[PATCH] ssldump-0.9b3 -- obsługa AES + kompilacja na x86-64

Adam Osuchowski adwol at zonk.pl
Sun Mar 6 16:29:47 CET 2011 

W załączeniu patche na ssldumpa do obsługi AESa i poprawną ścieżkę do
bibliotek na x86-64. Proszę o założenie.
-------------- next part --------------
diff -ruN ssldump-0.9b3.orig/ssl/ciphersuites.c ssl/ciphersuites.c
--- ssldump-0.9b3.orig/ssl/ciphersuites.c	2002-08-16 19:33:17.000000000 -0600
+++ ssldump-0.9b3/ssl/ciphersuites.c	2003-04-25 11:30:44.000000000 -0600
@@ -78,10 +78,25 @@
      {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1},
      {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0},
      {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0},
+
+     {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
+     {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0},
+
+     {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
+     {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0},
+
      {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1},
      {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1},
      {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1},
-     {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1},
+     {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1},
      {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1},
      {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},     
      {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
diff -ruN ssldump-0.9b3.orig/ssl/sslciphers.h ssldump-0.9b3/ssl/sslciphers.h
--- ssldump-0.9b3.orig/ssl/sslciphers.h	2002-08-16 19:33:17.000000000 -0600
+++ ssldump-0.9b3/ssl/sslciphers.h	2003-04-25 11:30:46.000000000 -0600
@@ -71,7 +71,9 @@
 #define ENC_RC4		0x32
 #define ENC_RC2		0x33
 #define ENC_IDEA	0x34
-#define ENC_NULL	0x35
+#define ENC_AES128      0x35
+#define ENC_AES256      0x36
+#define ENC_NULL	0x37
 
 #define DIG_MD5		0x40
 #define DIG_SHA		0x41
diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums ssldump-0.9b3/ssl/ssl.enums
--- ssldump-0.9b3.orig/ssl/ssl.enums	2001-07-20 10:44:32.000000000 -0600
+++ ssldump-0.9b3/ssl/ssl.enums	2003-04-25 11:30:45.000000000 -0600
@@ -356,6 +356,18 @@
     CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA  = { 0x00,0x19 };
     CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA           = { 0x00,0x1A };
     CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA      = { 0x00,0x1B };
+    CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA           = { 0x00,0x2F };
+    CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA        = { 0x00,0x30 };
+    CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA        = { 0x00,0x31 };
+    CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA       = { 0x00,0x32 };
+    CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA       = { 0x00,0x33 };
+    CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA       = { 0x00,0x34 };
+    CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA           = { 0x00,0x35 };
+    CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA        = { 0x00,0x36 };
+    CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA        = { 0x00,0x37 };
+    CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA       = { 0x00,0x38 };
+    CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA       = { 0x00,0x39 };
+    CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA       = { 0x00,0x3A };
     CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5     = { 0x00,0x60 };
     CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5   = { 0x00,0x61 };
     CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     = { 0x00,0x62 };
diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums.c ssldump-0.9b3/ssl/ssl.enums.c
--- ssldump-0.9b3.orig/ssl/ssl.enums.c	2001-07-20 10:44:36.000000000 -0600
+++ ssldump-0.9b3/ssl/ssl.enums.c	2003-04-25 11:30:45.000000000 -0600
@@ -611,6 +611,54 @@
 		"TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
 		0	},
 	{
+	        47,
+	        "TLS_RSA_WITH_AES_128_CBC_SHA",
+	        0       },
+	{
+	        48,
+	        "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
+	        0       },
+	{
+	        49,
+	        "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
+	        0       },
+	{
+	        50,
+	        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+	        0       },
+	{
+	        51,
+	        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+	        0       },
+	{
+	        52,
+	        "TLS_DH_anon_WITH_AES_128_CBC_SHA",
+	        0       },
+	{
+	        53,
+	        "TLS_RSA_WITH_AES_256_CBC_SHA",
+	        0       },
+	{
+	        54,
+	        "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
+	        0       },
+	{
+	        55,
+	        "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
+	        0       },
+	{
+	        56,
+	        "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+	        0       },
+	{
+	        57,
+	        "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+	        0       },
+	{
+	        58,
+	        "TLS_DH_anon_WITH_AES_256_CBC_SHA",
+	        0       },
+	{
 		96,
 		"TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",
 		0	},
diff -ruN ssldump-0.9b3.orig/ssl/ssl_rec.c ssldump-0.9b3/ssl/ssl_rec.c
--- ssldump-0.9b3.orig/ssl/ssl_rec.c	2000-11-02 23:38:06.000000000 -0700
+++ ssldump-0.9b3/ssl/ssl_rec.c	2003-04-25 11:30:46.000000000 -0600
@@ -78,7 +78,9 @@
      "DES3",
      "RC4",
      "RC2",
-     "IDEA"
+     "IDEA",
+     "AES128",
+     "AES256"
 };
 
 
@@ -101,6 +103,11 @@
     /* Find the SSLeay cipher */
     if(cs->enc!=ENC_NULL){
       ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
+      if(!ciph)
+	ABORT(R_INTERNAL);
+    }
+    else {
+      ciph=EVP_enc_null();
     }
 
     if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1)))
@@ -169,7 +176,7 @@
     *outl=inl;
     
     /* Now strip off the padding*/
-    if(d->cs->block!=1){
+    if(d->cs->block>1){
       pad=out[inl-1];
       *outl-=(pad+1);
     }
-------------- next part --------------
--- ssldump-0.9b3/configure.in.orig	2010-06-01 20:36:09.856619142 +0200
+++ ssldump-0.9b3/configure.in	2010-06-01 20:36:33.458652627 +0200
@@ -132,7 +132,7 @@
 dnl See if we can find OpenSSL
 dnl We can compile without OpenSSL if we have to
 ac_use_openssl="true"
-ac_openssl_lib_dir="/usr/lib /usr/local /usr/local/ssl /usr/local/ssl/lib /usr/pkg"
+ac_openssl_lib_dir="/usr/lib /usr/lib64 /usr/local /usr/local/ssl /usr/local/ssl/lib /usr/pkg"
 ac_openssl_inc_dir="/usr/include /usr/local /usr/local/ssl /usr/pkg /usr/local/ssl/include"
 
 AC_ARG_WITH(openssl,[--with-openssl            root location for OpenSSL],
-------------- next part --------------
--- ssldump.spec.orig	2010-11-13 01:31:30.000000000 +0100
+++ ssldump.spec	2011-03-06 16:24:54.159110954 +0100
@@ -10,6 +10,8 @@
 Source0:	http://www.rtfm.com/ssldump/%{name}-%{version}.tar.gz
 # Source0-md5:	ac8c28fe87508d6bfb06344ec496b1dd
 Patch0: 	%{name}-openssl.patch
+Patch1:		%{name}-aes.patch
+Patch2:		%{name}-64bit-libdir.patch
 URL:		http://www.rtfm.com/ssldump/
 BuildRequires:	autoconf
 BuildRequires:	automake
@@ -37,6 +39,8 @@
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
+%patch2 -p1
 
 sed -i -e 's#libpcap.a#libpcap.so#g' configure*
 sed -i -e 's#net/bpf.h#pcap-bpf.h#g' base/pcap-snoop.c

More information about the pld-devel-pl mailing list