import ratproxy 1.51
(buzz word alert!) Semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments. Detects and prioritizes broad classes of security problems, such as dynamic cross-site trust model considerations, script inclusion issues, content serving problems, insufficient XSRF and XSS defenses, and much more. testing and ok kili@
This commit is contained in:
parent
3f7b1e2bf1
commit
8b38b19ffc
39
www/ratproxy/Makefile
Normal file
39
www/ratproxy/Makefile
Normal file
@ -0,0 +1,39 @@
|
||||
# $OpenBSD: Makefile,v 1.1.1.1 2008/09/23 20:59:40 jasper Exp $
|
||||
|
||||
COMMENT= passive web application security assessment tool
|
||||
|
||||
DISTNAME= ratproxy-1.51
|
||||
CATEGORIES= www security
|
||||
|
||||
HOMEPAGE= http://ratproxy.googlecode.com/
|
||||
|
||||
# Apache License 2.0
|
||||
PERMIT_PACKAGE_CDROM= Yes
|
||||
PERMIT_PACKAGE_FTP= Yes
|
||||
PERMIT_DISTFILES_CDROM= Yes
|
||||
PERMIT_DISTFILES_FTP= Yes
|
||||
|
||||
MASTER_SITES= ${HOMEPAGE}/files/
|
||||
|
||||
WANTLIB= c crypto ssl
|
||||
|
||||
RUN_DEPENDS= ::shells/bash
|
||||
|
||||
WRKDIST= ${WRKDIR}/ratproxy/
|
||||
|
||||
NO_REGRESS= Yes
|
||||
|
||||
do-configure:
|
||||
${SUBST_CMD} ${WRKSRC}/ratproxy-report.sh ${WRKSRC}/ssl.c
|
||||
|
||||
do-install:
|
||||
${INSTALL_PROGRAM} ${WRKSRC}/ratproxy ${PREFIX}/bin
|
||||
${INSTALL_SCRIPT} ${WRKSRC}/ratproxy-report.sh ${PREFIX}/bin
|
||||
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/ratproxy/
|
||||
${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/ratproxy/
|
||||
${INSTALL_DATA_DIR} ${PREFIX}/share/ratproxy/
|
||||
.for d in keyfile.pem messages.list ratproxy-back.png
|
||||
${INSTALL_DATA} ${WRKSRC}/$d ${PREFIX}/share/ratproxy/
|
||||
.endfor
|
||||
|
||||
.include <bsd.port.mk>
|
5
www/ratproxy/distinfo
Normal file
5
www/ratproxy/distinfo
Normal file
@ -0,0 +1,5 @@
|
||||
MD5 (ratproxy-1.51.tar.gz) = QOR8hsi+rwHavk6ulFjPEw==
|
||||
RMD160 (ratproxy-1.51.tar.gz) = f4xwrZ1RpU5pdgYhbmocdPr2DU8=
|
||||
SHA1 (ratproxy-1.51.tar.gz) = 0u2KZeWcLLsiW4KSHTfhKKk0aJw=
|
||||
SHA256 (ratproxy-1.51.tar.gz) = 9YpA0CGYiHTBusF3QTx7B7mFch/xKCzWc0YjwI/tY0s=
|
||||
SIZE (ratproxy-1.51.tar.gz) = 168409
|
19
www/ratproxy/patches/patch-Makefile
Normal file
19
www/ratproxy/patches/patch-Makefile
Normal file
@ -0,0 +1,19 @@
|
||||
$OpenBSD: patch-Makefile,v 1.1.1.1 2008/09/23 20:59:40 jasper Exp $
|
||||
|
||||
Disable flare-check target, which in turn disables scanning Flash files.
|
||||
|
||||
--- Makefile.orig Tue Jun 10 13:44:28 2008
|
||||
+++ Makefile Tue Sep 23 22:48:33 2008
|
||||
@@ -20,10 +20,10 @@
|
||||
#
|
||||
|
||||
PROGNAME = ratproxy
|
||||
-CFLAGS = -Wall -O3 -Wno-pointer-sign -D_GNU_SOURCE
|
||||
+CFLAGS += -Wall -D_GNU_SOURCE
|
||||
LDFLAGS = -lcrypto -lssl
|
||||
|
||||
-all: $(PROGNAME) flare-check
|
||||
+all: $(PROGNAME)
|
||||
|
||||
$(PROGNAME): $(PROGNAME).c http.c mime.c ssl.c http.h mime.h ssl.h nlist.h config.h debug.h types.h string-inl.h
|
||||
$(CC) $(PROGNAME).c -o $(PROGNAME) $(CFLAGS) http.c mime.c ssl.c $(LDFLAGS)
|
27
www/ratproxy/patches/patch-ratproxy-report_sh
Normal file
27
www/ratproxy/patches/patch-ratproxy-report_sh
Normal file
@ -0,0 +1,27 @@
|
||||
$OpenBSD: patch-ratproxy-report_sh,v 1.1.1.1 2008/09/23 20:59:40 jasper Exp $
|
||||
--- ratproxy-report.sh.orig Tue Sep 23 20:57:14 2008
|
||||
+++ ratproxy-report.sh Tue Sep 23 20:58:55 2008
|
||||
@@ -1,4 +1,4 @@
|
||||
-#!/bin/bash
|
||||
+#!${LOCALBASE}/bin/bash
|
||||
#
|
||||
# ratproxy - report generator
|
||||
# ---------------------------
|
||||
@@ -50,7 +50,7 @@ cat <<_EOF_
|
||||
<style>
|
||||
a:link, a:visited { text-decoration: none; color: green }
|
||||
a:hover { text-decoration: underline; color: red }
|
||||
-body { background-color: white; background-image: url('ratproxy-back.png'); background-repeat: no-repeat; }
|
||||
+body { background-color: white; background-image: url('${PREFIX}/share/ratproxy/ratproxy-back.png'); background-repeat: no-repeat; }
|
||||
</style>
|
||||
</head>
|
||||
|
||||
@@ -214,7 +214,7 @@ SCNT=0
|
||||
fi
|
||||
|
||||
echo "<font color=darkslateblue>"
|
||||
- grep -F "~$desc~" messages.list | cut -d'~' -f3
|
||||
+ grep -F "~$desc~" ${PREFIX}/share/ratproxy/messages.list | cut -d'~' -f3
|
||||
echo "</font></font><p>"
|
||||
|
||||
PREVDESC="$desc"
|
14
www/ratproxy/patches/patch-ratproxy_c
Normal file
14
www/ratproxy/patches/patch-ratproxy_c
Normal file
@ -0,0 +1,14 @@
|
||||
$OpenBSD: patch-ratproxy_c,v 1.1.1.1 2008/09/23 20:59:40 jasper Exp $
|
||||
--- ratproxy.c.orig Tue Sep 23 21:09:25 2008
|
||||
+++ ratproxy.c Tue Sep 23 21:09:29 2008
|
||||
@@ -618,8 +618,8 @@ static void decode_flash(struct http_response* res) {
|
||||
if (!(pid = fork())) {
|
||||
/* Flare is way too noisy, let's close stderr. */
|
||||
close(2);
|
||||
- execl("./flare","flare",tmp,NULL);
|
||||
- execlp("flare","flare",tmp,NULL);
|
||||
+ execl("./flare","flare",tmp,(void *)NULL);
|
||||
+ execlp("flare","flare",tmp,(void *)NULL);
|
||||
exit(1);
|
||||
}
|
||||
|
16
www/ratproxy/patches/patch-ssl_c
Normal file
16
www/ratproxy/patches/patch-ssl_c
Normal file
@ -0,0 +1,16 @@
|
||||
$OpenBSD: patch-ssl_c,v 1.1.1.1 2008/09/23 20:59:40 jasper Exp $
|
||||
--- ssl.c.orig Tue Sep 23 20:56:13 2008
|
||||
+++ ssl.c Tue Sep 23 20:59:34 2008
|
||||
@@ -143,10 +143,10 @@ void ssl_start(_s32 srv_fd, _s32 cli_fd) {
|
||||
|
||||
if (!srv_ctx || !cli_ctx || !err) ssl_fatal("unable to create SSL CTX or BIO", err);
|
||||
|
||||
- if (SSL_CTX_use_certificate_chain_file(cli_ctx,"keyfile.pem") != 1)
|
||||
+ if (SSL_CTX_use_certificate_chain_file(cli_ctx,"${PREFIX}/share/ratproxy/keyfile.pem") != 1)
|
||||
ssl_fatal("certificate load failed", err);
|
||||
|
||||
- if (SSL_CTX_use_PrivateKey_file(cli_ctx,"keyfile.pem",SSL_FILETYPE_PEM) != 1)
|
||||
+ if (SSL_CTX_use_PrivateKey_file(cli_ctx,"${PREFIX}/share/ratproxy/keyfile.pem",SSL_FILETYPE_PEM) != 1)
|
||||
ssl_fatal("private key load failed", err);
|
||||
|
||||
cli_ssl = SSL_new(cli_ctx);
|
10
www/ratproxy/pkg/DESCR
Normal file
10
www/ratproxy/pkg/DESCR
Normal file
@ -0,0 +1,10 @@
|
||||
Semi-automated, largely passive web application security audit tool,
|
||||
optimized for an accurate and sensitive detection, and automatic
|
||||
annotation, of potential problems and security-relevant design patterns
|
||||
based on the observation of existing, user-initiated traffic in complex
|
||||
web 2.0 environments.
|
||||
|
||||
Detects and prioritizes broad classes of security problems, such as
|
||||
dynamic cross-site trust model considerations, script inclusion issues,
|
||||
content serving problems, insufficient XSRF and XSS defenses, and much
|
||||
more.
|
9
www/ratproxy/pkg/PLIST
Normal file
9
www/ratproxy/pkg/PLIST
Normal file
@ -0,0 +1,9 @@
|
||||
@comment $OpenBSD: PLIST,v 1.1.1.1 2008/09/23 20:59:40 jasper Exp $
|
||||
@bin bin/ratproxy
|
||||
bin/ratproxy-report.sh
|
||||
share/doc/ratproxy/
|
||||
share/doc/ratproxy/README
|
||||
share/ratproxy/
|
||||
share/ratproxy/keyfile.pem
|
||||
share/ratproxy/messages.list
|
||||
share/ratproxy/ratproxy-back.png
|
Loading…
Reference in New Issue
Block a user