3.3 KiB
3.3 KiB
$OpenBSD: patch-sslscan_c,v 1.2 2012/06/26 10:12:21 jasper Exp $
--- sslscan.c.orig Tue Sep 1 08:35:59 2009
+++ sslscan.c Fri Jun 22 20:14:18 2012
@@ -41,6 +41,7 @@
#include <openssl/pkcs12.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include <netinet/in.h>
// Defines...
#define false 0
@@ -59,7 +60,7 @@
#define tls_v1 3
// Colour Console Output...
-#if !defined(__WIN32__)
+#if !defined(__WIN32__) && !defined(__OpenBSD__)
const char *RESET = ""; // DEFAULT
const char *COL_RED = ""; // RED
const char *COL_BLUE = ""; // BLUE
@@ -563,6 +564,7 @@ int testCipher(struct sslCheckOptions *options, struct
}
if (options->xmlOutput != 0)
fprintf(options->xmlOutput, " sslversion=\"");
+#ifndef OPENSSL_NO_SSL2
if (sslCipherPointer->sslMethod == SSLv2_client_method())
{
if (options->xmlOutput != 0)
@@ -572,7 +574,9 @@ int testCipher(struct sslCheckOptions *options, struct
else
printf("SSLv2 ");
}
- else if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ else
+#endif
+ if (sslCipherPointer->sslMethod == SSLv3_client_method())
{
if (options->xmlOutput != 0)
fprintf(options->xmlOutput, "SSLv3\" bits=\"");
@@ -688,6 +692,7 @@ int defaultCipher(struct sslCheckOptions *options, SSL
cipherStatus = SSL_connect(ssl);
if (cipherStatus == 1)
{
+#ifndef OPENSSL_NO_SSL2
if (sslMethod == SSLv2_client_method())
{
if (options->xmlOutput != 0)
@@ -697,7 +702,9 @@ int defaultCipher(struct sslCheckOptions *options, SSL
else
printf(" SSLv2 ");
}
- else if (sslMethod == SSLv3_client_method())
+ else
+#endif
+ if (sslMethod == SSLv3_client_method())
{
if (options->xmlOutput != 0)
fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv3\" bits=\"");
@@ -1192,15 +1199,19 @@ int testHost(struct sslCheckOptions *options)
switch (options->sslVersion)
{
case ssl_all:
+#ifndef OPENSSL_NO_SSL2
status = defaultCipher(options, SSLv2_client_method());
if (status != false)
+#endif
status = defaultCipher(options, SSLv3_client_method());
if (status != false)
status = defaultCipher(options, TLSv1_client_method());
break;
+#ifndef OPENSSL_NO_SSL2
case ssl_v2:
status = defaultCipher(options, SSLv2_client_method());
break;
+#endif
case ssl_v3:
status = defaultCipher(options, SSLv3_client_method());
break;
@@ -1298,9 +1309,11 @@ int main(int argc, char *argv[])
options.starttls = true;
}
+#ifndef OPENSSL_NO_SSL2
// SSL v2 only...
else if (strcmp("--ssl2", argv[argLoop]) == 0)
options.sslVersion = ssl_v2;
+#endif
// SSL v3 only...
else if (strcmp("--ssl3", argv[argLoop]) == 0)
@@ -1415,13 +1428,17 @@ int main(int argc, char *argv[])
switch (options.sslVersion)
{
case ssl_all:
+#ifndef OPENSSL_NO_SSL2
populateCipherList(&options, SSLv2_client_method());
+#endif
populateCipherList(&options, SSLv3_client_method());
populateCipherList(&options, TLSv1_client_method());
break;
+#ifndef OPENSSL_NO_SSL2
case ssl_v2:
populateCipherList(&options, SSLv2_client_method());
break;
+#endif
case ssl_v3:
populateCipherList(&options, SSLv3_client_method());
break;
--- sslscan.c.orig Tue Sep 1 08:35:59 2009
+++ sslscan.c Fri Jun 22 20:14:18 2012
@@ -41,6 +41,7 @@
#include <openssl/pkcs12.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include <netinet/in.h>
// Defines...
#define false 0
@@ -59,7 +60,7 @@
#define tls_v1 3
// Colour Console Output...
-#if !defined(__WIN32__)
+#if !defined(__WIN32__) && !defined(__OpenBSD__)
const char *RESET = ""; // DEFAULT
const char *COL_RED = ""; // RED
const char *COL_BLUE = ""; // BLUE
@@ -563,6 +564,7 @@ int testCipher(struct sslCheckOptions *options, struct
}
if (options->xmlOutput != 0)
fprintf(options->xmlOutput, " sslversion=\"");
+#ifndef OPENSSL_NO_SSL2
if (sslCipherPointer->sslMethod == SSLv2_client_method())
{
if (options->xmlOutput != 0)
@@ -572,7 +574,9 @@ int testCipher(struct sslCheckOptions *options, struct
else
printf("SSLv2 ");
}
- else if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ else
+#endif
+ if (sslCipherPointer->sslMethod == SSLv3_client_method())
{
if (options->xmlOutput != 0)
fprintf(options->xmlOutput, "SSLv3\" bits=\"");
@@ -688,6 +692,7 @@ int defaultCipher(struct sslCheckOptions *options, SSL
cipherStatus = SSL_connect(ssl);
if (cipherStatus == 1)
{
+#ifndef OPENSSL_NO_SSL2
if (sslMethod == SSLv2_client_method())
{
if (options->xmlOutput != 0)
@@ -697,7 +702,9 @@ int defaultCipher(struct sslCheckOptions *options, SSL
else
printf(" SSLv2 ");
}
- else if (sslMethod == SSLv3_client_method())
+ else
+#endif
+ if (sslMethod == SSLv3_client_method())
{
if (options->xmlOutput != 0)
fprintf(options->xmlOutput, " <defaultcipher sslversion=\"SSLv3\" bits=\"");
@@ -1192,15 +1199,19 @@ int testHost(struct sslCheckOptions *options)
switch (options->sslVersion)
{
case ssl_all:
+#ifndef OPENSSL_NO_SSL2
status = defaultCipher(options, SSLv2_client_method());
if (status != false)
+#endif
status = defaultCipher(options, SSLv3_client_method());
if (status != false)
status = defaultCipher(options, TLSv1_client_method());
break;
+#ifndef OPENSSL_NO_SSL2
case ssl_v2:
status = defaultCipher(options, SSLv2_client_method());
break;
+#endif
case ssl_v3:
status = defaultCipher(options, SSLv3_client_method());
break;
@@ -1298,9 +1309,11 @@ int main(int argc, char *argv[])
options.starttls = true;
}
+#ifndef OPENSSL_NO_SSL2
// SSL v2 only...
else if (strcmp("--ssl2", argv[argLoop]) == 0)
options.sslVersion = ssl_v2;
+#endif
// SSL v3 only...
else if (strcmp("--ssl3", argv[argLoop]) == 0)
@@ -1415,13 +1428,17 @@ int main(int argc, char *argv[])
switch (options.sslVersion)
{
case ssl_all:
+#ifndef OPENSSL_NO_SSL2
populateCipherList(&options, SSLv2_client_method());
+#endif
populateCipherList(&options, SSLv3_client_method());
populateCipherList(&options, TLSv1_client_method());
break;
+#ifndef OPENSSL_NO_SSL2
case ssl_v2:
populateCipherList(&options, SSLv2_client_method());
break;
+#endif
case ssl_v3:
populateCipherList(&options, SSLv3_client_method());
break;