method());
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ if (status != false)
+ status = defaultCipher(options, SSLv3_client_method());
++#endif
+ if (status != false)
+ status = defaultCipher(options, TLSv1_client_method());
+
+@@ -1957,7 +1961,9 @@ int testHost(struct sslCheckOptions *opt
+ #endif
+ break;
+ case ssl_v3:
++#ifndef OPENSSL_NO_SSL3
+ status = defaultCipher(options, SSLv3_client_method());
++#endif
+ break;
+ case tls_v1:
+ status = defaultCipher(options, TLSv1_client_method());
+@@ -2142,9 +2148,11 @@ int main(int argc, char *argv[])
+ options.sslVersion = ssl_v2;
+ #endif // #ifndef OPENSSL_NO_SSL2
+
++#ifndef OPENSSL_NO_SSL3
+ // SSL v3 only...
+ else if (strcmp("--ssl3", argv[argLoop]) == 0)
+ options.sslVersion = ssl_v3;
++#endif // #ifndef OPENSSL_NO_SSL3
+
+ // TLS v1 only...
+ else if (strcmp("--tls1", argv[argLoop]) == 0)
+@@ -2249,7 +2257,9 @@ int main(int argc, char *argv[])
+ #ifndef OPENSSL_NO_SSL2
+ printf(" %s--ssl2%s Only check SSLv2 ciphers.\n", COL_GREEN, RESET);
+ #endif // #ifndef OPENSSL_NO_SSL2
++#ifndef OPENSSL_NO_SSL3
+ printf(" %s--ssl3%s Only check SSLv3 ciphers.\n", COL_GREEN, RESET);
++#endif // #ifndef OPENSSL_NO_SSL3
+ printf(" %s--tls1%s Only check TLSv1 ciphers.\n", COL_GREEN, RESET);
+ #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL
+ printf(" %s--tls11%s Only check TLSv11 ciphers.\n", COL_GREEN, RESET);
+@@ -2299,7 +2309,10 @@ int main(int argc, char *argv[])
+ populateCipherList(&options, SSLv2_client_method());
+ #endif
+
++#ifndef OPENSSL_NO_SSL3
+ populateCipherList(&options, SSLv3_client_method());
++#endif
++
+ populateCipherList(&options, TLSv1_client_method());
+
+ #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL
+@@ -2313,9 +2326,11 @@ int main(int argc, char *argv[])
+ populateCipherList(&options, SSLv2_client_method());
+ break;
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ case ssl_v3:
+ populateCipherList(&options, SSLv3_client_method());
+ break;
++#endif
+ case tls_v1:
+ populateCipherList(&options, TLSv1_client_method());
+ break;
diff --git a/network/sslscan/sslscan.SlackBuild b/network/sslscan/sslscan.SlackBuild
index 29218f803daa..5fdbdb9ea9b5 100644
--- a/network/sslscan/sslscan.SlackBuild
+++ b/network/sslscan/sslscan.SlackBuild
@@ -27,8 +27,8 @@
# 2010 June 16 - initial release
PRGNAM=sslscan
-VERSION=${VERSION:-1.8.2}
-BUILD=${BUILD:-2}
+VERSION=${VERSION:-1.10.2}
+BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
if [ -z "$ARCH" ]; then
@@ -39,7 +39,6 @@ if [ -z "$ARCH" ]; then
esac
fi
-
CWD=$(pwd)
TMP=${TMP:-/tmp/SBo}
PKG=$TMP/package-$PRGNAM
@@ -65,18 +64,21 @@ rm -rf $PKG
mkdir -p $TMP $PKG $OUTPUT
cd $TMP
rm -rf $PRGNAM-$VERSION
-tar xvf $CWD/$PRGNAM-$VERSION.tgz
+tar xvf $CWD/$PRGNAM-$VERSION.tar.gz || tar xvf $CWD/$VERSION.tar.gz
cd $PRGNAM-$VERSION
chown -R root:root .
find -L . \
- \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
+ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
+ -o -perm 511 \) -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
+ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+
+# Thanks to Arch for this patch:
+patch -p1 < $CWD/add-checks-for-ssl3.patch
mkdir -p $PKG/usr/bin $PKG/usr/man/man1
-make CFLAGS="$SLKCFLAGS" MANPATH=/usr/man/ LDFLAGS="-lcrypto"
+make CFLAGS="$SLKCFLAGS" LDFLAGS="-lssl -lcrypto"
make install BINPATH=$PKG/usr/bin MANPATH=$PKG/usr/man/
find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
diff --git a/network/sslscan/sslscan.info b/network/sslscan/sslscan.info
index e8b8c220c715..0f930d48fb0b 100644
--- a/network/sslscan/sslscan.info
+++ b/network/sslscan/sslscan.info
@@ -1,8 +1,8 @@
PRGNAM="sslscan"
-VERSION="1.8.2"
-HOMEPAGE="http://sourceforge.net/projects/sslscan/"
-DOWNLOAD="http://downloads.sourceforge.net/sslscan/sslscan-1.8.2.tgz"
-MD5SUM="1a890d031996ab252efb535511bd58db"
+VERSION="1.10.2"
+HOMEPAGE="https://github.com/DinoTools/sslscan"
+DOWNLOAD="https://github.com/DinoTools/sslscan/archive/1.10.2.tar.gz"
+MD5SUM="41ecff92303cecfd00bf3c7de509af14"
DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
REQUIRES=""