[PATCH] ssldump-0.9b3 -- obsługa AES + kompilacja na x86-64

Adam Osuchowski Sun, 06 Mar 2011 07:30:01 -0800

W załączeniu patche na ssldumpa do obsługi AESa i poprawną ścieżkę do
bibliotek na x86-64. Proszę o założenie.

diff -ruN ssldump-0.9b3.orig/ssl/ciphersuites.c ssl/ciphersuites.c
--- ssldump-0.9b3.orig/ssl/ciphersuites.c       2002-08-16 19:33:17.000000000 
-0600
+++ ssldump-0.9b3/ssl/ciphersuites.c    2003-04-25 11:30:44.000000000 -0600
@@ -78,10 +78,25 @@
      {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1},
      {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0},
      {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0},
+
+     {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0},
+
+     {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0},
+
      {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1},
      {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1},
      {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1},
-     {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1},
+     {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1},
      {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1},
      {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},     
      {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
diff -ruN ssldump-0.9b3.orig/ssl/sslciphers.h ssldump-0.9b3/ssl/sslciphers.h
--- ssldump-0.9b3.orig/ssl/sslciphers.h 2002-08-16 19:33:17.000000000 -0600
+++ ssldump-0.9b3/ssl/sslciphers.h      2003-04-25 11:30:46.000000000 -0600
@@ -71,7 +71,9 @@
 #define ENC_RC4                0x32
 #define ENC_RC2                0x33
 #define ENC_IDEA       0x34
-#define ENC_NULL       0x35
+#define ENC_AES128      0x35
+#define ENC_AES256      0x36
+#define ENC_NULL       0x37
 
 #define DIG_MD5                0x40
 #define DIG_SHA                0x41
diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums ssldump-0.9b3/ssl/ssl.enums
--- ssldump-0.9b3.orig/ssl/ssl.enums    2001-07-20 10:44:32.000000000 -0600
+++ ssldump-0.9b3/ssl/ssl.enums 2003-04-25 11:30:45.000000000 -0600
@@ -356,6 +356,18 @@
     CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA  = { 0x00,0x19 };
     CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA           = { 0x00,0x1A };
     CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA      = { 0x00,0x1B };
+    CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA           = { 0x00,0x2F };
+    CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA        = { 0x00,0x30 };
+    CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA        = { 0x00,0x31 };
+    CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA       = { 0x00,0x32 };
+    CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA       = { 0x00,0x33 };
+    CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA       = { 0x00,0x34 };
+    CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA           = { 0x00,0x35 };
+    CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA        = { 0x00,0x36 };
+    CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA        = { 0x00,0x37 };
+    CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA       = { 0x00,0x38 };
+    CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA       = { 0x00,0x39 };
+    CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA       = { 0x00,0x3A };
     CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5     = { 0x00,0x60 };
     CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5   = { 0x00,0x61 };
     CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     = { 0x00,0x62 };
diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums.c ssldump-0.9b3/ssl/ssl.enums.c
--- ssldump-0.9b3.orig/ssl/ssl.enums.c  2001-07-20 10:44:36.000000000 -0600
+++ ssldump-0.9b3/ssl/ssl.enums.c       2003-04-25 11:30:45.000000000 -0600
@@ -611,6 +611,54 @@
                "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
                0       },
        {
+               47,
+               "TLS_RSA_WITH_AES_128_CBC_SHA",
+               0       },
+       {
+               48,
+               "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
+               0       },
+       {
+               49,
+               "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
+               0       },
+       {
+               50,
+               "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+               0       },
+       {
+               51,
+               "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+               0       },
+       {
+               52,
+               "TLS_DH_anon_WITH_AES_128_CBC_SHA",
+               0       },
+       {
+               53,
+               "TLS_RSA_WITH_AES_256_CBC_SHA",
+               0       },
+       {
+               54,
+               "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
+               0       },
+       {
+               55,
+               "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
+               0       },
+       {
+               56,
+               "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+               0       },
+       {
+               57,
+               "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+               0       },
+       {
+               58,
+               "TLS_DH_anon_WITH_AES_256_CBC_SHA",
+               0       },
+       {
                96,
                "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",
                0       },
diff -ruN ssldump-0.9b3.orig/ssl/ssl_rec.c ssldump-0.9b3/ssl/ssl_rec.c
--- ssldump-0.9b3.orig/ssl/ssl_rec.c    2000-11-02 23:38:06.000000000 -0700
+++ ssldump-0.9b3/ssl/ssl_rec.c 2003-04-25 11:30:46.000000000 -0600
@@ -78,7 +78,9 @@
      "DES3",
      "RC4",
      "RC2",
-     "IDEA"
+     "IDEA",
+     "AES128",
+     "AES256"
 };
 
 
@@ -101,6 +103,11 @@
     /* Find the SSLeay cipher */
     if(cs->enc!=ENC_NULL){
       ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
+      if(!ciph)
+       ABORT(R_INTERNAL);
+    }
+    else {
+      ciph=EVP_enc_null();
     }
 
     if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1)))
@@ -169,7 +176,7 @@
     *outl=inl;
     
     /* Now strip off the padding*/
-    if(d->cs->block!=1){
+    if(d->cs->block>1){
       pad=out[inl-1];
       *outl-=(pad+1);
     }

--- ssldump-0.9b3/configure.in.orig     2010-06-01 20:36:09.856619142 +0200
+++ ssldump-0.9b3/configure.in  2010-06-01 20:36:33.458652627 +0200
@@ -132,7 +132,7 @@
 dnl See if we can find OpenSSL
 dnl We can compile without OpenSSL if we have to
 ac_use_openssl="true"
-ac_openssl_lib_dir="/usr/lib /usr/local /usr/local/ssl /usr/local/ssl/lib 
/usr/pkg"
+ac_openssl_lib_dir="/usr/lib /usr/lib64 /usr/local /usr/local/ssl 
/usr/local/ssl/lib /usr/pkg"
 ac_openssl_inc_dir="/usr/include /usr/local /usr/local/ssl /usr/pkg 
/usr/local/ssl/include"
 
 AC_ARG_WITH(openssl,[--with-openssl            root location for OpenSSL],

--- ssldump.spec.orig   2010-11-13 01:31:30.000000000 +0100
+++ ssldump.spec        2011-03-06 16:24:54.159110954 +0100
@@ -10,6 +10,8 @@
 Source0:       http://www.rtfm.com/ssldump/%{name}-%{version}.tar.gz
 # Source0-md5: ac8c28fe87508d6bfb06344ec496b1dd
 Patch0:        %{name}-openssl.patch
+Patch1:                %{name}-aes.patch
+Patch2:                %{name}-64bit-libdir.patch
 URL:           http://www.rtfm.com/ssldump/
 BuildRequires: autoconf
 BuildRequires: automake
@@ -37,6 +39,8 @@
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
+%patch2 -p1
 
 sed -i -e 's#libpcap.a#libpcap.so#g' configure*
 sed -i -e 's#net/bpf.h#pcap-bpf.h#g' base/pcap-snoop.c

_______________________________________________
pld-devel-pl mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-devel-pl

[PATCH] ssldump-0.9b3 -- obsługa AES + kompilacja na x86-64

Odpowiedź listem elektroniczym