From: Arkadiusz Miśkiewicz Date: Tue, 25 Jan 2022 07:53:08 +0000 (+0100) Subject: Up to 1.4. X-Git-Tag: auto/th/ssldump-1.4-1 X-Git-Url: https://git.pld-linux.org/?a=commitdiff_plain;h=dcffd7c1532f2c596f787112c2b53c5273aa83cd;hp=d746fbaf394c620322dd85f9228d04f946dcadb6;p=packages%2Fssldump.git Up to 1.4. --- diff --git a/aes-support.patch b/aes-support.patch deleted file mode 100644 index 7d9ced6..0000000 --- a/aes-support.patch +++ /dev/null @@ -1,163 +0,0 @@ - - - - -diff -ruN ssldump-0.9b3.orig/ssl/ciphersuites.c ssl/ciphersuites.c ---- ssldump-0.9b3.orig/ssl/ciphersuites.c 2002-08-16 19:33:17.000000000 -0600 -+++ ssldump-0.9b3/ssl/ciphersuites.c 2003-04-25 11:30:44.000000000 -0600 -@@ -78,10 +78,25 @@ - {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1}, - {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0}, - {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0}, -+ -+ {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0}, -+ -+ {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0}, -+ - {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1}, - {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1}, - {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1}, -- {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1}, -+ {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1}, - {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1}, - {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1}, - {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0}, -diff -ruN ssldump-0.9b3.orig/ssl/sslciphers.h ssldump-0.9b3/ssl/sslciphers.h ---- ssldump-0.9b3.orig/ssl/sslciphers.h 2002-08-16 19:33:17.000000000 -0600 -+++ ssldump-0.9b3/ssl/sslciphers.h 2003-04-25 11:30:46.000000000 -0600 -@@ -71,7 +71,9 @@ - #define ENC_RC4 0x32 - #define ENC_RC2 0x33 - #define ENC_IDEA 0x34 --#define ENC_NULL 0x35 -+#define ENC_AES128 0x35 -+#define ENC_AES256 0x36 -+#define ENC_NULL 0x37 - - #define DIG_MD5 0x40 - #define DIG_SHA 0x41 -diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums ssldump-0.9b3/ssl/ssl.enums ---- ssldump-0.9b3.orig/ssl/ssl.enums 2001-07-20 10:44:32.000000000 -0600 -+++ ssldump-0.9b3/ssl/ssl.enums 2003-04-25 11:30:45.000000000 -0600 -@@ -356,6 +356,18 @@ - CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 }; - CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A }; - CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B }; -+ CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F }; -+ CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 }; -+ CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 }; -+ CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 }; -+ CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 }; -+ CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 }; -+ CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 }; -+ CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 }; -+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 }; -+ CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A }; - CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 }; - CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 }; - CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 }; -diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums.c ssldump-0.9b3/ssl/ssl.enums.c ---- ssldump-0.9b3.orig/ssl/ssl.enums.c 2001-07-20 10:44:36.000000000 -0600 -+++ ssldump-0.9b3/ssl/ssl.enums.c 2003-04-25 11:30:45.000000000 -0600 -@@ -611,6 +611,54 @@ - "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", - 0 }, - { -+ 47, -+ "TLS_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 48, -+ "TLS_DH_DSS_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 49, -+ "TLS_DH_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 50, -+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 51, -+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 52, -+ "TLS_DH_anon_WITH_AES_128_CBC_SHA", -+ 0 }, -+ { -+ 53, -+ "TLS_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 54, -+ "TLS_DH_DSS_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 55, -+ "TLS_DH_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 56, -+ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 57, -+ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { -+ 58, -+ "TLS_DH_anon_WITH_AES_256_CBC_SHA", -+ 0 }, -+ { - 96, - "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5", - 0 }, -diff -ruN ssldump-0.9b3.orig/ssl/ssl_rec.c ssldump-0.9b3/ssl/ssl_rec.c ---- ssldump-0.9b3.orig/ssl/ssl_rec.c 2000-11-02 23:38:06.000000000 -0700 -+++ ssldump-0.9b3/ssl/ssl_rec.c 2003-04-25 11:30:46.000000000 -0600 -@@ -78,7 +78,9 @@ - "DES3", - "RC4", - "RC2", -- "IDEA" -+ "IDEA", -+ "AES128", -+ "AES256" - }; - - -@@ -101,6 +103,11 @@ - /* Find the SSLeay cipher */ - if(cs->enc!=ENC_NULL){ - ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]); -+ if(!ciph) -+ ABORT(R_INTERNAL); -+ } -+ else { -+ ciph=EVP_enc_null(); - } - - if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1))) -@@ -169,7 +176,7 @@ - *outl=inl; - - /* Now strip off the padding*/ -- if(d->cs->block!=1){ -+ if(d->cs->block>1){ - pad=out[inl-1]; - *outl-=(pad+1); - } diff --git a/ssldump-openssl.patch b/ssldump-openssl.patch deleted file mode 100644 index 96aab40..0000000 --- a/ssldump-openssl.patch +++ /dev/null @@ -1,213 +0,0 @@ -diff -Nur ssldump-0.9b3.org/base/pcap-snoop.c ssldump-0.9b3/base/pcap-snoop.c ---- ssldump-0.9b3.org/base/pcap-snoop.c 2002-09-09 21:02:58.000000000 +0000 -+++ ssldump-0.9b3/base/pcap-snoop.c 2006-05-07 15:28:09.598568500 +0000 -@@ -206,7 +206,7 @@ - - signal(SIGINT,sig_handler); - -- while((c=getopt(argc,argv,"vr:f:S:Ttai:k:p:nsAxXhHVNdqem:P"))!=EOF){ -+ while((c=getopt(argc,argv,"vr:f:S:yTtai:k:p:nsAxXhHVNdqem:P"))!=EOF){ - switch(c){ - case 'v': - print_version(); -@@ -260,7 +260,7 @@ - break; - case 'h': - usage(); -- printf("Do 'man ssldump' for documentation\n"); -+ printf("Do 'man 1 ssldump' for documentation\n"); - exit(1); - - case '?': -diff -Nur ssldump-0.9b3.org/ssl/ssl_analyze.c ssldump-0.9b3/ssl/ssl_analyze.c ---- ssldump-0.9b3.org/ssl/ssl_analyze.c 2002-01-21 18:46:13.000000000 +0000 -+++ ssldump-0.9b3/ssl/ssl_analyze.c 2006-05-07 15:28:09.594568250 +0000 -@@ -133,7 +133,7 @@ - SSL_PRINT_DECODE - }, - { -- 0, -+ 'y', - "nroff", - SSL_PRINT_NROFF - }, -diff -Nur ssldump-0.9b3.org/ssl/ssldecode.c ssldump-0.9b3/ssl/ssldecode.c ---- ssldump-0.9b3.org/ssl/ssldecode.c 2002-08-17 01:33:17.000000000 +0000 -+++ ssldump-0.9b3/ssl/ssldecode.c 2006-05-07 15:28:09.598568500 +0000 -@@ -51,6 +51,7 @@ - #include - #include - #include -+#include - #include - #endif - #include "ssldecode.h" -@@ -131,7 +132,8 @@ - ssl_decode_ctx *d=0; - int r,_status; - -- SSLeay_add_all_algorithms(); -+ SSL_library_init(); -+ OpenSSL_add_all_algorithms(); - if(!(d=(ssl_decode_ctx *)malloc(sizeof(ssl_decode_ctx)))) - ABORT(R_NO_MEMORY); - if(!(d->ssl_ctx=SSL_CTX_new(SSLv23_server_method()))) -diff -Nur ssldump-0.9b3.org/ssldump.1 ssldump-0.9b3/ssldump.1 ---- ssldump-0.9b3.org/ssldump.1 2002-08-12 23:46:53.000000000 +0000 -+++ ssldump-0.9b3/ssldump.1 2006-05-07 15:28:09.598568500 +0000 -@@ -61,12 +61,9 @@ - .na - .B ssldump - [ --.B \-vtaTnsAxXhHVNdq -+.B \-vTshVq -+.B \-aAdeHnNqTxXvy - ] [ --.B \-r --.I dumpfile --] --[ - .B \-i - .I interface - ] -@@ -81,6 +78,16 @@ - .I password - ] - [ -+.B \-r -+.I dumpfile -+] -+.br -+.ti +8 -+[ -+.B \-S -+.RI [\| crypto \||\| d \||\| ht \||\| H \||\| nroff \|] -+] -+[ - .I expression - ] - .br -@@ -125,6 +132,7 @@ - You must have read access to - .IR /dev/bpf* . - .SH OPTIONS -+.TP - .B \-a - Print bare TCP ACKs (useful for observing Nagle behavior) - .TP -@@ -135,7 +143,7 @@ - .B \-d - Display the application data traffic. This usually means - decrypting it, but when -d is used ssldump will also decode --application data traffic _before_ the SSL session initiates. -+application data traffic \fIbefore\fP the SSL session initiates. - This allows you to see HTTPS CONNECT behavior as well as - SMTP STARTTLS. As a side effect, since ssldump can't tell - whether plaintext is traffic before the initiation of an -@@ -148,18 +156,9 @@ - .B \-e - Print absolute timestamps instead of relative timestamps - .TP --.B \-r --Read data from \fIfile\fP instead of from the network. --The old -f option still works but is deprecated and will --probably be removed with the next version. - .B \-H - Print the full SSL packet header. - .TP --.B \-k --Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format) --Previous versions of ssldump automatically looked in ./server.pem. --Now you must specify your keyfile every time. --.TP - .B \-n - Don't try to resolve host names from IP addresses - .TP -@@ -176,6 +175,12 @@ - .B \-q - Don't decode any record fields beyond a single summary line. (quiet mode). - .TP -+.B \-T -+Print the TCP headers. -+.TP -+.B \-v -+Display version and copyright information. -+.TP - .B \-x - Print each record in hex, as well as decoding it. - .TP -@@ -183,13 +188,48 @@ - When the -d option is used, binary data is automatically printed - in two columns with a hex dump on the left and the printable characters - on the right. -X suppresses the display of the printable characters, --thus making it easier to cut and paste the hext data into some other -+thus making it easier to cut and paste the hex data into some other - program. -+.TP - .B \-y --Decorate the output for processing with troff. Not very -+Decorate the output for processing with nroff/troff. Not very - useful for the average user. - .TP --.IP "\fI expression\fP" -+.BI \-i " interface" -+Use \fIinterface\fP as the network interface on which to sniff SSL/TLS -+traffic. -+.TP -+.BI \-k " keyfile" -+Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format) -+Previous versions of ssldump automatically looked in ./server.pem. -+Now you must specify your keyfile every time. -+.TP -+.BI \-p " password" -+Use \fIpassword\fP as the SSL keyfile password. -+.TP -+.BI \-r " file" -+Read data from \fIfile\fP instead of from the network. -+The old -f option still works but is deprecated and will -+probably be removed with the next version. -+.TP -+.BI \-S " [ " crypto " | " d " | " ht " | " H " ]" -+Specify SSL flags to ssldump. These flags include: -+.RS -+.TP -+.I crypto -+Print cryptographic information. -+.TP -+.I d -+Print fields as decoded. -+.TP -+.I ht -+Print the handshake type. -+.TP -+.I H -+Print handshake type and highlights. -+.RE -+.TP -+\fIexpression\fP - .RS - Selects what packets ssldump will examine. Technically speaking, - ssldump supports the full expression syntax from PCAP and tcpdump. -@@ -200,7 +240,7 @@ - don't result in incomplete TCP streams are listed here. - .LP - The \fIexpression\fP consists of one or more --.I primitives. -+.IR primitives . - Primitives usually consist of an - .I id - (name or number) preceded by one or more qualifiers. There are three -@@ -512,5 +552,11 @@ - .LP - ssldump doesn't implement session caching and therefore can't decrypt - resumed sessions. -- -- -+.LP -+.SH SEE ALSO -+.LP -+.BR tcpdump (1) -+.LP -+.SH AUTHOR -+.LP -+ssldump was written by Eric Rescorla . diff --git a/ssldump.spec b/ssldump.spec index e7dd693..60affc4 100644 --- a/ssldump.spec +++ b/ssldump.spec @@ -1,17 +1,17 @@ Summary: SSLv3/TLS network protocol analyzer Summary(pl.UTF-8): Analizator protokołu sieciowego SSLv3/TLS Name: ssldump -Version: 0.9b3 -Release: 8 +Version: 1.4 +Release: 1 License: BSD Group: Networking/Utilities -Source0: http://www.rtfm.com/ssldump/%{name}-%{version}.tar.gz -# Source0-md5: ac8c28fe87508d6bfb06344ec496b1dd -Patch0: %{name}-openssl.patch -Patch1: aes-support.patch -URL: http://www.rtfm.com/ssldump/ +Source0: https://github.com/adulau/ssldump/archive/v%{version}/%{name}-%{version}.tar.gz +# Source0-md5: 20323bf4b4758f2be4412fa79e6013ab +URL: https://github.com/adulau/ssldump/ BuildRequires: autoconf BuildRequires: automake +BuildRequires: json-c-devel +BuildRequires: libnet-devel BuildRequires: libpcap-devel >= 2:0.8.3 BuildRequires: openssl-devel >= 0.9.7d BuildRequires: sed >= 4.0 @@ -35,28 +35,21 @@ będzie także dekodował połączenia i wyświetlał ruch danych aplikacji. %prep %setup -q -%patch0 -p1 -%patch1 -p1 - -sed -i -e 's#libpcap.a#libpcap.so#g' configure* -sed -i -e 's#net/bpf.h#pcap-bpf.h#g' base/pcap-snoop.c %build cp -f %{_datadir}/automake/config.* . %{__aclocal} %{__autoconf} -%configure \ - --with-pcap-inc=%{_includedir} \ - --with-pcap-lib=%{_libdir} \ - --with-openssl-lib=%{_libdir} +%{__autoheader} +%{__automake} +%configure %{__make} %install rm -rf $RPM_BUILD_ROOT %{__make} install \ - BINDIR=$RPM_BUILD_ROOT%{_sbindir} \ - MANDIR=$RPM_BUILD_ROOT%{_mandir} + DESTDIR=$RPM_BUILD_ROOT %clean rm -rf $RPM_BUILD_ROOT