From 8b6f08ab4d3db39aa31dc91fa09ea23b5b3cb98c Mon Sep 17 00:00:00 2001
From: Aeris <aeris@imirhil.fr>
Date: Sat, 19 Mar 2016 22:25:05 +0100
Subject: [PATCH] Activate sslv2 and sslv3 on openssl 1.0.2g

---
 .gitignore       |  1 +
 Makefile         | 58 ++++++++++++++++++++++++++----------------------
 bin/supported    |  1 +
 bin/supported.rb | 11 +++++++++
 output/alexa.yml |  1 +
 output/xmpp.erb  |  4 ++--
 output/xmpp.yml  | 44 ++++++++++++++++++------------------
 7 files changed, 71 insertions(+), 49 deletions(-)
 create mode 120000 bin/supported
 create mode 100755 bin/supported.rb

diff --git a/.gitignore b/.gitignore
index f5f470b..590791d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,3 +11,4 @@ Gemfile.lock
 /db/schema.rb
 /lib/**/*.so
 /lib/**/*.so.1.0.0
+/build/
diff --git a/Makefile b/Makefile
index aaec20e..5d8c0c3 100644
--- a/Makefile
+++ b/Makefile
@@ -1,11 +1,14 @@
 PWD = $(shell pwd)
 export CPATH = $(PWD)/openssl/include
 export LIBRARY_PATH = $(PWD)/openssl
-OPENSSL_VERSION = 1.0.2d
-OPENSSL_DIR = openssl-$(OPENSSL_VERSION)
+OPENSSL_VERSION = 1.0.2g
+OPENSSL_NAME = openssl-$(OPENSSL_VERSION)
+OPENSSL_DIR = build/$(OPENSSL_NAME)
+#OPENSSL_DIR = openssl
 RUBY_MAJOR_VERSION = 2.3
 RUBY_VERSION = $(RUBY_MAJOR_VERSION).0
-RUBY_DIR = ruby-$(RUBY_VERSION)-preview1
+RUBY_NAME = ruby-$(RUBY_VERSION)
+RUBY_DIR = build/$(RUBY_NAME)
 RUBY_OPENSSL_EXT_DIR = $(RUBY_DIR)/ext/openssl
 export LIBRARY_PATH = $(PWD)/lib
 export C_INCLUDE_PATH = $(PWD)/$(OPENSSL_DIR)/include
@@ -14,44 +17,47 @@ export C_INCLUDE_PATH = $(PWD)/$(OPENSSL_DIR)/include
 
 all: libs ext
 
-clean:
-	rm -rf $(RUBY_DIR) $(OPENSSL_DIR)
+clean: clean-libs clean-ext
 clean-libs:
-	find $(OPENSSL_DIR) \( -name "*.o" -o -name "*.so" \) -delete
-	rm -f lib/libcrypto.so lib/libssl.so lib/libcrypto.so.1.0.0 lib/libssl.so.1.0.0
+	[ -d $(OPENSSL_DIR) ] \
+		&& find $(OPENSSL_DIR) \( -name "*.o" -o -name "*.so" \) -delete \
+		|| true
+	rm -f lib/libcrypto.so* lib/libssl.so* $(OPENSSL_DIR)/Makefile
 clean-ext:
-	find $(RUBY_OPENSSL_EXT_DIR) \( -name "*.o" -o -name "*.so" \) -delete
+	[ -d $(RUBY_OPENSSL_EXT_DIR) ] \
+		&& find $(RUBY_OPENSSL_EXT_DIR) \( -name "*.o" -o -name "*.so" \) -delete \
+		|| true
 	rm -f lib/openssl.so
+mr-proper:
+	rm -rf lib/libcrypto.so* lib/libssl.so* lib/openssl.so build
 
-mr-proper: clean
-	rm -rf lib/libcrypto.so lib/libssl.so lib/libcrypto.so.1.0.0 lib/libssl.so.1.0.0 lib/openssl.so
+build/:
+	mkdir $@
 
-$(OPENSSL_DIR)/:
-	wget https://www.openssl.org/source/$(OPENSSL_DIR).tar.gz
-	tar xf $(OPENSSL_DIR).tar.gz
-	rm -rf $(OPENSSL_DIR).tar.gz
+$(OPENSSL_DIR)/: | build/
+	cd build && \
+		wget https://www.openssl.org/source/$(OPENSSL_NAME).tar.gz && \
+		tar xf $(OPENSSL_NAME).tar.gz && \
+		rm -rf $(OPENSSL_NAME).tar.gz
 
 $(OPENSSL_DIR)/Makefile: | $(OPENSSL_DIR)/
-	cd $(OPENSSL_DIR); ./config shared
+	cd $(OPENSSL_DIR); ./Configure enable-ssl3 enable-ssl2 enable-shared linux-x86_64
 
 $(OPENSSL_DIR)/libssl.so \
-$(OPENSSL_DIR)/libcrypto.so \
-$(OPENSSL_DIR)/libssl.so.1.0.0 \
-$(OPENSSL_DIR)/libcrypto.so.1.0.0: $(OPENSSL_DIR)/Makefile
+$(OPENSSL_DIR)/libcrypto.so: $(OPENSSL_DIR)/Makefile
 	$(MAKE) -C $(OPENSSL_DIR) depend build_libs
 
 lib/%.so: $(OPENSSL_DIR)/%.so
 	cp $< $@
-
-lib/%.so.1.0.0: $(OPENSSL_DIR)/%.so.1.0.0
-	cp $< $@
-
+lib/%.so.1.0.0:
+	ln -fs $(notdir $(subst .1.0.0,, $@)) $@
 libs: lib/libssl.so lib/libcrypto.so lib/libssl.so.1.0.0 lib/libcrypto.so.1.0.0
 
-$(RUBY_DIR)/:
-	wget http://cache.ruby-lang.org/pub/ruby/$(RUBY_MAJOR_VERSION)/$(RUBY_DIR).tar.gz
-	tar xf $(RUBY_DIR).tar.gz
-	rm -f $(RUBY_DIR).tar.gz
+$(RUBY_DIR)/: | build/
+	cd build && \
+		wget http://cache.ruby-lang.org/pub/ruby/$(RUBY_MAJOR_VERSION)/$(RUBY_NAME).tar.gz && \
+		tar xf $(RUBY_NAME).tar.gz && \
+		rm -f $(RUBY_NAME).tar.gz
 
 $(RUBY_OPENSSL_EXT_DIR)/Makefile: libs | $(RUBY_DIR)/
 	cd $(RUBY_OPENSSL_EXT_DIR); ruby extconf.rb
diff --git a/bin/supported b/bin/supported
new file mode 120000
index 0000000..22882cf
--- /dev/null
+++ b/bin/supported
@@ -0,0 +1 @@
+runner
\ No newline at end of file
diff --git a/bin/supported.rb b/bin/supported.rb
new file mode 100755
index 0000000..0782a9d
--- /dev/null
+++ b/bin/supported.rb
@@ -0,0 +1,11 @@
+#!/usr/bin/env ruby
+$:.unshift File.expand_path File.join File.dirname(__FILE__), '../lib'
+require 'rubygems'
+require 'bundler/setup'
+require 'cryptcheck'
+
+puts 'Supported methods'
+puts OpenSSL::SSL::SSLContext::METHODS.select { |m| CryptCheck::Tls::Server::EXISTING_METHODS.include? m  }.sort.join ' '
+
+puts 'Supported ciphers'
+puts CryptCheck::Tls::Cipher.list.collect { |c| c.name }.sort.join ' '
diff --git a/output/alexa.yml b/output/alexa.yml
index 4063d06..7935fd7 100644
--- a/output/alexa.yml
+++ b/output/alexa.yml
@@ -1,4 +1,5 @@
 - description: Top 100 Alexa
+  hostnames:
   - google.com
   - facebook.com
   - youtube.com
diff --git a/output/xmpp.erb b/output/xmpp.erb
index 84db564..69cbb05 100644
--- a/output/xmpp.erb
+++ b/output/xmpp.erb
@@ -76,8 +76,8 @@
 								s = n.server
 							%>
 							<tr>
-								<th id="<%= s.domain %>">
-									<a href="#<%= s.domain %>"><%= s.domain %></a>
+								<th id="<%= s.hostname %>">
+									<a href="#<%= s.hostname %>"><%= s.hostname %></a>
 								</th>
 								<% if s.is_a? Tls::TlsNotSupportedServer %>
 									<td class="critical" colspan="16">
diff --git a/output/xmpp.yml b/output/xmpp.yml
index 4c250b9..aaff615 100644
--- a/output/xmpp.yml
+++ b/output/xmpp.yml
@@ -1,21 +1,23 @@
-- imirhil.fr
-- magicbox.okhin.fr
-- cyphercat.eu
-- jabber.ccc.de
-- jbfavre.im
-- axelsimon.net
-- google.com
-- ecuri.es
-- dattaz.fr
-- jabber.lqdn.fr
-- mailfr.com
-- arysthaar.pw
-- startcom.org
-- riseup.net
-- citronna.de
-- matlink.fr
-- verry.org
-- keuse.fr
-- cappuccino.uk.to
-- corzntin.fr
-- fralef.me
+- description: XMPP
+  hostnames:
+  - imirhil.fr
+  - magicbox.okhin.fr
+  - cyphercat.eu
+  - jabber.ccc.de
+  - jbfavre.im
+  - axelsimon.net
+  - google.com
+  - ecuri.es
+  - dattaz.fr
+  - jabber.lqdn.fr
+  - mailfr.com
+  - arysthaar.pw
+  - startcom.org
+  - riseup.net
+  - citronna.de
+  - matlink.fr
+  - verry.org
+  - keuse.fr
+  - cappuccino.uk.to
+  - corzntin.fr
+  - fralef.me