]> git.pld-linux.org Git - packages/ssldump.git/commitdiff
Up to 1.4. master auto/th/ssldump-1.4-1
authorArkadiusz Miśkiewicz <arekm@maven.pl>
Tue, 25 Jan 2022 07:53:08 +0000 (08:53 +0100)
committerArkadiusz Miśkiewicz <arekm@maven.pl>
Tue, 25 Jan 2022 07:53:08 +0000 (08:53 +0100)
aes-support.patch [deleted file]
ssldump-openssl.patch [deleted file]
ssldump.spec

diff --git a/aes-support.patch b/aes-support.patch
deleted file mode 100644 (file)
index 7d9ced6..0000000
+++ /dev/null
@@ -1,163 +0,0 @@
-                                                                     
-                                                                     
-                                                                     
-                                             
-diff -ruN ssldump-0.9b3.orig/ssl/ciphersuites.c ssl/ciphersuites.c
---- ssldump-0.9b3.orig/ssl/ciphersuites.c      2002-08-16 19:33:17.000000000 -0600
-+++ ssldump-0.9b3/ssl/ciphersuites.c   2003-04-25 11:30:44.000000000 -0600
-@@ -78,10 +78,25 @@
-      {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1},
-      {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0},
-      {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0},
-+
-+     {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+     {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+     {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+     {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+     {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+     {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+
-+     {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+     {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+     {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+     {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+     {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+     {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+
-      {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1},
-      {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1},
-      {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1},
--     {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1},
-+     {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1},
-      {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1},
-      {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},     
-      {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
-diff -ruN ssldump-0.9b3.orig/ssl/sslciphers.h ssldump-0.9b3/ssl/sslciphers.h
---- ssldump-0.9b3.orig/ssl/sslciphers.h        2002-08-16 19:33:17.000000000 -0600
-+++ ssldump-0.9b3/ssl/sslciphers.h     2003-04-25 11:30:46.000000000 -0600
-@@ -71,7 +71,9 @@
- #define ENC_RC4               0x32
- #define ENC_RC2               0x33
- #define ENC_IDEA      0x34
--#define ENC_NULL      0x35
-+#define ENC_AES128      0x35
-+#define ENC_AES256      0x36
-+#define ENC_NULL      0x37
- #define DIG_MD5               0x40
- #define DIG_SHA               0x41
-diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums ssldump-0.9b3/ssl/ssl.enums
---- ssldump-0.9b3.orig/ssl/ssl.enums   2001-07-20 10:44:32.000000000 -0600
-+++ ssldump-0.9b3/ssl/ssl.enums        2003-04-25 11:30:45.000000000 -0600
-@@ -356,6 +356,18 @@
-     CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA  = { 0x00,0x19 };
-     CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA           = { 0x00,0x1A };
-     CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA      = { 0x00,0x1B };
-+    CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA           = { 0x00,0x2F };
-+    CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA        = { 0x00,0x30 };
-+    CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA        = { 0x00,0x31 };
-+    CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA       = { 0x00,0x32 };
-+    CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA       = { 0x00,0x33 };
-+    CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA       = { 0x00,0x34 };
-+    CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA           = { 0x00,0x35 };
-+    CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA        = { 0x00,0x36 };
-+    CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA        = { 0x00,0x37 };
-+    CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA       = { 0x00,0x38 };
-+    CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA       = { 0x00,0x39 };
-+    CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA       = { 0x00,0x3A };
-     CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5     = { 0x00,0x60 };
-     CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5   = { 0x00,0x61 };
-     CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     = { 0x00,0x62 };
-diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums.c ssldump-0.9b3/ssl/ssl.enums.c
---- ssldump-0.9b3.orig/ssl/ssl.enums.c 2001-07-20 10:44:36.000000000 -0600
-+++ ssldump-0.9b3/ssl/ssl.enums.c      2003-04-25 11:30:45.000000000 -0600
-@@ -611,6 +611,54 @@
-               "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
-               0       },
-       {
-+              47,
-+              "TLS_RSA_WITH_AES_128_CBC_SHA",
-+              0       },
-+      {
-+              48,
-+              "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
-+              0       },
-+      {
-+              49,
-+              "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
-+              0       },
-+      {
-+              50,
-+              "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
-+              0       },
-+      {
-+              51,
-+              "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-+              0       },
-+      {
-+              52,
-+              "TLS_DH_anon_WITH_AES_128_CBC_SHA",
-+              0       },
-+      {
-+              53,
-+              "TLS_RSA_WITH_AES_256_CBC_SHA",
-+              0       },
-+      {
-+              54,
-+              "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
-+              0       },
-+      {
-+              55,
-+              "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
-+              0       },
-+      {
-+              56,
-+              "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-+              0       },
-+      {
-+              57,
-+              "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
-+              0       },
-+      {
-+              58,
-+              "TLS_DH_anon_WITH_AES_256_CBC_SHA",
-+              0       },
-+      {
-               96,
-               "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",
-               0       },
-diff -ruN ssldump-0.9b3.orig/ssl/ssl_rec.c ssldump-0.9b3/ssl/ssl_rec.c
---- ssldump-0.9b3.orig/ssl/ssl_rec.c   2000-11-02 23:38:06.000000000 -0700
-+++ ssldump-0.9b3/ssl/ssl_rec.c        2003-04-25 11:30:46.000000000 -0600
-@@ -78,7 +78,9 @@
-      "DES3",
-      "RC4",
-      "RC2",
--     "IDEA"
-+     "IDEA",
-+     "AES128",
-+     "AES256"
- };
-@@ -101,6 +103,11 @@
-     /* Find the SSLeay cipher */
-     if(cs->enc!=ENC_NULL){
-       ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
-+      if(!ciph)
-+      ABORT(R_INTERNAL);
-+    }
-+    else {
-+      ciph=EVP_enc_null();
-     }
-     if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1)))
-@@ -169,7 +176,7 @@
-     *outl=inl;
-     
-     /* Now strip off the padding*/
--    if(d->cs->block!=1){
-+    if(d->cs->block>1){
-       pad=out[inl-1];
-       *outl-=(pad+1);
-     }
diff --git a/ssldump-openssl.patch b/ssldump-openssl.patch
deleted file mode 100644 (file)
index 96aab40..0000000
+++ /dev/null
@@ -1,213 +0,0 @@
-diff -Nur ssldump-0.9b3.org/base/pcap-snoop.c ssldump-0.9b3/base/pcap-snoop.c
---- ssldump-0.9b3.org/base/pcap-snoop.c        2002-09-09 21:02:58.000000000 +0000
-+++ ssldump-0.9b3/base/pcap-snoop.c    2006-05-07 15:28:09.598568500 +0000
-@@ -206,7 +206,7 @@
-     signal(SIGINT,sig_handler);
-     
--    while((c=getopt(argc,argv,"vr:f:S:Ttai:k:p:nsAxXhHVNdqem:P"))!=EOF){
-+    while((c=getopt(argc,argv,"vr:f:S:yTtai:k:p:nsAxXhHVNdqem:P"))!=EOF){
-       switch(c){
-         case 'v':
-           print_version();
-@@ -260,7 +260,7 @@
-         break;
-         case 'h':
-           usage();
--          printf("Do 'man ssldump' for documentation\n");
-+          printf("Do 'man 1 ssldump' for documentation\n");
-           exit(1);
-       case '?':
-diff -Nur ssldump-0.9b3.org/ssl/ssl_analyze.c ssldump-0.9b3/ssl/ssl_analyze.c
---- ssldump-0.9b3.org/ssl/ssl_analyze.c        2002-01-21 18:46:13.000000000 +0000
-+++ ssldump-0.9b3/ssl/ssl_analyze.c    2006-05-07 15:28:09.594568250 +0000
-@@ -133,7 +133,7 @@
-           SSL_PRINT_DECODE
-      },
-      {
--          0,
-+          'y',
-           "nroff",
-           SSL_PRINT_NROFF
-      },
-diff -Nur ssldump-0.9b3.org/ssl/ssldecode.c ssldump-0.9b3/ssl/ssldecode.c
---- ssldump-0.9b3.org/ssl/ssldecode.c  2002-08-17 01:33:17.000000000 +0000
-+++ ssldump-0.9b3/ssl/ssldecode.c      2006-05-07 15:28:09.598568500 +0000
-@@ -51,6 +51,7 @@
- #include <openssl/ssl.h>
- #include <openssl/hmac.h>
- #include <openssl/evp.h>
-+#include <openssl/md5.h>
- #include <openssl/x509v3.h>
- #endif
- #include "ssldecode.h"
-@@ -131,7 +132,8 @@
-     ssl_decode_ctx *d=0;
-     int r,_status;
-     
--    SSLeay_add_all_algorithms();
-+    SSL_library_init();
-+    OpenSSL_add_all_algorithms();
-     if(!(d=(ssl_decode_ctx *)malloc(sizeof(ssl_decode_ctx))))
-       ABORT(R_NO_MEMORY);
-     if(!(d->ssl_ctx=SSL_CTX_new(SSLv23_server_method())))
-diff -Nur ssldump-0.9b3.org/ssldump.1 ssldump-0.9b3/ssldump.1
---- ssldump-0.9b3.org/ssldump.1        2002-08-12 23:46:53.000000000 +0000
-+++ ssldump-0.9b3/ssldump.1    2006-05-07 15:28:09.598568500 +0000
-@@ -61,12 +61,9 @@
- .na
- .B ssldump
- [
--.B \-vtaTnsAxXhHVNdq
-+.B \-vTshVq
-+.B \-aAdeHnNqTxXvy
- ] [
--.B \-r
--.I dumpfile
--]
--[
- .B \-i
- .I interface
- ]
-@@ -81,6 +78,16 @@
- .I password
- ]
- [
-+.B \-r
-+.I dumpfile
-+]
-+.br
-+.ti +8
-+[ 
-+.B \-S 
-+.RI [\| crypto \||\| d \||\| ht \||\| H \||\| nroff \|] 
-+]
-+[
- .I expression
- ]
- .br
-@@ -125,6 +132,7 @@
- You must have read access to
- .IR /dev/bpf* .
- .SH OPTIONS
-+.TP
- .B \-a
- Print bare TCP ACKs (useful for observing Nagle behavior)
- .TP
-@@ -135,7 +143,7 @@
- .B \-d
- Display the application data traffic. This usually means
- decrypting it, but when -d is used ssldump will also decode
--application data traffic _before_ the SSL session initiates.
-+application data traffic \fIbefore\fP the SSL session initiates.
- This allows you to see HTTPS CONNECT behavior as well as
- SMTP STARTTLS. As a side effect, since ssldump can't tell
- whether plaintext is traffic before the initiation of an
-@@ -148,18 +156,9 @@
- .B \-e
- Print absolute timestamps instead of relative timestamps
- .TP
--.B \-r
--Read data from \fIfile\fP instead of from the network.
--The old -f option still works but is deprecated and will 
--probably be removed with the next version.
- .B \-H
- Print the full SSL packet header.
- .TP
--.B \-k
--Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format)
--Previous versions of ssldump automatically looked in ./server.pem.
--Now you must specify your keyfile every time.
--.TP
- .B \-n 
- Don't try to resolve host names from IP addresses
- .TP
-@@ -176,6 +175,12 @@
- .B \-q
- Don't decode any record fields beyond a single summary line. (quiet mode).
- .TP
-+.B \-T
-+Print the TCP headers.
-+.TP
-+.B \-v
-+Display version and copyright information.
-+.TP
- .B \-x
- Print each record in hex, as well as decoding it.
- .TP
-@@ -183,13 +188,48 @@
- When the -d option is used, binary data is automatically printed
- in two columns with a hex dump on the left and the printable characters
- on the right. -X suppresses the display of the printable characters,
--thus making it easier to cut and paste the hext data into some other
-+thus making it easier to cut and paste the hex data into some other
- program.
-+.TP
- .B \-y
--Decorate the output for processing with troff. Not very
-+Decorate the output for processing with nroff/troff. Not very
- useful for the average user.
- .TP
--.IP "\fI expression\fP"
-+.BI \-i " interface"
-+Use \fIinterface\fP as the network interface on which to sniff SSL/TLS
-+traffic.
-+.TP
-+.BI \-k " keyfile"
-+Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format)
-+Previous versions of ssldump automatically looked in ./server.pem.
-+Now you must specify your keyfile every time.
-+.TP
-+.BI \-p " password"
-+Use \fIpassword\fP as the SSL keyfile password.
-+.TP
-+.BI \-r " file"
-+Read data from \fIfile\fP instead of from the network.
-+The old -f option still works but is deprecated and will 
-+probably be removed with the next version.
-+.TP
-+.BI \-S " [ " crypto " | " d " | " ht " | " H " ]"
-+Specify SSL flags to ssldump.  These flags include:
-+.RS
-+.TP
-+.I crypto
-+Print cryptographic information.
-+.TP
-+.I d
-+Print fields as decoded.
-+.TP
-+.I ht
-+Print the handshake type.
-+.TP
-+.I H
-+Print handshake type and highlights.
-+.RE
-+.TP
-+\fIexpression\fP
- .RS
- Selects what packets ssldump will examine. Technically speaking,
- ssldump supports the full expression syntax from PCAP and tcpdump.
-@@ -200,7 +240,7 @@
- don't result in incomplete TCP streams are listed here. 
- .LP
- The \fIexpression\fP consists of one or more
--.I primitives.
-+.IR primitives .
- Primitives usually consist of an
- .I id
- (name or number) preceded by one or more qualifiers.  There are three
-@@ -512,5 +552,11 @@
- .LP
- ssldump doesn't implement session caching and therefore can't decrypt
- resumed sessions.
--
--
-+.LP
-+.SH SEE ALSO
-+.LP
-+.BR tcpdump (1)
-+.LP
-+.SH AUTHOR
-+.LP
-+ssldump was written by Eric Rescorla <ekr@rtfm.com>.
index e7dd6939becd2e91931771975ca7169742687df9..60affc43c060a1d3eb7b7d93ec551b35222e00a0 100644 (file)
@@ -1,17 +1,17 @@
 Summary:       SSLv3/TLS network protocol analyzer
 Summary(pl.UTF-8):     Analizator protokołu sieciowego SSLv3/TLS
 Name:          ssldump
-Version:       0.9b3
-Release:       8
+Version:       1.4
+Release:       1
 License:       BSD
 Group:         Networking/Utilities
-Source0:       http://www.rtfm.com/ssldump/%{name}-%{version}.tar.gz
-# Source0-md5: ac8c28fe87508d6bfb06344ec496b1dd
-Patch0:        %{name}-openssl.patch
-Patch1:                aes-support.patch
-URL:           http://www.rtfm.com/ssldump/
+Source0:       https://github.com/adulau/ssldump/archive/v%{version}/%{name}-%{version}.tar.gz
+# Source0-md5: 20323bf4b4758f2be4412fa79e6013ab
+URL:           https://github.com/adulau/ssldump/
 BuildRequires: autoconf
 BuildRequires: automake
+BuildRequires: json-c-devel
+BuildRequires: libnet-devel
 BuildRequires: libpcap-devel >= 2:0.8.3
 BuildRequires: openssl-devel >= 0.9.7d
 BuildRequires: sed >= 4.0
@@ -35,28 +35,21 @@ będzie także dekodował połączenia i wyświetlał ruch danych aplikacji.
 
 %prep
 %setup -q
-%patch0 -p1
-%patch1 -p1
-
-sed -i -e 's#libpcap.a#libpcap.so#g' configure*
-sed -i -e 's#net/bpf.h#pcap-bpf.h#g' base/pcap-snoop.c
 
 %build
 cp -f %{_datadir}/automake/config.* .
 %{__aclocal}
 %{__autoconf}
-%configure \
-       --with-pcap-inc=%{_includedir} \
-       --with-pcap-lib=%{_libdir} \
-       --with-openssl-lib=%{_libdir}
+%{__autoheader}
+%{__automake}
+%configure
 %{__make}
 
 %install
 rm -rf $RPM_BUILD_ROOT
 
 %{__make} install \
-       BINDIR=$RPM_BUILD_ROOT%{_sbindir} \
-       MANDIR=$RPM_BUILD_ROOT%{_mandir}
+       DESTDIR=$RPM_BUILD_ROOT
 
 %clean
 rm -rf $RPM_BUILD_ROOT
This page took 0.11121 seconds and 4 git commands to generate.