[arch-commits] Commit in sslscan/repos (3 files)
Felix Yan
felixonmars at archlinux.org
Tue Jul 7 14:15:25 UTC 2020
Date: Tuesday, July 7, 2020 @ 14:15:24
Author: felixonmars
Revision: 658784
archrelease: copy trunk to community-staging-x86_64
Added:
sslscan/repos/community-staging-x86_64/
sslscan/repos/community-staging-x86_64/PKGBUILD
(from rev 658783, sslscan/trunk/PKGBUILD)
sslscan/repos/community-staging-x86_64/add-checks-for-ssl3.patch
(from rev 658783, sslscan/trunk/add-checks-for-ssl3.patch)
---------------------------+
PKGBUILD | 33 ++++++++++
add-checks-for-ssl3.patch | 133 ++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 166 insertions(+)
Copied: sslscan/repos/community-staging-x86_64/PKGBUILD (from rev 658783, sslscan/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD (rev 0)
+++ community-staging-x86_64/PKGBUILD 2020-07-07 14:15:24 UTC (rev 658784)
@@ -0,0 +1,33 @@
+# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
+# Contributor: Remi Gacogne <rgacogne-arch at coredump dot fr>
+
+pkgname=sslscan
+pkgver=1.10.2
+pkgrel=8
+pkgdesc="A fast tools to scan SSL services, such as HTTPS to determine the ciphers that are supported"
+url="https://github.com/DinoTools/sslscan/"
+arch=('x86_64')
+license=('GPL3')
+depends=('openssl-1.0')
+source=(${pkgname}-${pkgver}.tar.gz::https://github.com/DinoTools/${pkgname}/archive/${pkgver}.tar.gz
+ add-checks-for-ssl3.patch)
+sha512sums=('b7bf9a12c0469893bf1ada53f42cf0a7c286d6bcb5db260ea0ecd6c332ccb8ec6caafa07cd78d15582af5d154b6f4c84cee55ba2fe5a286cb9bd3f9c83e60c34'
+ '2cc720dfc12ba8e50b5dc9665cb34a567f26b9685da36dcd56b937a2b3aa9b8199f241074558ed870fdd7b77415396723edff040904c585d519d0b66582dca29')
+
+prepare() {
+ cd ${pkgname}-${pkgver}
+ patch -Np1 -i ../add-checks-for-ssl3.patch
+ sed -e 's/CFLAGS ?=/CFLAGS +=/' -e 's/LDFLAGS ?=/LDFLAGS +=/' -i Makefile
+}
+
+build() {
+ cd ${pkgname}-${pkgver}
+ make OPENSSL_INCLUDE=/usr/include/openssl-1.0 OPENSSL_LIB=/usr/lib/openssl-1.0
+}
+
+package() {
+ cd ${pkgname}-${pkgver}
+ make BINPATH="${pkgdir}/usr/bin" MANPATH="${pkgdir}/usr/share/man" install
+}
+
+# vim:set ts=2 sw=2 et:
Copied: sslscan/repos/community-staging-x86_64/add-checks-for-ssl3.patch (from rev 658783, sslscan/trunk/add-checks-for-ssl3.patch)
===================================================================
--- community-staging-x86_64/add-checks-for-ssl3.patch (rev 0)
+++ community-staging-x86_64/add-checks-for-ssl3.patch 2020-07-07 14:15:24 UTC (rev 658784)
@@ -0,0 +1,133 @@
+diff -uprb sslscan-1.10.2.orig/sslscan.c sslscan-1.10.2/sslscan.c
+--- sslscan-1.10.2.orig/sslscan.c 2014-02-14 16:59:08.000000000 +0200
++++ sslscan-1.10.2/sslscan.c 2016-03-02 22:24:34.714187733 +0200
+@@ -1083,8 +1083,9 @@ int testCipher(struct sslCheckOptions *o
+ }
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, " sslversion=\"");
++ if (0) {}
+ #ifndef OPENSSL_NO_SSL2
+- if (sslCipherPointer->sslMethod == SSLv2_client_method())
++ else if (sslCipherPointer->sslMethod == SSLv2_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, "SSLv2\" bits=\"");
+@@ -1093,10 +1094,9 @@ int testCipher(struct sslCheckOptions *o
+ else
+ printf("SSLv2 ");
+ }
+- else if (sslCipherPointer->sslMethod == SSLv3_client_method())
+-#else
+- if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ #endif
++#ifndef OPENSSL_NO_SSL3
++ else if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, "SSLv3\" bits=\"");
+@@ -1105,6 +1105,7 @@ int testCipher(struct sslCheckOptions *o
+ else
+ printf("SSLv3 ");
+ }
++#endif
+ else if (sslCipherPointer->sslMethod == TLSv1_client_method())
+ {
+ if (options->xmlOutput != 0)
+@@ -1238,8 +1239,9 @@ int defaultCipher(struct sslCheckOptions
+ cipherStatus = SSL_connect(ssl);
+ if (cipherStatus == 0 || cipherStatus == 1)
+ {
++ if (0) {}
+ #ifndef OPENSSL_NO_SSL2
+- if (sslMethod == SSLv2_client_method())
++ else if (sslMethod == SSLv2_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv2\" bits=\"");
+@@ -1248,10 +1250,9 @@ int defaultCipher(struct sslCheckOptions
+ else
+ printf(" SSLv2 ");
+ }
+- else if (sslMethod == SSLv3_client_method())
+-#else
+- if (sslMethod == SSLv3_client_method())
+ #endif
++#ifndef OPENSSL_NO_SSL3
++ else if (sslMethod == SSLv3_client_method())
+ {
+ if (options->xmlOutput != 0)
+ fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv3\" bits=\"");
+@@ -1260,6 +1261,7 @@ int defaultCipher(struct sslCheckOptions
+ else
+ printf(" SSLv3 ");
+ }
++#endif
+ else if (sslMethod == TLSv1_client_method())
+ {
+ if (options->xmlOutput != 0)
+@@ -1937,8 +1939,10 @@ int testHost(struct sslCheckOptions *opt
+ if (status != false)
+ status = defaultCipher(options, SSLv2_client_method());
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ if (status != false)
+ status = defaultCipher(options, SSLv3_client_method());
++#endif
+ if (status != false)
+ status = defaultCipher(options, TLSv1_client_method());
+
+@@ -1957,7 +1961,9 @@ int testHost(struct sslCheckOptions *opt
+ #endif
+ break;
+ case ssl_v3:
++#ifndef OPENSSL_NO_SSL3
+ status = defaultCipher(options, SSLv3_client_method());
++#endif
+ break;
+ case tls_v1:
+ status = defaultCipher(options, TLSv1_client_method());
+@@ -2142,9 +2148,11 @@ int main(int argc, char *argv[])
+ options.sslVersion = ssl_v2;
+ #endif // #ifndef OPENSSL_NO_SSL2
+
++#ifndef OPENSSL_NO_SSL3
+ // SSL v3 only...
+ else if (strcmp("--ssl3", argv[argLoop]) == 0)
+ options.sslVersion = ssl_v3;
++#endif // #ifndef OPENSSL_NO_SSL3
+
+ // TLS v1 only...
+ else if (strcmp("--tls1", argv[argLoop]) == 0)
+@@ -2249,7 +2257,9 @@ int main(int argc, char *argv[])
+ #ifndef OPENSSL_NO_SSL2
+ printf(" %s--ssl2%s Only check SSLv2 ciphers.\n", COL_GREEN, RESET);
+ #endif // #ifndef OPENSSL_NO_SSL2
++#ifndef OPENSSL_NO_SSL3
+ printf(" %s--ssl3%s Only check SSLv3 ciphers.\n", COL_GREEN, RESET);
++#endif // #ifndef OPENSSL_NO_SSL3
+ printf(" %s--tls1%s Only check TLSv1 ciphers.\n", COL_GREEN, RESET);
+ #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL
+ printf(" %s--tls11%s Only check TLSv11 ciphers.\n", COL_GREEN, RESET);
+@@ -2299,7 +2309,10 @@ int main(int argc, char *argv[])
+ populateCipherList(&options, SSLv2_client_method());
+ #endif
+
++#ifndef OPENSSL_NO_SSL3
+ populateCipherList(&options, SSLv3_client_method());
++#endif
++
+ populateCipherList(&options, TLSv1_client_method());
+
+ #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL
+@@ -2313,9 +2326,11 @@ int main(int argc, char *argv[])
+ populateCipherList(&options, SSLv2_client_method());
+ break;
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ case ssl_v3:
+ populateCipherList(&options, SSLv3_client_method());
+ break;
++#endif
+ case tls_v1:
+ populateCipherList(&options, TLSv1_client_method());
+ break;
More information about the arch-commits
mailing list