[arch-commits] Commit in sslscan/trunk (PKGBUILD add-checks-for-ssl3.patch)
Evangelos Foutras
foutrelis at archlinux.org
Wed Mar 2 20:29:23 UTC 2016
Date: Wednesday, March 2, 2016 @ 21:29:23
Author: foutrelis
Revision: 164246
Fix build with OpenSSL 1.0.2g
Add #ifdefs for OPENSSL_NO_SSL3 similar to those for OPENSSL_NO_SSL2.
Added:
sslscan/trunk/add-checks-for-ssl3.patch
Modified:
sslscan/trunk/PKGBUILD
---------------------------+
PKGBUILD | 11 ++-
add-checks-for-ssl3.patch | 133 ++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 142 insertions(+), 2 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-03-02 20:06:02 UTC (rev 164245)
+++ PKGBUILD 2016-03-02 20:29:23 UTC (rev 164246)
@@ -9,9 +9,16 @@
arch=('i686' 'x86_64')
license=('GPL3')
depends=('openssl')
-source=(${pkgname}-${pkgver}.tar.gz::https://github.com/DinoTools/${pkgname}/archive/${pkgver}.tar.gz)
-sha512sums=('b7bf9a12c0469893bf1ada53f42cf0a7c286d6bcb5db260ea0ecd6c332ccb8ec6caafa07cd78d15582af5d154b6f4c84cee55ba2fe5a286cb9bd3f9c83e60c34')
+source=(${pkgname}-${pkgver}.tar.gz::https://github.com/DinoTools/${pkgname}/archive/${pkgver}.tar.gz
+ add-checks-for-ssl3.patch)
+sha512sums=('b7bf9a12c0469893bf1ada53f42cf0a7c286d6bcb5db260ea0ecd6c332ccb8ec6caafa07cd78d15582af5d154b6f4c84cee55ba2fe5a286cb9bd3f9c83e60c34'
+ '2cc720dfc12ba8e50b5dc9665cb34a567f26b9685da36dcd56b937a2b3aa9b8199f241074558ed870fdd7b77415396723edff040904c585d519d0b66582dca29')
+prepare() {
+ cd ${pkgname}-${pkgver}
+ patch -Np1 -i ../add-checks-for-ssl3.patch
+}
+
build() {
cd ${pkgname}-${pkgver}
LDFLAGS="${LDFLAGS} -lssl -lcrypto" make
Added: add-checks-for-ssl3.patch
===================================================================
--- add-checks-for-ssl3.patch (rev 0)
+++ add-checks-for-ssl3.patch 2016-03-02 20:29:23 UTC (rev 164246)
@@ -0,0 +1,133 @@
+diff -uprb sslscan-1.10.2.orig/sslscan.c sslscan-1.10.2/sslscan.c
+--- sslscan-1.10.2.orig/sslscan.c 2014-02-14 16:59:08.000000000 +0200
++++ sslscan-1.10.2/sslscan.c 2016-03-02 22:24:34.714187733 +0200
+@@ -1083,8 +1083,9 @@ int testCipher(struct sslCheckOptions *o
+ }
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, " sslversion=\"");
++ if (0) {}
+ #ifndef OPENSSL_NO_SSL2
+- if (sslCipherPointer->sslMethod == SSLv2_client_method())
++ else if (sslCipherPointer->sslMethod == SSLv2_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, "SSLv2\" bits=\"");
+@@ -1093,10 +1094,9 @@ int testCipher(struct sslCheckOptions *o
+ else
+ printf("SSLv2 ");
+ }
+- else if (sslCipherPointer->sslMethod == SSLv3_client_method())
+-#else
+- if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ #endif
++#ifndef OPENSSL_NO_SSL3
++ else if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, "SSLv3\" bits=\"");
+@@ -1105,6 +1105,7 @@ int testCipher(struct sslCheckOptions *o
+ else
+ printf("SSLv3 ");
+ }
++#endif
+ else if (sslCipherPointer->sslMethod == TLSv1_client_method())
+ {
+ if (options->xmlOutput != 0)
+@@ -1238,8 +1239,9 @@ int defaultCipher(struct sslCheckOptions
+ cipherStatus = SSL_connect(ssl);
+ if (cipherStatus == 0 || cipherStatus == 1)
+ {
++ if (0) {}
+ #ifndef OPENSSL_NO_SSL2
+- if (sslMethod == SSLv2_client_method())
++ else if (sslMethod == SSLv2_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv2\" bits=\"");
+@@ -1248,10 +1250,9 @@ int defaultCipher(struct sslCheckOptions
+ else
+ printf(" SSLv2 ");
+ }
+- else if (sslMethod == SSLv3_client_method())
+-#else
+- if (sslMethod == SSLv3_client_method())
+ #endif
++#ifndef OPENSSL_NO_SSL3
++ else if (sslMethod == SSLv3_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv3\" bits=\"");
+@@ -1260,6 +1261,7 @@ int defaultCipher(struct sslCheckOptions
+ else
+ printf(" SSLv3 ");
+ }
++#endif
+ else if (sslMethod == TLSv1_client_method())
+ {
+ if (options->xmlOutput != 0)
+@@ -1937,8 +1939,10 @@ int testHost(struct sslCheckOptions *opt
+ if (status != false)
+ status = defaultCipher(options, SSLv2_client_method());
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ if (status != false)
+ status = defaultCipher(options, SSLv3_client_method());
++#endif
+ if (status != false)
+ status = defaultCipher(options, TLSv1_client_method());
+
+@@ -1957,7 +1961,9 @@ int testHost(struct sslCheckOptions *opt
+ #endif
+ break;
+ case ssl_v3:
++#ifndef OPENSSL_NO_SSL3
+ status = defaultCipher(options, SSLv3_client_method());
++#endif
+ break;
+ case tls_v1:
+ status = defaultCipher(options, TLSv1_client_method());
+@@ -2142,9 +2148,11 @@ int main(int argc, char *argv[])
+ options.sslVersion = ssl_v2;
+ #endif // #ifndef OPENSSL_NO_SSL2
+
++#ifndef OPENSSL_NO_SSL3
+ // SSL v3 only...
+ else if (strcmp("--ssl3", argv[argLoop]) == 0)
+ options.sslVersion = ssl_v3;
++#endif // #ifndef OPENSSL_NO_SSL3
+
+ // TLS v1 only...
+ else if (strcmp("--tls1", argv[argLoop]) == 0)
+@@ -2249,7 +2257,9 @@ int main(int argc, char *argv[])
+ #ifndef OPENSSL_NO_SSL2
+ printf(" %s--ssl2%s Only check SSLv2 ciphers.\n", COL_GREEN, RESET);
+ #endif // #ifndef OPENSSL_NO_SSL2
++#ifndef OPENSSL_NO_SSL3
+ printf(" %s--ssl3%s Only check SSLv3 ciphers.\n", COL_GREEN, RESET);
++#endif // #ifndef OPENSSL_NO_SSL3
+ printf(" %s--tls1%s Only check TLSv1 ciphers.\n", COL_GREEN, RESET);
+ #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL
+ printf(" %s--tls11%s Only check TLSv11 ciphers.\n", COL_GREEN, RESET);
+@@ -2299,7 +2309,10 @@ int main(int argc, char *argv[])
+ populateCipherList(&options, SSLv2_client_method());
+ #endif
+
++#ifndef OPENSSL_NO_SSL3
+ populateCipherList(&options, SSLv3_client_method());
++#endif
++
+ populateCipherList(&options, TLSv1_client_method());
+
+ #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL
+@@ -2313,9 +2326,11 @@ int main(int argc, char *argv[])
+ populateCipherList(&options, SSLv2_client_method());
+ break;
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ case ssl_v3:
+ populateCipherList(&options, SSLv3_client_method());
+ break;
++#endif
+ case tls_v1:
+ populateCipherList(&options, TLSv1_client_method());
+ break;
More information about the arch-commits
mailing list