[arch-commits] Commit in sslsplit/trunk (2 files)
Levente Polyak
anthraxx at archlinux.org
Thu Jan 25 22:25:54 UTC 2018
Date: Thursday, January 25, 2018 @ 22:25:53
Author: anthraxx
Revision: 286972
upgpkg: sslsplit 0.5.1-1
Modified:
sslsplit/trunk/PKGBUILD
Deleted:
sslsplit/trunk/0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch
-----------------------------------------------------------------+
0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch | 510 ----------
PKGBUILD | 23
2 files changed, 8 insertions(+), 525 deletions(-)
Deleted: 0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch
===================================================================
--- 0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch 2018-01-25 22:23:28 UTC (rev 286971)
+++ 0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch 2018-01-25 22:25:53 UTC (rev 286972)
@@ -1,510 +0,0 @@
-From: Hilko Bengen <bengen at debian.org>
-Date: Tue, 8 Nov 2016 00:30:42 +0100
-Subject: Add fixes for OpenSSL 1.1 while retaining 1.0 compatibility
-
----
- cachedsess.t.c | 4 ++
- cachefkcrt.t.c | 4 ++
- cachemgr.h | 21 ++++++----
- cachessess.t.c | 24 ++++++++++--
- extra/pki/GNUmakefile | 4 +-
- ssl.c | 105 +++++++++++++++++++++++++++++++++++---------------
- ssl.t.c | 11 ++++--
- 7 files changed, 125 insertions(+), 48 deletions(-)
-
-diff --git a/cachedsess.t.c b/cachedsess.t.c
-index 7daa472..49fb9e0 100644
---- a/cachedsess.t.c
-+++ b/cachedsess.t.c
-@@ -120,6 +120,7 @@ START_TEST(cache_dsess_03)
- }
- END_TEST
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- START_TEST(cache_dsess_04)
- {
- SSL_SESSION *s1, *s2;
-@@ -145,6 +146,7 @@ START_TEST(cache_dsess_04)
- SSL_SESSION_free(s2);
- }
- END_TEST
-+#endif
-
- Suite *
- cachedsess_suite(void)
-@@ -159,7 +161,9 @@ cachedsess_suite(void)
- tcase_add_test(tc, cache_dsess_01);
- tcase_add_test(tc, cache_dsess_02);
- tcase_add_test(tc, cache_dsess_03);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- tcase_add_test(tc, cache_dsess_04);
-+#endif
- suite_add_tcase(s, tc);
-
- return s;
-diff --git a/cachefkcrt.t.c b/cachefkcrt.t.c
-index db5e365..d79fb77 100644
---- a/cachefkcrt.t.c
-+++ b/cachefkcrt.t.c
-@@ -89,6 +89,7 @@ START_TEST(cache_fkcrt_03)
- }
- END_TEST
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- START_TEST(cache_fkcrt_04)
- {
- X509 *c1, *c2;
-@@ -116,6 +117,7 @@ START_TEST(cache_fkcrt_04)
- fail_unless(cachemgr_preinit() != -1, "reinit");
- }
- END_TEST
-+#endif
-
- Suite *
- cachefkcrt_suite(void)
-@@ -130,7 +132,9 @@ cachefkcrt_suite(void)
- tcase_add_test(tc, cache_fkcrt_01);
- tcase_add_test(tc, cache_fkcrt_02);
- tcase_add_test(tc, cache_fkcrt_03);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- tcase_add_test(tc, cache_fkcrt_04);
-+#endif
- suite_add_tcase(s, tc);
-
- return s;
-diff --git a/cachemgr.h b/cachemgr.h
-index 8ec7306..2a0fb0e 100644
---- a/cachemgr.h
-+++ b/cachemgr.h
-@@ -61,15 +61,20 @@ void cachemgr_gc(void);
- #define cachemgr_ssess_get(key, keysz) \
- cache_get(cachemgr_ssess, cachessess_mkkey((key), (keysz)))
- #define cachemgr_ssess_set(val) \
-- cache_set(cachemgr_ssess, \
-- cachessess_mkkey((val)->session_id, \
-- (val)->session_id_length), \
-- cachessess_mkval(val))
-+ { \
-+ unsigned int len; \
-+ const unsigned char* id = SSL_SESSION_get_id(val, &len); \
-+ cache_set(cachemgr_ssess, \
-+ cachessess_mkkey(id, len), \
-+ cachessess_mkval(val)); \
-+ }
- #define cachemgr_ssess_del(val) \
-- cache_del(cachemgr_ssess, \
-- cachessess_mkkey((val)->session_id, \
-- (val)->session_id_length))
--
-+ { \
-+ unsigned int len; \
-+ const unsigned char* id = SSL_SESSION_get_id(val, &len); \
-+ cache_del(cachemgr_ssess, \
-+ cachessess_mkkey(id, len)); \
-+ }
- #define cachemgr_dsess_get(addr, addrlen, sni) \
- cache_get(cachemgr_dsess, cachedsess_mkkey((addr), (addrlen), (sni)))
- #define cachemgr_dsess_set(addr, addrlen, sni, val) \
-diff --git a/cachessess.t.c b/cachessess.t.c
-index 8da5287..b23b661 100644
---- a/cachessess.t.c
-+++ b/cachessess.t.c
-@@ -68,13 +68,16 @@ cachemgr_teardown(void)
- START_TEST(cache_ssess_01)
- {
- SSL_SESSION *s1, *s2;
-+ char* session_id;
-+ unsigned int len;
-
- s1 = ssl_session_from_file(TMP_SESS_FILE);
- fail_unless(!!s1, "creating session failed");
- fail_unless(ssl_session_is_valid(s1), "session invalid");
-
- cachemgr_ssess_set(s1);
-- s2 = cachemgr_ssess_get(s1->session_id, s1->session_id_length);
-+ session_id = SSL_SESSION_get_id(s1, &len);
-+ s2 = cachemgr_ssess_get(session_id, len);
- fail_unless(!!s2, "cache returned no session");
- fail_unless(s2 != s1, "cache returned same pointer");
- SSL_SESSION_free(s1);
-@@ -85,12 +88,15 @@ END_TEST
- START_TEST(cache_ssess_02)
- {
- SSL_SESSION *s1, *s2;
-+ char* session_id;
-+ unsigned int len;
-
- s1 = ssl_session_from_file(TMP_SESS_FILE);
- fail_unless(!!s1, "creating session failed");
- fail_unless(ssl_session_is_valid(s1), "session invalid");
-
-- s2 = cachemgr_ssess_get(s1->session_id, s1->session_id_length);
-+ session_id = SSL_SESSION_get_id(s1, &len);
-+ s2 = cachemgr_ssess_get(session_id, len);
- fail_unless(s2 == NULL, "session was already in empty cache");
- SSL_SESSION_free(s1);
- }
-@@ -99,6 +105,8 @@ END_TEST
- START_TEST(cache_ssess_03)
- {
- SSL_SESSION *s1, *s2;
-+ char* session_id;
-+ unsigned int len;
-
- s1 = ssl_session_from_file(TMP_SESS_FILE);
- fail_unless(!!s1, "creating session failed");
-@@ -106,15 +114,19 @@ START_TEST(cache_ssess_03)
-
- cachemgr_ssess_set(s1);
- cachemgr_ssess_del(s1);
-- s2 = cachemgr_ssess_get(s1->session_id, s1->session_id_length);
-+ session_id = SSL_SESSION_get_id(s1, &len);
-+ s2 = cachemgr_ssess_get(session_id, len);
- fail_unless(s2 == NULL, "cache returned deleted session");
- SSL_SESSION_free(s1);
- }
- END_TEST
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- START_TEST(cache_ssess_04)
- {
- SSL_SESSION *s1, *s2;
-+ char* session_id;
-+ unsigned int len;
-
- s1 = ssl_session_from_file(TMP_SESS_FILE);
- fail_unless(!!s1, "creating session failed");
-@@ -123,7 +135,8 @@ START_TEST(cache_ssess_04)
- fail_unless(s1->references == 1, "refcount != 1");
- cachemgr_ssess_set(s1);
- fail_unless(s1->references == 1, "refcount != 1");
-- s2 = cachemgr_ssess_get(s1->session_id, s1->session_id_length);
-+ session_id = SSL_SESSION_get_id(s1, &len);
-+ s2 = cachemgr_ssess_get(session_id, len);
- fail_unless(s1->references == 1, "refcount != 1");
- fail_unless(!!s2, "cache returned no session");
- fail_unless(s2->references == 1, "refcount != 1");
-@@ -137,6 +150,7 @@ START_TEST(cache_ssess_04)
- SSL_SESSION_free(s2);
- }
- END_TEST
-+#endif
-
- Suite *
- cachessess_suite(void)
-@@ -151,7 +165,9 @@ cachessess_suite(void)
- tcase_add_test(tc, cache_ssess_01);
- tcase_add_test(tc, cache_ssess_02);
- tcase_add_test(tc, cache_ssess_03);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- tcase_add_test(tc, cache_ssess_04);
-+#endif
- suite_add_tcase(s, tc);
-
- return s;
-diff --git a/extra/pki/GNUmakefile b/extra/pki/GNUmakefile
-index bd7b8d6..d0300fe 100644
---- a/extra/pki/GNUmakefile
-+++ b/extra/pki/GNUmakefile
-@@ -63,7 +63,7 @@ ec.key:
- $(OPENSSL) req -new -nodes -x509 $(DIGEST) -out $@ -key $< \
- -config $(CONFIG) -extensions $(CA_EXT) \
- -subj $(CA_SUBJECT) \
-- -set_serial 0 -days $(CA_DAYS)
-+ -set_serial 1 -days $(CA_DAYS)
-
- server.key:
- $(OPENSSL) genrsa -out $@ 2048
-@@ -112,7 +112,7 @@ targets/wildcard.roe.ch.pem: rsa.crt
-
- # localhost network connectivity is required
- session.pem:
-- openssl s_server -accept 46143 -cert server.pem -quiet -no_ssl2 & \
-+ openssl s_server -accept 46143 -cert server.pem -quiet & \
- pid=$$! ; \
- sleep 1 ; \
- echo q | $(OPENSSL) s_client -connect localhost:46143 \
-diff --git a/ssl.c b/ssl.c
-index ca19263..417d57d 100644
---- a/ssl.c
-+++ b/ssl.c
-@@ -88,6 +88,39 @@ ssl_ssl_cert_get(SSL *s)
- }
- #endif /* OpenSSL 0.9.8y, 1.0.0k or 1.0.1e */
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
-+#define SSL_is_server(ssl) (ssl->type != SSL_ST_CONNECT)
-+#define X509_get_signature_nid(x509) (OBJ_obj2nid(x509->sig_alg->algorithm))
-+static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
-+{
-+ /* If the fields p and g in d are NULL, the corresponding input
-+ * parameters MUST be non-NULL. q may remain NULL.
-+ */
-+ if ((dh->p == NULL && p == NULL)
-+ || (dh->g == NULL && g == NULL))
-+ return 0;
-+
-+ if (p != NULL) {
-+ BN_free(dh->p);
-+ dh->p = p;
-+ }
-+ if (q != NULL) {
-+ BN_free(dh->q);
-+ dh->q = q;
-+ }
-+ if (g != NULL) {
-+ BN_free(dh->g);
-+ dh->g = g;
-+ }
-+
-+ if (q != NULL) {
-+ dh->length = BN_num_bits(q);
-+ }
-+
-+ return 1;
-+}
-+#endif
-+
-
- /*
- * Print OpenSSL version and build-time configuration to standard error and
-@@ -226,7 +259,7 @@ ssl_openssl_version(void)
- */
- static int ssl_initialized = 0;
-
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- struct CRYPTO_dynlock_value {
- pthread_mutex_t mutex;
- };
-@@ -331,7 +364,7 @@ ssl_init(void)
- OpenSSL_add_all_algorithms();
-
- /* thread-safety */
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- ssl_mutex_num = CRYPTO_num_locks();
- ssl_mutex = malloc(ssl_mutex_num * sizeof(*ssl_mutex));
- for (int i = 0; i < ssl_mutex_num; i++) {
-@@ -397,7 +430,7 @@ ssl_reinit(void)
- if (!ssl_initialized)
- return;
-
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- for (int i = 0; i < ssl_mutex_num; i++) {
- pthread_mutex_init(&ssl_mutex[i], NULL);
- }
-@@ -416,7 +449,7 @@ ssl_fini(void)
-
- ERR_remove_state(0); /* current thread */
-
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- CRYPTO_set_locking_callback(NULL);
- CRYPTO_set_dynlock_create_callback(NULL);
- CRYPTO_set_dynlock_lock_callback(NULL);
-@@ -476,16 +509,14 @@ ssl_ssl_state_to_str(SSL *ssl)
- char *str = NULL;
- int rv;
-
-- rv = asprintf(&str, "%08x = %s%s%s%04x = %s (%s) [%s]",
-- ssl->state,
-- (ssl->state & SSL_ST_CONNECT) ? "SSL_ST_CONNECT|" : "",
-- (ssl->state & SSL_ST_ACCEPT) ? "SSL_ST_ACCEPT|" : "",
-- (ssl->state & SSL_ST_BEFORE) ? "SSL_ST_BEFORE|" : "",
-- ssl->state & SSL_ST_MASK,
-+ rv = asprintf(&str, "%08x = %s%s%04x = %s (%s) [%s]",
-+ SSL_get_state(ssl),
-+ (SSL_get_state(ssl) & SSL_ST_CONNECT) ? "SSL_ST_CONNECT|" : "",
-+ (SSL_get_state(ssl) & SSL_ST_ACCEPT) ? "SSL_ST_ACCEPT|" : "",
-+ SSL_get_state(ssl) & SSL_ST_MASK,
- SSL_state_string(ssl),
- SSL_state_string_long(ssl),
-- (ssl->type == SSL_ST_CONNECT) ? "connect socket"
-- : "accept socket");
-+ SSL_is_server(ssl) ? "accept socket" : "connect socket");
-
- return (rv < 0) ? NULL : str;
- }
-@@ -587,6 +618,7 @@ DH *
- ssl_tmp_dh_callback(UNUSED SSL *s, int is_export, int keylength)
- {
- DH *dh;
-+ int success = 0;
-
- if (!(dh = DH_new())) {
- log_err_printf("DH_new() failed\n");
-@@ -594,16 +626,20 @@ ssl_tmp_dh_callback(UNUSED SSL *s, int is_export, int keylength)
- }
- switch (keylength) {
- case 512:
-- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
-+ success = DH_set0_pqg(dh, BN_bin2bn(dh512_p, sizeof(dh512_p), NULL), NULL,
-+ BN_bin2bn(dh_g, sizeof(dh_g), NULL));
- break;
- case 1024:
-- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
-+ success = DH_set0_pqg(dh, BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL), NULL,
-+ BN_bin2bn(dh_g, sizeof(dh_g), NULL));
- break;
- case 2048:
-- dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
-+ success = DH_set0_pqg(dh, BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL), NULL,
-+ BN_bin2bn(dh_g, sizeof(dh_g), NULL));
- break;
- case 4096:
-- dh->p = BN_bin2bn(dh4096_p, sizeof(dh4096_p), NULL);
-+ success = DH_set0_pqg(dh, BN_bin2bn(dh4096_p, sizeof(dh4096_p), NULL), NULL,
-+ BN_bin2bn(dh_g, sizeof(dh_g), NULL));
- break;
- default:
- log_err_printf("Unhandled DH keylength %i%s\n",
-@@ -612,8 +648,7 @@ ssl_tmp_dh_callback(UNUSED SSL *s, int is_export, int keylength)
- DH_free(dh);
- return NULL;
- }
-- dh->g = BN_bin2bn(dh_g, sizeof(dh_g), NULL);
-- if (!dh->p || !dh->g) {
-+ if (!success) {
- log_err_printf("Failed to load DH p and g from memory\n");
- DH_free(dh);
- return NULL;
-@@ -841,7 +876,7 @@ ssl_x509_forge(X509 *cacrt, EVP_PKEY *cakey, X509 *origcrt,
- if (!gn)
- goto errout2;
- gn->type = GEN_DNS;
-- gn->d.dNSName = M_ASN1_IA5STRING_new();
-+ gn->d.dNSName = ASN1_IA5STRING_new();
- if (!gn->d.dNSName)
- goto errout3;
- ASN1_STRING_set(gn->d.dNSName,
-@@ -865,10 +900,10 @@ ssl_x509_forge(X509 *cacrt, EVP_PKEY *cakey, X509 *origcrt,
- #endif /* DEBUG_CERTIFICATE */
-
- const EVP_MD *md;
-- switch (EVP_PKEY_type(cakey->type)) {
-+ switch (EVP_PKEY_type(EVP_PKEY_base_id(cakey))) {
- #ifndef OPENSSL_NO_RSA
- case EVP_PKEY_RSA:
-- switch (OBJ_obj2nid(origcrt->sig_alg->algorithm)) {
-+ switch (X509_get_signature_nid(origcrt)) {
- case NID_md5WithRSAEncryption:
- md = EVP_md5();
- break;
-@@ -897,12 +932,20 @@ ssl_x509_forge(X509 *cacrt, EVP_PKEY *cakey, X509 *origcrt,
- #endif /* !OPENSSL_NO_RSA */
- #ifndef OPENSSL_NO_DSA
- case EVP_PKEY_DSA:
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- md = EVP_dss1();
-+#else
-+ md = EVP_sha1();
-+#endif
- break;
- #endif /* !OPENSSL_NO_DSA */
- #ifndef OPENSSL_NO_ECDSA
- case EVP_PKEY_EC:
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- md = EVP_ecdsa();
-+#else
-+ md = EVP_sha1();
-+#endif
- break;
- #endif /* !OPENSSL_NO_ECDSA */
- default:
-@@ -1015,7 +1058,6 @@ ssl_x509chain_use(SSL_CTX *sslctx, X509 *crt, STACK_OF(X509) *chain)
-
- tmpcrt = sk_X509_value(chain, i);
- ssl_x509_refcount_inc(tmpcrt);
-- sk_X509_push(sslctx->extra_certs, tmpcrt);
- SSL_CTX_add_extra_chain_cert(sslctx, tmpcrt);
- }
- }
-@@ -1117,14 +1159,15 @@ int
- ssl_key_identifier_sha1(EVP_PKEY *key, unsigned char *keyid)
- {
- X509_PUBKEY *pubkey = NULL;
-- ASN1_BIT_STRING *pk;
-+ const unsigned char *pk;
-+ int length;
-
- /* X509_PUBKEY_set() will attempt to free pubkey if != NULL */
- if (X509_PUBKEY_set(&pubkey, key) != 1 || !pubkey)
- return -1;
-- if (!(pk = pubkey->public_key))
-+ if (!X509_PUBKEY_get0_param(NULL, &pk, &length, NULL, pubkey))
- goto errout;
-- if (!EVP_Digest(pk->data, pk->length, keyid, NULL, EVP_sha1(), NULL))
-+ if (!EVP_Digest(pk, length, keyid, NULL, EVP_sha1(), NULL))
- goto errout;
- X509_PUBKEY_free(pubkey);
- return 0;
-@@ -1221,10 +1264,10 @@ ssl_x509_fingerprint(X509 *crt, int colons)
- void
- ssl_dh_refcount_inc(DH *dh)
- {
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- CRYPTO_add(&dh->references, 1, CRYPTO_LOCK_DH);
- #else /* !OPENSSL_THREADS */
-- dh->references++;
-+ DH_up_ref(dh);
- #endif /* !OPENSSL_THREADS */
- }
- #endif /* !OPENSSL_NO_DH */
-@@ -1236,10 +1279,10 @@ ssl_dh_refcount_inc(DH *dh)
- void
- ssl_key_refcount_inc(EVP_PKEY *key)
- {
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EVP_PKEY);
- #else /* !OPENSSL_THREADS */
-- key->references++;
-+ EVP_PKEY_up_ref(key);
- #endif /* !OPENSSL_THREADS */
- }
-
-@@ -1251,10 +1294,10 @@ ssl_key_refcount_inc(EVP_PKEY *key)
- void
- ssl_x509_refcount_inc(X509 *crt)
- {
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- CRYPTO_add(&crt->references, 1, CRYPTO_LOCK_X509);
- #else /* !OPENSSL_THREADS */
-- crt->references++;
-+ X509_up_ref(crt);
- #endif /* !OPENSSL_THREADS */
- }
-
-diff --git a/ssl.t.c b/ssl.t.c
-index 997794f..9705976 100644
---- a/ssl.t.c
-+++ b/ssl.t.c
-@@ -498,6 +498,10 @@ START_TEST(ssl_tls_clienthello_parse_10)
- }
- END_TEST
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
-+#define ASN1_STRING_get0_data(value) ASN1_STRING_data(value)
-+#endif
-+
- START_TEST(ssl_key_identifier_sha1_01)
- {
- X509 *c;
-@@ -515,9 +519,10 @@ START_TEST(ssl_key_identifier_sha1_01)
- int loc = X509_get_ext_by_NID(c, NID_subject_key_identifier, -1);
- X509_EXTENSION *ext = X509_get_ext(c, loc);
- fail_unless(!!ext, "loading ext failed");
-- fail_unless(ext->value->length - 2 == SSL_KEY_IDSZ,
-- "extension length mismatch");
-- fail_unless(!memcmp(ext->value->data + 2, keyid, SSL_KEY_IDSZ),
-+ ASN1_STRING *value = X509_EXTENSION_get_data(ext);
-+ fail_unless(ASN1_STRING_length(value) - 2 == SSL_KEY_IDSZ,
-+ "extension length mismatch");
-+ fail_unless(!memcmp(ASN1_STRING_get0_data(value) + 2, keyid, SSL_KEY_IDSZ),
- "key id mismatch");
- }
- END_TEST
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2018-01-25 22:23:28 UTC (rev 286971)
+++ PKGBUILD 2018-01-25 22:25:53 UTC (rev 286972)
@@ -1,26 +1,19 @@
# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
pkgname=sslsplit
-pkgver=0.5.0
-pkgrel=3
-pkgdesc="Tool for man-in-the-middle attacks against SSL/TLS encrypted network connections"
-url="https://www.roe.ch/SSLsplit"
+pkgver=0.5.1
+pkgrel=1
+pkgdesc='Tool for man-in-the-middle attacks against SSL/TLS encrypted network connections'
+url='https://www.roe.ch/SSLsplit'
arch=('x86_64')
license=('BSD')
depends=('libevent' 'openssl')
checkdepends=('check')
-source=(https://mirror.roe.ch/rel/${pkgname}/${pkgname}-${pkgver}.tar.bz2{,.asc}
- 0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch)
-sha512sums=('d8d4f294018a7a28b6e5cdec4690c5078118e1fc9c8b78d626290cdb5f2c8d2ecdbbee776a50666a99c522e9e22a15e85b5a602c412e242ec4cce64327555862'
- 'SKIP'
- 'b3fbde26b992c40adb15d218ce067ecc53707ed9746b3a7e166d0333543283368a0c439903d36dedfb6fd9d33599abbf0554b731a68bd2524824319e1970de56')
+source=(https://mirror.roe.ch/rel/${pkgname}/${pkgname}-${pkgver}.tar.bz2{,.asc})
+sha512sums=('89f399e9efa86610ede5d4f1ebaedfe90c2da36fa7d613c92f5b1a83bc385a83fd2775f350e6f320cd637c4546a7cbb97b7a554214ccb639df047370227d8d92'
+ 'SKIP')
validpgpkeys=('BFF9C7D7EA0EAC7F1AA55B3EFABE3324B5D3397E') # Daniel Roethlisberger <daniel at roe.ch>
-prepare() {
- cd ${pkgname}-${pkgver}
- patch -p1 < "${srcdir}/0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch"
-}
-
build() {
cd ${pkgname}-${pkgver}
make
@@ -34,7 +27,7 @@
package() {
cd ${pkgname}-${pkgver}
make PREFIX="${pkgdir}/usr" install
- install -Dm 644 LICENSE.md "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+ install -Dm 644 LICENSE.md -t "${pkgdir}/usr/share/licenses/${pkgname}"
install -Dm 644 README.md NEWS.md -t "${pkgdir}/usr/share/doc/${pkgname}"
}
More information about the arch-commits
mailing list