aboutsummaryrefslogtreecommitdiff
path: root/net/ssldump
diff options
context:
space:
mode:
authorAlexey Dokuchaev <danfe@FreeBSD.org>2008-01-29 16:03:18 +0000
committerAlexey Dokuchaev <danfe@FreeBSD.org>2008-01-29 16:03:18 +0000
commit383b44fe29c3727135b264991bb48788017a4632 (patch)
treebdbfcf882bc8eca5cbdfa547ca84931b84319319 /net/ssldump
parente15a18575aaf481edd70a5766b19ea3cd323806f (diff)
downloadports-383b44fe29c3727135b264991bb48788017a4632.tar.gz
ports-383b44fe29c3727135b264991bb48788017a4632.zip
Notes
Diffstat (limited to 'net/ssldump')
-rw-r--r--net/ssldump/Makefile23
-rw-r--r--net/ssldump/files/patch-base_pcap-snoop.c11
-rw-r--r--net/ssldump/files/patch-ssl_ssl_analyze.c11
-rw-r--r--net/ssldump/files/patch-ssl_ssldecode.c18
-rw-r--r--net/ssldump/files/patch-ssldump.1158
-rw-r--r--net/ssldump/pkg-descr6
6 files changed, 208 insertions, 19 deletions
diff --git a/net/ssldump/Makefile b/net/ssldump/Makefile
index 393593d592e3..8cda1bef385b 100644
--- a/net/ssldump/Makefile
+++ b/net/ssldump/Makefile
@@ -1,35 +1,34 @@
# New ports collection makefile for: ssldump
-# Date created: 10 November 2000
-# Whom: Kris Kennaway <kris@FreeBSD.org>
+# Date created: 10 November 2000
+# Whom: Kris Kennaway <kris@FreeBSD.org>
#
# $FreeBSD$
#
PORTNAME= ssldump
PORTVERSION= 0.9b3
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= net security
MASTER_SITES= http://www.rtfm.com/ssldump/
MAINTAINER= ports@FreeBSD.org
COMMENT= SSLv3/TLS network protocol analyzer
-USE_OPENSSL= YES
+USE_OPENSSL= yes
-OPTIONS= AES "Enable AES support from CVS (EXPERIMENTAL)" off
-
-.include <bsd.port.pre.mk>
-
-GNU_CONFIGURE= YES
-USE_GMAKE= YES
+GNU_CONFIGURE= yes
CONFIGURE_ARGS= --with-openssl=${OPENSSLBASE} \
--sbindir=${PREFIX}/bin
+OPTIONS= AES "Enable AES support from CVS (EXPERIMENTAL)" off
+
MAN1= ssldump.1
PLIST_FILES= bin/ssldump
-.if defined (WITH_AES)
-EXTRA_PATCHES+= ${FILESDIR}/extra-patch-aes
+.include <bsd.port.pre.mk>
+
+.if defined(WITH_AES)
+EXTRA_PATCHES+= ${FILESDIR}/extra-patch-aes
.endif
.include <bsd.port.post.mk>
diff --git a/net/ssldump/files/patch-base_pcap-snoop.c b/net/ssldump/files/patch-base_pcap-snoop.c
new file mode 100644
index 000000000000..d178d61463f7
--- /dev/null
+++ b/net/ssldump/files/patch-base_pcap-snoop.c
@@ -0,0 +1,11 @@
+--- base/pcap-snoop.c.orig 2008-01-29 21:40:43.000000000 +0600
++++ base/pcap-snoop.c 2008-01-29 21:40:51.000000000 +0600
+@@ -206,7 +206,7 @@
+
+ signal(SIGINT,sig_handler);
+
+- while((c=getopt(argc,argv,"vr:f:S:Ttai:k:p:nsAxXhHVNdqem:P"))!=EOF){
++ while((c=getopt(argc,argv,"vr:f:S:yTtai:k:p:nsAxXhHVNdqem:P"))!=EOF){
+ switch(c){
+ case 'v':
+ print_version();
diff --git a/net/ssldump/files/patch-ssl_ssl_analyze.c b/net/ssldump/files/patch-ssl_ssl_analyze.c
new file mode 100644
index 000000000000..65d2f6936b50
--- /dev/null
+++ b/net/ssldump/files/patch-ssl_ssl_analyze.c
@@ -0,0 +1,11 @@
+--- ssl/ssl_analyze.c.orig 2002-01-22 00:46:13.000000000 +0600
++++ ssl/ssl_analyze.c 2008-01-29 21:14:13.000000000 +0600
+@@ -133,7 +133,7 @@
+ SSL_PRINT_DECODE
+ },
+ {
+- 0,
++ 'y',
+ "nroff",
+ SSL_PRINT_NROFF
+ },
diff --git a/net/ssldump/files/patch-ssl_ssldecode.c b/net/ssldump/files/patch-ssl_ssldecode.c
index a8c617be8dd3..6892635af98f 100644
--- a/net/ssldump/files/patch-ssl_ssldecode.c
+++ b/net/ssldump/files/patch-ssl_ssldecode.c
@@ -1,10 +1,20 @@
---- sssl/ssldecode.c.orig Sat Aug 17 05:33:17 2002
+--- ssl/ssldecode.c.orig Sat Aug 17 05:33:17 2002
+++ ssl/ssldecode.c Fri Jan 20 13:09:49 2006
-@@ -50,6 +50,7 @@
- #ifdef OPENSSL
+@@ -51,6 +51,7 @@
#include <openssl/ssl.h>
#include <openssl/hmac.h>
-+#include <openssl/md5.h>
#include <openssl/evp.h>
++#include <openssl/md5.h>
#include <openssl/x509v3.h>
#endif
+ #include "ssldecode.h"
+@@ -131,7 +132,8 @@
+ ssl_decode_ctx *d=0;
+ int r,_status;
+
+- SSLeay_add_all_algorithms();
++ SSL_library_init();
++ OpenSSL_add_all_algorithms();
+ if(!(d=(ssl_decode_ctx *)malloc(sizeof(ssl_decode_ctx))))
+ ABORT(R_NO_MEMORY);
+ if(!(d->ssl_ctx=SSL_CTX_new(SSLv23_server_method())))
diff --git a/net/ssldump/files/patch-ssldump.1 b/net/ssldump/files/patch-ssldump.1
new file mode 100644
index 000000000000..2973ae408848
--- /dev/null
+++ b/net/ssldump/files/patch-ssldump.1
@@ -0,0 +1,158 @@
+--- ssldump.1.orig 2002-08-13 06:46:53.000000000 +0700
++++ ssldump.1 2008-01-29 21:49:33.000000000 +0600
+@@ -61,12 +61,9 @@
+ .na
+ .B ssldump
+ [
+-.B \-vtaTnsAxXhHVNdq
++.B \-vTshVq
++.B \-aAdeHnNqTxXvy
+ ] [
+-.B \-r
+-.I dumpfile
+-]
+-[
+ .B \-i
+ .I interface
+ ]
+@@ -81,6 +78,16 @@
+ .I password
+ ]
+ [
++.B \-r
++.I dumpfile
++]
++.br
++.ti +8
++[
++.B \-S
++.RI [\| crypto \||\| d \||\| ht \||\| H \||\| nroff \|]
++]
++[
+ .I expression
+ ]
+ .br
+@@ -125,6 +132,7 @@
+ You must have read access to
+ .IR /dev/bpf* .
+ .SH OPTIONS
++.TP
+ .B \-a
+ Print bare TCP ACKs (useful for observing Nagle behavior)
+ .TP
+@@ -135,7 +143,7 @@
+ .B \-d
+ Display the application data traffic. This usually means
+ decrypting it, but when -d is used ssldump will also decode
+-application data traffic _before_ the SSL session initiates.
++application data traffic \fIbefore\fP the SSL session initiates.
+ This allows you to see HTTPS CONNECT behavior as well as
+ SMTP STARTTLS. As a side effect, since ssldump can't tell
+ whether plaintext is traffic before the initiation of an
+@@ -148,18 +156,9 @@
+ .B \-e
+ Print absolute timestamps instead of relative timestamps
+ .TP
+-.B \-r
+-Read data from \fIfile\fP instead of from the network.
+-The old -f option still works but is deprecated and will
+-probably be removed with the next version.
+ .B \-H
+ Print the full SSL packet header.
+ .TP
+-.B \-k
+-Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format)
+-Previous versions of ssldump automatically looked in ./server.pem.
+-Now you must specify your keyfile every time.
+-.TP
+ .B \-n
+ Don't try to resolve host names from IP addresses
+ .TP
+@@ -176,6 +175,12 @@
+ .B \-q
+ Don't decode any record fields beyond a single summary line. (quiet mode).
+ .TP
++.B \-T
++Print the TCP headers.
++.TP
++.B \-v
++Display version and copyright information.
++.TP
+ .B \-x
+ Print each record in hex, as well as decoding it.
+ .TP
+@@ -183,13 +188,48 @@
+ When the -d option is used, binary data is automatically printed
+ in two columns with a hex dump on the left and the printable characters
+ on the right. -X suppresses the display of the printable characters,
+-thus making it easier to cut and paste the hext data into some other
++thus making it easier to cut and paste the hex data into some other
+ program.
++.TP
+ .B \-y
+-Decorate the output for processing with troff. Not very
++Decorate the output for processing with nroff/troff. Not very
+ useful for the average user.
+ .TP
+-.IP "\fI expression\fP"
++.BI \-i " interface"
++Use \fIinterface\fP as the network interface on which to sniff SSL/TLS
++traffic.
++.TP
++.BI \-k " keyfile"
++Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format)
++Previous versions of ssldump automatically looked in ./server.pem.
++Now you must specify your keyfile every time.
++.TP
++.BI \-p " password"
++Use \fIpassword\fP as the SSL keyfile password.
++.TP
++.BI \-r " file"
++Read data from \fIfile\fP instead of from the network.
++The old -f option still works but is deprecated and will
++probably be removed with the next version.
++.TP
++.BI \-S " [ " crypto " | " d " | " ht " | " H " ]"
++Specify SSL flags to ssldump. These flags include:
++.RS
++.TP
++.I crypto
++Print cryptographic information.
++.TP
++.I d
++Print fields as decoded.
++.TP
++.I ht
++Print the handshake type.
++.TP
++.I H
++Print handshake type and highlights.
++.RE
++.TP
++\fIexpression\fP
+ .RS
+ Selects what packets ssldump will examine. Technically speaking,
+ ssldump supports the full expression syntax from PCAP and tcpdump.
+@@ -200,7 +240,7 @@
+ don't result in incomplete TCP streams are listed here.
+ .LP
+ The \fIexpression\fP consists of one or more
+-.I primitives.
++.IR primitives .
+ Primitives usually consist of an
+ .I id
+ (name or number) preceded by one or more qualifiers. There are three
+@@ -512,5 +552,11 @@
+ .LP
+ ssldump doesn't implement session caching and therefore can't decrypt
+ resumed sessions.
+-
+-
++.LP
++.SH SEE ALSO
++.LP
++.BR tcpdump (1)
++.LP
++.SH AUTHOR
++.LP
++ssldump was written by Eric Rescorla <ekr@rtfm.com>.
diff --git a/net/ssldump/pkg-descr b/net/ssldump/pkg-descr
index 688abce3dc93..59a4b1fc153f 100644
--- a/net/ssldump/pkg-descr
+++ b/net/ssldump/pkg-descr
@@ -1,7 +1,7 @@
-ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP
+ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP
connections on the chosen network interface and attempts to interpret
-them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it
-decodes the records and displays them in a textual form to stdout. If
+them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it
+decodes the records and displays them in a textual form to stdout. If
provided with the appropriate keying material, it will also decrypt
the connections and display the application data traffic.