diff options
author | Alexey Dokuchaev <danfe@FreeBSD.org> | 2008-01-29 16:03:18 +0000 |
---|---|---|
committer | Alexey Dokuchaev <danfe@FreeBSD.org> | 2008-01-29 16:03:18 +0000 |
commit | 383b44fe29c3727135b264991bb48788017a4632 (patch) | |
tree | bdbfcf882bc8eca5cbdfa547ca84931b84319319 /net/ssldump | |
parent | e15a18575aaf481edd70a5766b19ea3cd323806f (diff) | |
download | ports-383b44fe29c3727135b264991bb48788017a4632.tar.gz ports-383b44fe29c3727135b264991bb48788017a4632.zip |
Notes
Diffstat (limited to 'net/ssldump')
-rw-r--r-- | net/ssldump/Makefile | 23 | ||||
-rw-r--r-- | net/ssldump/files/patch-base_pcap-snoop.c | 11 | ||||
-rw-r--r-- | net/ssldump/files/patch-ssl_ssl_analyze.c | 11 | ||||
-rw-r--r-- | net/ssldump/files/patch-ssl_ssldecode.c | 18 | ||||
-rw-r--r-- | net/ssldump/files/patch-ssldump.1 | 158 | ||||
-rw-r--r-- | net/ssldump/pkg-descr | 6 |
6 files changed, 208 insertions, 19 deletions
diff --git a/net/ssldump/Makefile b/net/ssldump/Makefile index 393593d592e3..8cda1bef385b 100644 --- a/net/ssldump/Makefile +++ b/net/ssldump/Makefile @@ -1,35 +1,34 @@ # New ports collection makefile for: ssldump -# Date created: 10 November 2000 -# Whom: Kris Kennaway <kris@FreeBSD.org> +# Date created: 10 November 2000 +# Whom: Kris Kennaway <kris@FreeBSD.org> # # $FreeBSD$ # PORTNAME= ssldump PORTVERSION= 0.9b3 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= net security MASTER_SITES= http://www.rtfm.com/ssldump/ MAINTAINER= ports@FreeBSD.org COMMENT= SSLv3/TLS network protocol analyzer -USE_OPENSSL= YES +USE_OPENSSL= yes -OPTIONS= AES "Enable AES support from CVS (EXPERIMENTAL)" off - -.include <bsd.port.pre.mk> - -GNU_CONFIGURE= YES -USE_GMAKE= YES +GNU_CONFIGURE= yes CONFIGURE_ARGS= --with-openssl=${OPENSSLBASE} \ --sbindir=${PREFIX}/bin +OPTIONS= AES "Enable AES support from CVS (EXPERIMENTAL)" off + MAN1= ssldump.1 PLIST_FILES= bin/ssldump -.if defined (WITH_AES) -EXTRA_PATCHES+= ${FILESDIR}/extra-patch-aes +.include <bsd.port.pre.mk> + +.if defined(WITH_AES) +EXTRA_PATCHES+= ${FILESDIR}/extra-patch-aes .endif .include <bsd.port.post.mk> diff --git a/net/ssldump/files/patch-base_pcap-snoop.c b/net/ssldump/files/patch-base_pcap-snoop.c new file mode 100644 index 000000000000..d178d61463f7 --- /dev/null +++ b/net/ssldump/files/patch-base_pcap-snoop.c @@ -0,0 +1,11 @@ +--- base/pcap-snoop.c.orig 2008-01-29 21:40:43.000000000 +0600 ++++ base/pcap-snoop.c 2008-01-29 21:40:51.000000000 +0600 +@@ -206,7 +206,7 @@ + + signal(SIGINT,sig_handler); + +- while((c=getopt(argc,argv,"vr:f:S:Ttai:k:p:nsAxXhHVNdqem:P"))!=EOF){ ++ while((c=getopt(argc,argv,"vr:f:S:yTtai:k:p:nsAxXhHVNdqem:P"))!=EOF){ + switch(c){ + case 'v': + print_version(); diff --git a/net/ssldump/files/patch-ssl_ssl_analyze.c b/net/ssldump/files/patch-ssl_ssl_analyze.c new file mode 100644 index 000000000000..65d2f6936b50 --- /dev/null +++ b/net/ssldump/files/patch-ssl_ssl_analyze.c @@ -0,0 +1,11 @@ +--- ssl/ssl_analyze.c.orig 2002-01-22 00:46:13.000000000 +0600 ++++ ssl/ssl_analyze.c 2008-01-29 21:14:13.000000000 +0600 +@@ -133,7 +133,7 @@ + SSL_PRINT_DECODE + }, + { +- 0, ++ 'y', + "nroff", + SSL_PRINT_NROFF + }, diff --git a/net/ssldump/files/patch-ssl_ssldecode.c b/net/ssldump/files/patch-ssl_ssldecode.c index a8c617be8dd3..6892635af98f 100644 --- a/net/ssldump/files/patch-ssl_ssldecode.c +++ b/net/ssldump/files/patch-ssl_ssldecode.c @@ -1,10 +1,20 @@ ---- sssl/ssldecode.c.orig Sat Aug 17 05:33:17 2002 +--- ssl/ssldecode.c.orig Sat Aug 17 05:33:17 2002 +++ ssl/ssldecode.c Fri Jan 20 13:09:49 2006 -@@ -50,6 +50,7 @@ - #ifdef OPENSSL +@@ -51,6 +51,7 @@ #include <openssl/ssl.h> #include <openssl/hmac.h> -+#include <openssl/md5.h> #include <openssl/evp.h> ++#include <openssl/md5.h> #include <openssl/x509v3.h> #endif + #include "ssldecode.h" +@@ -131,7 +132,8 @@ + ssl_decode_ctx *d=0; + int r,_status; + +- SSLeay_add_all_algorithms(); ++ SSL_library_init(); ++ OpenSSL_add_all_algorithms(); + if(!(d=(ssl_decode_ctx *)malloc(sizeof(ssl_decode_ctx)))) + ABORT(R_NO_MEMORY); + if(!(d->ssl_ctx=SSL_CTX_new(SSLv23_server_method()))) diff --git a/net/ssldump/files/patch-ssldump.1 b/net/ssldump/files/patch-ssldump.1 new file mode 100644 index 000000000000..2973ae408848 --- /dev/null +++ b/net/ssldump/files/patch-ssldump.1 @@ -0,0 +1,158 @@ +--- ssldump.1.orig 2002-08-13 06:46:53.000000000 +0700 ++++ ssldump.1 2008-01-29 21:49:33.000000000 +0600 +@@ -61,12 +61,9 @@ + .na + .B ssldump + [ +-.B \-vtaTnsAxXhHVNdq ++.B \-vTshVq ++.B \-aAdeHnNqTxXvy + ] [ +-.B \-r +-.I dumpfile +-] +-[ + .B \-i + .I interface + ] +@@ -81,6 +78,16 @@ + .I password + ] + [ ++.B \-r ++.I dumpfile ++] ++.br ++.ti +8 ++[ ++.B \-S ++.RI [\| crypto \||\| d \||\| ht \||\| H \||\| nroff \|] ++] ++[ + .I expression + ] + .br +@@ -125,6 +132,7 @@ + You must have read access to + .IR /dev/bpf* . + .SH OPTIONS ++.TP + .B \-a + Print bare TCP ACKs (useful for observing Nagle behavior) + .TP +@@ -135,7 +143,7 @@ + .B \-d + Display the application data traffic. This usually means + decrypting it, but when -d is used ssldump will also decode +-application data traffic _before_ the SSL session initiates. ++application data traffic \fIbefore\fP the SSL session initiates. + This allows you to see HTTPS CONNECT behavior as well as + SMTP STARTTLS. As a side effect, since ssldump can't tell + whether plaintext is traffic before the initiation of an +@@ -148,18 +156,9 @@ + .B \-e + Print absolute timestamps instead of relative timestamps + .TP +-.B \-r +-Read data from \fIfile\fP instead of from the network. +-The old -f option still works but is deprecated and will +-probably be removed with the next version. + .B \-H + Print the full SSL packet header. + .TP +-.B \-k +-Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format) +-Previous versions of ssldump automatically looked in ./server.pem. +-Now you must specify your keyfile every time. +-.TP + .B \-n + Don't try to resolve host names from IP addresses + .TP +@@ -176,6 +175,12 @@ + .B \-q + Don't decode any record fields beyond a single summary line. (quiet mode). + .TP ++.B \-T ++Print the TCP headers. ++.TP ++.B \-v ++Display version and copyright information. ++.TP + .B \-x + Print each record in hex, as well as decoding it. + .TP +@@ -183,13 +188,48 @@ + When the -d option is used, binary data is automatically printed + in two columns with a hex dump on the left and the printable characters + on the right. -X suppresses the display of the printable characters, +-thus making it easier to cut and paste the hext data into some other ++thus making it easier to cut and paste the hex data into some other + program. ++.TP + .B \-y +-Decorate the output for processing with troff. Not very ++Decorate the output for processing with nroff/troff. Not very + useful for the average user. + .TP +-.IP "\fI expression\fP" ++.BI \-i " interface" ++Use \fIinterface\fP as the network interface on which to sniff SSL/TLS ++traffic. ++.TP ++.BI \-k " keyfile" ++Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format) ++Previous versions of ssldump automatically looked in ./server.pem. ++Now you must specify your keyfile every time. ++.TP ++.BI \-p " password" ++Use \fIpassword\fP as the SSL keyfile password. ++.TP ++.BI \-r " file" ++Read data from \fIfile\fP instead of from the network. ++The old -f option still works but is deprecated and will ++probably be removed with the next version. ++.TP ++.BI \-S " [ " crypto " | " d " | " ht " | " H " ]" ++Specify SSL flags to ssldump. These flags include: ++.RS ++.TP ++.I crypto ++Print cryptographic information. ++.TP ++.I d ++Print fields as decoded. ++.TP ++.I ht ++Print the handshake type. ++.TP ++.I H ++Print handshake type and highlights. ++.RE ++.TP ++\fIexpression\fP + .RS + Selects what packets ssldump will examine. Technically speaking, + ssldump supports the full expression syntax from PCAP and tcpdump. +@@ -200,7 +240,7 @@ + don't result in incomplete TCP streams are listed here. + .LP + The \fIexpression\fP consists of one or more +-.I primitives. ++.IR primitives . + Primitives usually consist of an + .I id + (name or number) preceded by one or more qualifiers. There are three +@@ -512,5 +552,11 @@ + .LP + ssldump doesn't implement session caching and therefore can't decrypt + resumed sessions. +- +- ++.LP ++.SH SEE ALSO ++.LP ++.BR tcpdump (1) ++.LP ++.SH AUTHOR ++.LP ++ssldump was written by Eric Rescorla <ekr@rtfm.com>. diff --git a/net/ssldump/pkg-descr b/net/ssldump/pkg-descr index 688abce3dc93..59a4b1fc153f 100644 --- a/net/ssldump/pkg-descr +++ b/net/ssldump/pkg-descr @@ -1,7 +1,7 @@ -ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP +ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret -them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it -decodes the records and displays them in a textual form to stdout. If +them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it +decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. |