Activate sslv2 and sslv3 on openssl 1.0.2g

6 anos atrás · 8b6f08ab4d
--- a/.gitignore
+++ b/.gitignore
@ -11,3 +11,4 @@ Gemfile.lock
 /db/schema.rb
 /lib/**/*.so
 /lib/**/*.so.1.0.0
+/build/
--- a/58
+++ b/58
@ -1,11 +1,14 @@
 PWD = $(shell pwd)
 export CPATH = $(PWD)/openssl/include
 export LIBRARY_PATH = $(PWD)/openssl
-OPENSSL_VERSION = 1.0.2d
-OPENSSL_DIR = openssl-$(OPENSSL_VERSION)
+OPENSSL_VERSION = 1.0.2g
+OPENSSL_NAME = openssl-$(OPENSSL_VERSION)
+OPENSSL_DIR = build/$(OPENSSL_NAME)
+#OPENSSL_DIR = openssl
 RUBY_MAJOR_VERSION = 2.3
 RUBY_VERSION = $(RUBY_MAJOR_VERSION).0
-RUBY_DIR = ruby-$(RUBY_VERSION)-preview1
+RUBY_NAME = ruby-$(RUBY_VERSION)
+RUBY_DIR = build/$(RUBY_NAME)
 RUBY_OPENSSL_EXT_DIR = $(RUBY_DIR)/ext/openssl
 export LIBRARY_PATH = $(PWD)/lib
 export C_INCLUDE_PATH = $(PWD)/$(OPENSSL_DIR)/include
@ -14,44 +17,47 @@ export C_INCLUDE_PATH = $(PWD)/$(OPENSSL_DIR)/include

 all: libs ext

-clean:
-	rm -rf $(RUBY_DIR) $(OPENSSL_DIR)
+clean: clean-libs clean-ext
 clean-libs:
-	find $(OPENSSL_DIR) \( -name "*.o" -o -name "*.so" \) -delete
-	rm -f lib/libcrypto.so lib/libssl.so lib/libcrypto.so.1.0.0 lib/libssl.so.1.0.0
+	[ -d $(OPENSSL_DIR) ] \
+		&& find $(OPENSSL_DIR) \( -name "*.o" -o -name "*.so" \) -delete \
+		|| true
+	rm -f lib/libcrypto.so* lib/libssl.so* $(OPENSSL_DIR)/Makefile
 clean-ext:
-	find $(RUBY_OPENSSL_EXT_DIR) \( -name "*.o" -o -name "*.so" \) -delete
+	[ -d $(RUBY_OPENSSL_EXT_DIR) ] \
+		&& find $(RUBY_OPENSSL_EXT_DIR) \( -name "*.o" -o -name "*.so" \) -delete \
+		|| true
 	rm -f lib/openssl.so
+mr-proper:
+	rm -rf lib/libcrypto.so* lib/libssl.so* lib/openssl.so build

-mr-proper: clean
-	rm -rf lib/libcrypto.so lib/libssl.so lib/libcrypto.so.1.0.0 lib/libssl.so.1.0.0 lib/openssl.so
+build/:
+	mkdir $@

-$(OPENSSL_DIR)/:
-	wget https://www.openssl.org/source/$(OPENSSL_DIR).tar.gz
-	tar xf $(OPENSSL_DIR).tar.gz
-	rm -rf $(OPENSSL_DIR).tar.gz
+$(OPENSSL_DIR)/: | build/
+	cd build && \
+		wget https://www.openssl.org/source/$(OPENSSL_NAME).tar.gz && \
+		tar xf $(OPENSSL_NAME).tar.gz && \
+		rm -rf $(OPENSSL_NAME).tar.gz

 $(OPENSSL_DIR)/Makefile: | $(OPENSSL_DIR)/
-	cd $(OPENSSL_DIR); ./config shared
+	cd $(OPENSSL_DIR); ./Configure enable-ssl3 enable-ssl2 enable-shared linux-x86_64

 $(OPENSSL_DIR)/libssl.so \
-$(OPENSSL_DIR)/libcrypto.so \
-$(OPENSSL_DIR)/libssl.so.1.0.0 \
-$(OPENSSL_DIR)/libcrypto.so.1.0.0: $(OPENSSL_DIR)/Makefile
+$(OPENSSL_DIR)/libcrypto.so: $(OPENSSL_DIR)/Makefile
 	$(MAKE) -C $(OPENSSL_DIR) depend build_libs

 lib/%.so: $(OPENSSL_DIR)/%.so
 	cp $< $@
-
-lib/%.so.1.0.0: $(OPENSSL_DIR)/%.so.1.0.0
-	cp $< $@
-
+lib/%.so.1.0.0:
+	ln -fs $(notdir $(subst .1.0.0,, $@)) $@
 libs: lib/libssl.so lib/libcrypto.so lib/libssl.so.1.0.0 lib/libcrypto.so.1.0.0

-$(RUBY_DIR)/:
-	wget http://cache.ruby-lang.org/pub/ruby/$(RUBY_MAJOR_VERSION)/$(RUBY_DIR).tar.gz
-	tar xf $(RUBY_DIR).tar.gz
-	rm -f $(RUBY_DIR).tar.gz
+$(RUBY_DIR)/: | build/
+	cd build && \
+		wget http://cache.ruby-lang.org/pub/ruby/$(RUBY_MAJOR_VERSION)/$(RUBY_NAME).tar.gz && \
+		tar xf $(RUBY_NAME).tar.gz && \
+		rm -f $(RUBY_NAME).tar.gz

 $(RUBY_OPENSSL_EXT_DIR)/Makefile: libs | $(RUBY_DIR)/
 	cd $(RUBY_OPENSSL_EXT_DIR); ruby extconf.rb
--- a/bin/supported
+++ b/bin/supported
@ -0,0 +1 @@
+runner
--- a/bin/supported.rb
+++ b/bin/supported.rb
@ -0,0 +1,11 @@
+#!/usr/bin/env ruby
+$:.unshift File.expand_path File.join File.dirname(__FILE__), '../lib'
+require 'rubygems'
+require 'bundler/setup'
+require 'cryptcheck'
+
+puts 'Supported methods'
+puts OpenSSL::SSL::SSLContext::METHODS.select { |m| CryptCheck::Tls::Server::EXISTING_METHODS.include? m  }.sort.join ' '
+
+puts 'Supported ciphers'
+puts CryptCheck::Tls::Cipher.list.collect { |c| c.name }.sort.join ' '
--- a/output/alexa.yml
+++ b/output/alexa.yml
@ -1,4 +1,5 @@
 - description: Top 100 Alexa
+  hostnames:
  - google.com
  - facebook.com
  - youtube.com
--- a/output/xmpp.erb
+++ b/output/xmpp.erb
@ -76,8 +76,8 @@
 								s = n.server
 							%>
 							<tr>
-								<th id="<%= s.domain %>">
-									<a href="#<%= s.domain %>"><%= s.domain %></a>
+								<th id="<%= s.hostname %>">
+									<a href="#<%= s.hostname %>"><%= s.hostname %></a>
 								</th>
 								<% if s.is_a? Tls::TlsNotSupportedServer %>
 									<td class="critical" colspan="16">
--- a/output/xmpp.yml
+++ b/output/xmpp.yml
@ -1,21 +1,23 @@
- imirhil.fr
- magicbox.okhin.fr
- cyphercat.eu
- jabber.ccc.de
- jbfavre.im
- axelsimon.net
- google.com
- ecuri.es
- dattaz.fr
- jabber.lqdn.fr
- mailfr.com
- arysthaar.pw
- startcom.org
- riseup.net
- citronna.de
- matlink.fr
- verry.org
- keuse.fr
- cappuccino.uk.to
- corzntin.fr
- fralef.me
+- description: XMPP
+  hostnames:
+  - imirhil.fr
+  - magicbox.okhin.fr
+  - cyphercat.eu
+  - jabber.ccc.de
+  - jbfavre.im
+  - axelsimon.net
+  - google.com
+  - ecuri.es
+  - dattaz.fr
+  - jabber.lqdn.fr
+  - mailfr.com
+  - arysthaar.pw
+  - startcom.org
+  - riseup.net
+  - citronna.de
+  - matlink.fr
+  - verry.org
+  - keuse.fr
+  - cappuccino.uk.to
+  - corzntin.fr
+  - fralef.me