Date: Tuesday, March 21, 2017 @ 23:23:32 Author: jgc Revision: 218241
archrelease: copy trunk to community-staging-x86_64 Added: sslscan/repos/community-staging-x86_64/ sslscan/repos/community-staging-x86_64/PKGBUILD (from rev 218240, sslscan/trunk/PKGBUILD) sslscan/repos/community-staging-x86_64/add-checks-for-ssl3.patch (from rev 218240, sslscan/trunk/add-checks-for-ssl3.patch) ---------------------------+ PKGBUILD | 33 ++++++++++ add-checks-for-ssl3.patch | 133 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 166 insertions(+) Copied: sslscan/repos/community-staging-x86_64/PKGBUILD (from rev 218240, sslscan/trunk/PKGBUILD) =================================================================== --- community-staging-x86_64/PKGBUILD (rev 0) +++ community-staging-x86_64/PKGBUILD 2017-03-21 23:23:32 UTC (rev 218241) @@ -0,0 +1,33 @@ +# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> +# Contributor: Remi Gacogne <rgacogne-arch at coredump dot fr> + +pkgname=sslscan +pkgver=1.10.2 +pkgrel=4 +pkgdesc="A fast tools to scan SSL services, such as HTTPS to determine the ciphers that are supported" +url="https://github.com/DinoTools/sslscan/" +arch=('i686' 'x86_64') +license=('GPL3') +depends=('openssl-1.0') +source=(${pkgname}-${pkgver}.tar.gz::https://github.com/DinoTools/${pkgname}/archive/${pkgver}.tar.gz + add-checks-for-ssl3.patch) +sha512sums=('b7bf9a12c0469893bf1ada53f42cf0a7c286d6bcb5db260ea0ecd6c332ccb8ec6caafa07cd78d15582af5d154b6f4c84cee55ba2fe5a286cb9bd3f9c83e60c34' + '2cc720dfc12ba8e50b5dc9665cb34a567f26b9685da36dcd56b937a2b3aa9b8199f241074558ed870fdd7b77415396723edff040904c585d519d0b66582dca29') + +prepare() { + cd ${pkgname}-${pkgver} + patch -Np1 -i ../add-checks-for-ssl3.patch + sed -e 's/CFLAGS ?=/CFLAGS +=/' -e 's/LDFLAGS ?=/LDFLAGS +=/' -i Makefile +} + +build() { + cd ${pkgname}-${pkgver} + make OPENSSL_INCLUDE=/usr/include/openssl-1.0 OPENSSL_LIB=/usr/lib/openssl-1.0 +} + +package() { + cd ${pkgname}-${pkgver} + make BINPATH="${pkgdir}/usr/bin" MANPATH="${pkgdir}/usr/share/man" install +} + +# vim:set ts=2 sw=2 et: Copied: sslscan/repos/community-staging-x86_64/add-checks-for-ssl3.patch (from rev 218240, sslscan/trunk/add-checks-for-ssl3.patch) =================================================================== --- community-staging-x86_64/add-checks-for-ssl3.patch (rev 0) +++ community-staging-x86_64/add-checks-for-ssl3.patch 2017-03-21 23:23:32 UTC (rev 218241) @@ -0,0 +1,133 @@ +diff -uprb sslscan-1.10.2.orig/sslscan.c sslscan-1.10.2/sslscan.c +--- sslscan-1.10.2.orig/sslscan.c 2014-02-14 16:59:08.000000000 +0200 ++++ sslscan-1.10.2/sslscan.c 2016-03-02 22:24:34.714187733 +0200 +@@ -1083,8 +1083,9 @@ int testCipher(struct sslCheckOptions *o + } + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, " sslversion=\""); ++ if (0) {} + #ifndef OPENSSL_NO_SSL2 +- if (sslCipherPointer->sslMethod == SSLv2_client_method()) ++ else if (sslCipherPointer->sslMethod == SSLv2_client_method()) + { + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, "SSLv2\" bits=\""); +@@ -1093,10 +1094,9 @@ int testCipher(struct sslCheckOptions *o + else + printf("SSLv2 "); + } +- else if (sslCipherPointer->sslMethod == SSLv3_client_method()) +-#else +- if (sslCipherPointer->sslMethod == SSLv3_client_method()) + #endif ++#ifndef OPENSSL_NO_SSL3 ++ else if (sslCipherPointer->sslMethod == SSLv3_client_method()) + { + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, "SSLv3\" bits=\""); +@@ -1105,6 +1105,7 @@ int testCipher(struct sslCheckOptions *o + else + printf("SSLv3 "); + } ++#endif + else if (sslCipherPointer->sslMethod == TLSv1_client_method()) + { + if (options->xmlOutput != 0) +@@ -1238,8 +1239,9 @@ int defaultCipher(struct sslCheckOptions + cipherStatus = SSL_connect(ssl); + if (cipherStatus == 0 || cipherStatus == 1) + { ++ if (0) {} + #ifndef OPENSSL_NO_SSL2 +- if (sslMethod == SSLv2_client_method()) ++ else if (sslMethod == SSLv2_client_method()) + { + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv2\" bits=\""); +@@ -1248,10 +1250,9 @@ int defaultCipher(struct sslCheckOptions + else + printf(" SSLv2 "); + } +- else if (sslMethod == SSLv3_client_method()) +-#else +- if (sslMethod == SSLv3_client_method()) + #endif ++#ifndef OPENSSL_NO_SSL3 ++ else if (sslMethod == SSLv3_client_method()) + { + if (options->xmlOutput != 0) + fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv3\" bits=\""); +@@ -1260,6 +1261,7 @@ int defaultCipher(struct sslCheckOptions + else + printf(" SSLv3 "); + } ++#endif + else if (sslMethod == TLSv1_client_method()) + { + if (options->xmlOutput != 0) +@@ -1937,8 +1939,10 @@ int testHost(struct sslCheckOptions *opt + if (status != false) + status = defaultCipher(options, SSLv2_client_method()); + #endif ++#ifndef OPENSSL_NO_SSL3 + if (status != false) + status = defaultCipher(options, SSLv3_client_method()); ++#endif + if (status != false) + status = defaultCipher(options, TLSv1_client_method()); + +@@ -1957,7 +1961,9 @@ int testHost(struct sslCheckOptions *opt + #endif + break; + case ssl_v3: ++#ifndef OPENSSL_NO_SSL3 + status = defaultCipher(options, SSLv3_client_method()); ++#endif + break; + case tls_v1: + status = defaultCipher(options, TLSv1_client_method()); +@@ -2142,9 +2148,11 @@ int main(int argc, char *argv[]) + options.sslVersion = ssl_v2; + #endif // #ifndef OPENSSL_NO_SSL2 + ++#ifndef OPENSSL_NO_SSL3 + // SSL v3 only... + else if (strcmp("--ssl3", argv[argLoop]) == 0) + options.sslVersion = ssl_v3; ++#endif // #ifndef OPENSSL_NO_SSL3 + + // TLS v1 only... + else if (strcmp("--tls1", argv[argLoop]) == 0) +@@ -2249,7 +2257,9 @@ int main(int argc, char *argv[]) + #ifndef OPENSSL_NO_SSL2 + printf(" %s--ssl2%s Only check SSLv2 ciphers.\n", COL_GREEN, RESET); + #endif // #ifndef OPENSSL_NO_SSL2 ++#ifndef OPENSSL_NO_SSL3 + printf(" %s--ssl3%s Only check SSLv3 ciphers.\n", COL_GREEN, RESET); ++#endif // #ifndef OPENSSL_NO_SSL3 + printf(" %s--tls1%s Only check TLSv1 ciphers.\n", COL_GREEN, RESET); + #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL + printf(" %s--tls11%s Only check TLSv11 ciphers.\n", COL_GREEN, RESET); +@@ -2299,7 +2309,10 @@ int main(int argc, char *argv[]) + populateCipherList(&options, SSLv2_client_method()); + #endif + ++#ifndef OPENSSL_NO_SSL3 + populateCipherList(&options, SSLv3_client_method()); ++#endif ++ + populateCipherList(&options, TLSv1_client_method()); + + #if OPENSSL_VERSION_NUMBER >= 0x1000008fL || OPENSSL_VERSION_NUMBER >= 0x1000100fL +@@ -2313,9 +2326,11 @@ int main(int argc, char *argv[]) + populateCipherList(&options, SSLv2_client_method()); + break; + #endif ++#ifndef OPENSSL_NO_SSL3 + case ssl_v3: + populateCipherList(&options, SSLv3_client_method()); + break; ++#endif + case tls_v1: + populateCipherList(&options, TLSv1_client_method()); + break;