<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[154191] trunk/dports/net/ssldump</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { white-space: pre-line; overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="https://trac.macports.org/changeset/154191">154191</a></dd>
<dt>Author</dt> <dd>khindenburg@macports.org</dd>
<dt>Date</dt> <dd>2016-10-23 21:26:27 +0200 (Sun, 23 Oct 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>ssldump: add Debian's patches to fix a large number of issues
- #49330 had some patches; using Debian's should make it easier to update</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkdportsnetssldumpPortfile">trunk/dports/net/ssldump/Portfile</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunkdportsnetssldumpfilespatchaddAEScipersuitesdiff">trunk/dports/net/ssldump/files/patch-add-AES-ciper-suites.diff</a></li>
<li><a href="#trunkdportsnetssldumpfilespatchaddmissingincludediff">trunk/dports/net/ssldump/files/patch-add-missing-include.diff</a></li>
<li><a href="#trunkdportsnetssldumpfilespatchfixMD5_CTX_undeclareddiff">trunk/dports/net/ssldump/files/patch-fix-MD5_CTX_undeclared.diff</a></li>
<li><a href="#trunkdportsnetssldumpfilespatchfixtablestopdiff">trunk/dports/net/ssldump/files/patch-fix-table-stop.diff</a></li>
<li><a href="#trunkdportsnetssldumpfilespatchmanpagediff">trunk/dports/net/ssldump/files/patch-manpage.diff</a></li>
<li><a href="#trunkdportsnetssldumpfilespatchreinstateynroffflagdiff">trunk/dports/net/ssldump/files/patch-reinstate--y-nroff-flag.diff</a></li>
<li><a href="#trunkdportsnetssldumpfilespatchsupportTUNinterfacesdiff">trunk/dports/net/ssldump/files/patch-support-TUN-interfaces.diff</a></li>
<li><a href="#trunkdportsnetssldumpfilespatchupdateforglibc220diff">trunk/dports/net/ssldump/files/patch-update-for-glibc2.20.diff</a></li>
</ul>
<h3>Removed Paths</h3>
<ul>
<li><a href="#trunkdportsnetssldumpfilespatchssl_ssldecode_c">trunk/dports/net/ssldump/files/patch-ssl_ssldecode_c</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkdportsnetssldumpPortfile"></a>
<div class="modfile"><h4>Modified: trunk/dports/net/ssldump/Portfile (154190 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/Portfile 2016-10-23 19:18:35 UTC (rev 154190)
+++ trunk/dports/net/ssldump/Portfile 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -5,7 +5,7 @@
</span><span class="cx">
</span><span class="cx"> name ssldump
</span><span class="cx"> version 0.9b3
</span><del>-revision 3
</del><ins>+revision 4
</ins><span class="cx"> categories net
</span><span class="cx"> license BSD-old
</span><span class="cx"> maintainers nomaintainer
</span><span class="lines">@@ -30,7 +30,17 @@
</span><span class="cx"> depends_lib port:libpcap \
</span><span class="cx"> path:lib/libssl.dylib:openssl
</span><span class="cx">
</span><del>-patchfiles patch-ssl_ssldecode_c
</del><ins>+# Include Debian's patches since the last release was 2004
+patchfiles \
+ patch-add-AES-ciper-suites.diff \
+ patch-add-missing-include.diff \
+ patch-fix-MD5_CTX_undeclared.diff \
+ patch-fix-table-stop.diff \
+ patch-manpage.diff \
+ patch-base-pcap-snoop.c \
+ patch-reinstate--y-nroff-flag.diff \
+ patch-support-TUN-interfaces.diff \
+ patch-update-for-glibc2.20.diff
</ins><span class="cx">
</span><span class="cx"> pre-configure {
</span><span class="cx"> xinstall -m 644 -W ${prefix}/share/libtool/build-aux config.guess config.sub ${worksrcpath}
</span><span class="lines">@@ -40,14 +50,6 @@
</span><span class="cx"> --with-pcap=${prefix} \
</span><span class="cx"> --with-openssl=${prefix}
</span><span class="cx">
</span><del>-platform darwin {
- # There seems to be a conflict between pcap.h (calling pcap-bpf.h) and
- # net/bpf.h.
- # This conflict apparently doesn't affect OpenBSD (judging from their port
- # of ssldump), so let's only fix it on darwin.
- patchfiles-append patch-base-pcap-snoop.c
-}
-
</del><span class="cx"> pre-destroot {
</span><span class="cx"> # Trash INSTALL because the FS might be case unsensitive.
</span><span class="cx"> file delete -force ${worksrcpath}/INSTALL
</span></span></pre></div>
<a id="trunkdportsnetssldumpfilespatchaddAEScipersuitesdiff"></a>
<div class="addfile"><h4>Added: trunk/dports/net/ssldump/files/patch-add-AES-ciper-suites.diff (0 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/files/patch-add-AES-ciper-suites.diff (rev 0)
+++ trunk/dports/net/ssldump/files/patch-add-AES-ciper-suites.diff 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -0,0 +1,172 @@
</span><ins>+Description: AES patch
+ patch for ssldump >= 0.9b3: adds support for AES cipher-suites (to ssldump).
+ For further information, please have a look to Novell bug ID #50952.
+Author: Carsten Hoeger <choeger@suse.de>
+Bug-Debian: http://bugs.debian.org/383619
+--- ssl/ciphersuites.c
++++ ssl/ciphersuites.c
+@@ -78,10 +78,22 @@ static SSL_CipherSuite CipherSuites[]={
+ {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1},
+ {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0},
+ {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0},
++ {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
++ {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
++ {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
++ {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
++ {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
++ {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0},
++ {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
++ {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
++ {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
++ {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
++ {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
++ {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0},
+ {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1},
+ {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1},
+ {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1},
+- {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1},
++ {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1},
+ {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1},
+ {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},
+ {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
+--- ssl/ssl.enums
++++ ssl/ssl.enums
+@@ -356,6 +356,18 @@ ClientKeyExchange(16)
+ CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 };
+ CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A };
+ CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B };
++ CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F };
++ CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 };
++ CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 };
++ CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 };
++ CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 };
++ CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 };
++ CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 };
++ CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 };
++ CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 };
++ CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 };
++ CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 };
++ CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A };
+ CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 };
+ CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 };
+ CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 };
+--- ssl/ssl.enums.c
++++ ssl/ssl.enums.c
+@@ -163,6 +163,7 @@ static int decode_HandshakeType_HelloReq
+
+
+ printf("\n");
++ return(0);
+
+ }
+ static int decode_HandshakeType_ClientHello(ssl,dir,seg,data)
+@@ -368,6 +369,7 @@ static int decode_HandshakeType_ServerHe
+
+
+ printf("\n");
++ return(0);
+
+ }
+ static int decode_HandshakeType_CertificateVerify(ssl,dir,seg,data)
+@@ -611,6 +613,54 @@ decoder cipher_suite_decoder[]={
+ "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
+ 0 },
+ {
++ 47,
++ "TLS_RSA_WITH_AES_128_CBC_SHA",
++ 0 },
++ {
++ 48,
++ "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
++ 0 },
++ {
++ 49,
++ "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
++ 0 },
++ {
++ 50,
++ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
++ 0 },
++ {
++ 51,
++ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
++ 0 },
++ {
++ 52,
++ "TLS_DH_anon_WITH_AES_128_CBC_SHA",
++ 0 },
++ {
++ 53,
++ "TLS_RSA_WITH_AES_256_CBC_SHA",
++ 0 },
++ {
++ 54,
++ "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
++ 0 },
++ {
++ 55,
++ "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
++ 0 },
++ {
++ 56,
++ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
++ 0 },
++ {
++ 57,
++ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
++ 0 },
++ {
++ 58,
++ "TLS_DH_anon_WITH_AES_256_CBC_SHA",
++ 0 },
++ {
+ 96,
+ "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",
+ 0 },
+--- ssl/ssl_rec.c
++++ ssl/ssl_rec.c
+@@ -78,7 +78,9 @@ static char *ciphers[]={
+ "DES3",
+ "RC4",
+ "RC2",
+- "IDEA"
++ "IDEA",
++ "AES128",
++ "AES256"
+ };
+
+
+@@ -101,6 +103,11 @@ int ssl_create_rec_decoder(dp,cs,mk,sk,i
+ /* Find the SSLeay cipher */
+ if(cs->enc!=ENC_NULL){
+ ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
++ if(!ciph)
++ ABORT(R_INTERNAL);
++ }
++ else {
++ ciph=EVP_enc_null();
+ }
+
+ if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1)))
+@@ -169,7 +176,7 @@ int ssl_decode_rec_data(ssl,d,ct,version
+ *outl=inl;
+
+ /* Now strip off the padding*/
+- if(d->cs->block!=1){
++ if(d->cs->block>1){
+ pad=out[inl-1];
+ *outl-=(pad+1);
+ }
+--- ssl/sslciphers.h
++++ ssl/sslciphers.h
+@@ -71,7 +71,9 @@ typedef struct SSL_CipherSuite_ {
+ #define ENC_RC4 0x32
+ #define ENC_RC2 0x33
+ #define ENC_IDEA 0x34
+-#define ENC_NULL 0x35
++#define ENC_AES128 0x35
++#define ENC_AES256 0x36
++#define ENC_NULL 0x37
+
+ #define DIG_MD5 0x40
+ #define DIG_SHA 0x41
</ins></span></pre></div>
<a id="trunkdportsnetssldumpfilespatchaddmissingincludediff"></a>
<div class="addfile"><h4>Added: trunk/dports/net/ssldump/files/patch-add-missing-include.diff (0 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/files/patch-add-missing-include.diff (rev 0)
+++ trunk/dports/net/ssldump/files/patch-add-missing-include.diff 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -0,0 +1,38 @@
</span><ins>+Description: Add missing "include"
+ Add #include <string.h> to fix the warnings: "implicit
+ declaration of function 'memcpy'" and "implicit declaration of function
+ 'memset'"
+Author: Sophie Brun <sophie@freexian.com>
+Last-Update: 2016-03-11
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- common/lib/r_assoc.c
++++ common/lib/r_assoc.c
+@@ -56,6 +56,7 @@
+
+ static char *RCSSTRING="$Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $";
+
++#include <string.h>
+ #include <r_common.h>
+ #include "r_assoc.h"
+
+--- common/lib/r_bitfield.c
++++ common/lib/r_bitfield.c
+@@ -10,6 +10,7 @@
+
+ static char *RCSSTRING="$Id: r_bitfield.c,v 1.3 2001/12/24 06:06:26 ekr Exp $";
+
++#include <string.h>
+ #include <r_common.h>
+ #include "r_bitfield.h"
+
+--- common/lib/r_data.c
++++ common/lib/r_data.c
+@@ -46,6 +46,7 @@
+
+ static char *RCSSTRING="$Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $";
+
++#include <string.h>
+ #include <r_common.h>
+ #include <r_data.h>
+
</ins></span></pre></div>
<a id="trunkdportsnetssldumpfilespatchfixMD5_CTX_undeclareddiff"></a>
<div class="addfile"><h4>Added: trunk/dports/net/ssldump/files/patch-fix-MD5_CTX_undeclared.diff (0 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/files/patch-fix-MD5_CTX_undeclared.diff (rev 0)
+++ trunk/dports/net/ssldump/files/patch-fix-MD5_CTX_undeclared.diff 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -0,0 +1,23 @@
</span><ins>+Description: fix MD5_CTX undeclared
+Author: Luk Claes <luk@debian.org>
+Bug-Debian: http://bugs.debian.org/337453
+--- ssl/ssldecode.c
++++ ssl/ssldecode.c
+@@ -51,6 +51,7 @@
+ #include <openssl/ssl.h>
+ #include <openssl/hmac.h>
+ #include <openssl/evp.h>
++#include <openssl/md5.h>
+ #include <openssl/x509v3.h>
+ #endif
+ #include "ssldecode.h"
+@@ -131,7 +132,8 @@ int ssl_decode_ctx_create(dp,keyfile,pas
+ ssl_decode_ctx *d=0;
+ int r,_status;
+
+- SSLeay_add_all_algorithms();
++ SSL_library_init();
++ OpenSSL_add_all_algorithms();
+ if(!(d=(ssl_decode_ctx *)malloc(sizeof(ssl_decode_ctx))))
+ ABORT(R_NO_MEMORY);
+ if(!(d->ssl_ctx=SSL_CTX_new(SSLv23_server_method())))
</ins></span></pre></div>
<a id="trunkdportsnetssldumpfilespatchfixtablestopdiff"></a>
<div class="addfile"><h4>Added: trunk/dports/net/ssldump/files/patch-fix-table-stop.diff (0 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/files/patch-fix-table-stop.diff (rev 0)
+++ trunk/dports/net/ssldump/files/patch-fix-table-stop.diff 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -0,0 +1,75 @@
</span><ins>+Description: Fix table stops
+ ssldump segfaults when decoding some unknown enumerated values
+ because decoder tables end with 0 instead of -1 expected by
+ table search routines
+Author: Zdenek Salvet <salvet@ics.muni.cz>
+Bug-Debian: http://bugs.debian.org/627884
+Last-Update: 2016-03-11
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- ssl/ssl.enums.c
++++ ssl/ssl.enums.c
+@@ -151,7 +151,7 @@ decoder ContentType_decoder[]={
+ "application_data",
+ decode_ContentType_application_data
+ },
+-{0}
++{-1}
+ };
+
+ static int decode_HandshakeType_HelloRequest(ssl,dir,seg,data)
+@@ -498,7 +498,7 @@ decoder HandshakeType_decoder[]={
+ "Finished",
+ decode_HandshakeType_Finished
+ },
+-{0}
++{-1}
+ };
+
+ decoder cipher_suite_decoder[]={
+@@ -728,7 +728,7 @@ decoder AlertLevel_decoder[]={
+ "fatal",
+ decode_AlertLevel_fatal
+ },
+-{0}
++{-1}
+ };
+
+ static int decode_AlertDescription_close_notify(ssl,dir,seg,data)
+@@ -1031,7 +1031,7 @@ decoder AlertDescription_decoder[]={
+ "no_renegotiation",
+ decode_AlertDescription_no_renegotiation
+ },
+-{0}
++{-1}
+ };
+
+ decoder compression_method_decoder[]={
+@@ -1095,6 +1095,6 @@ decoder client_certificate_type_decoder[
+ "dss_fixed_dh",
+ decode_client_certificate_type_dss_fixed_dh
+ },
+-{0}
++{-1}
+ };
+
+--- ssl/ssl_enum.c
++++ ssl/ssl_enum.c
+@@ -70,7 +70,7 @@ decoder ContentType_decoder[]={
+ "application_data",
+ decode_ContentType_application_data
+ },
+-{0}
++{-1}
+ };
+
+ static int decode_HandshakeType_hello_request(ssl,dir,seg,data)
+@@ -260,7 +260,7 @@ decoder HandshakeType_decoder[]={
+ "finished",
+ decode_HandshakeType_finished
+ },
+-{0}
++{-1}
+ };
+
+ decoder cipher_suite_decoder[]={
</ins></span></pre></div>
<a id="trunkdportsnetssldumpfilespatchmanpagediff"></a>
<div class="addfile"><h4>Added: trunk/dports/net/ssldump/files/patch-manpage.diff (0 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/files/patch-manpage.diff (rev 0)
+++ trunk/dports/net/ssldump/files/patch-manpage.diff 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -0,0 +1,160 @@
</span><ins>+Description: Revise ssldump.1 for correctness and completeness
+Author: Simon Law <sfllaw@engmail.uwaterloo.ca>
+--- ssldump.1
++++ ssldump.1
+@@ -61,12 +61,9 @@ ssldump \- dump SSL traffic on a network
+ .na
+ .B ssldump
+ [
+-.B \-vtaTnsAxXhHVNdq
++.B \-vTshVq
++.B \-aAdeHnNqTxXvy
+ ] [
+-.B \-r
+-.I dumpfile
+-]
+-[
+ .B \-i
+ .I interface
+ ]
+@@ -81,6 +78,16 @@ ssldump \- dump SSL traffic on a network
+ .I password
+ ]
+ [
++.B \-r
++.I dumpfile
++]
++.br
++.ti +8
++[
++.B \-S
++.RI [\| crypto \||\| d \||\| ht \||\| H \||\| nroff \|]
++]
++[
+ .I expression
+ ]
+ .br
+@@ -125,6 +132,7 @@ any user may run
+ You must have read access to
+ .IR /dev/bpf* .
+ .SH OPTIONS
++.TP
+ .B \-a
+ Print bare TCP ACKs (useful for observing Nagle behavior)
+ .TP
+@@ -135,7 +143,7 @@ the most interesting fields)
+ .B \-d
+ Display the application data traffic. This usually means
+ decrypting it, but when -d is used ssldump will also decode
+-application data traffic _before_ the SSL session initiates.
++application data traffic \fIbefore\fP the SSL session initiates.
+ This allows you to see HTTPS CONNECT behavior as well as
+ SMTP STARTTLS. As a side effect, since ssldump can't tell
+ whether plaintext is traffic before the initiation of an
+@@ -148,18 +156,9 @@ dumps. See also -X.
+ .B \-e
+ Print absolute timestamps instead of relative timestamps
+ .TP
+-.B \-r
+-Read data from \fIfile\fP instead of from the network.
+-The old -f option still works but is deprecated and will
+-probably be removed with the next version.
+ .B \-H
+ Print the full SSL packet header.
+ .TP
+-.B \-k
+-Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format)
+-Previous versions of ssldump automatically looked in ./server.pem.
+-Now you must specify your keyfile every time.
+-.TP
+ .B \-n
+ Don't try to resolve host names from IP addresses
+ .TP
+@@ -176,6 +175,12 @@ Don't put the interface into promiscuous
+ .B \-q
+ Don't decode any record fields beyond a single summary line. (quiet mode).
+ .TP
++.B \-T
++Print the TCP headers.
++.TP
++.B \-v
++Display version and copyright information.
++.TP
+ .B \-x
+ Print each record in hex, as well as decoding it.
+ .TP
+@@ -183,13 +188,48 @@ Print each record in hex, as well as dec
+ When the -d option is used, binary data is automatically printed
+ in two columns with a hex dump on the left and the printable characters
+ on the right. -X suppresses the display of the printable characters,
+-thus making it easier to cut and paste the hext data into some other
++thus making it easier to cut and paste the hex data into some other
+ program.
++.TP
+ .B \-y
+-Decorate the output for processing with troff. Not very
++Decorate the output for processing with nroff/troff. Not very
+ useful for the average user.
+ .TP
+-.IP "\fI expression\fP"
++.BI \-i " interface"
++Use \fIinterface\fP as the network interface on which to sniff SSL/TLS
++traffic.
++.TP
++.BI \-k " keyfile"
++Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format)
++Previous versions of ssldump automatically looked in ./server.pem.
++Now you must specify your keyfile every time.
++.TP
++.BI \-p " password"
++Use \fIpassword\fP as the SSL keyfile password.
++.TP
++.BI \-r " file"
++Read data from \fIfile\fP instead of from the network.
++The old -f option still works but is deprecated and will
++probably be removed with the next version.
++.TP
++.BI \-S " [ " crypto " | " d " | " ht " | " H " ]"
++Specify SSL flags to ssldump. These flags include:
++.RS
++.TP
++.I crypto
++Print cryptographic information.
++.TP
++.I d
++Print fields as decoded.
++.TP
++.I ht
++Print the handshake type.
++.TP
++.I H
++Print handshake type and highlights.
++.RE
++.TP
++\fIexpression\fP
+ .RS
+ Selects what packets ssldump will examine. Technically speaking,
+ ssldump supports the full expression syntax from PCAP and tcpdump.
+@@ -200,7 +240,7 @@ that ssldump will simply ignore. Only th
+ don't result in incomplete TCP streams are listed here.
+ .LP
+ The \fIexpression\fP consists of one or more
+-.I primitives.
++.IR primitives .
+ Primitives usually consist of an
+ .I id
+ (name or number) preceded by one or more qualifiers. There are three
+@@ -512,5 +552,11 @@ direct experience with ssldump on other
+ .LP
+ ssldump doesn't implement session caching and therefore can't decrypt
+ resumed sessions.
+-
+-
++.LP
++.SH SEE ALSO
++.LP
++.BR tcpdump (1)
++.LP
++.SH AUTHOR
++.LP
++ssldump was written by Eric Rescorla <ekr@rtfm.com>.
</ins></span></pre></div>
<a id="trunkdportsnetssldumpfilespatchreinstateynroffflagdiff"></a>
<div class="addfile"><h4>Added: trunk/dports/net/ssldump/files/patch-reinstate--y-nroff-flag.diff (0 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/files/patch-reinstate--y-nroff-flag.diff (rev 0)
+++ trunk/dports/net/ssldump/files/patch-reinstate--y-nroff-flag.diff 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -0,0 +1,24 @@
</span><ins>+Description: Reinstate the -y (nroff) flag
+Author: Simon Law <sfllaw@engmail.uwaterloo.ca>
+--- base/pcap-snoop.c
++++ base/pcap-snoop.c
+@@ -206,7 +205,7 @@ int main(argc,argv)
+
+ signal(SIGINT,sig_handler);
+
+- while((c=getopt(argc,argv,"vr:f:S:Ttai:k:p:nsAxXhHVNdqem:P"))!=EOF){
++ while((c=getopt(argc,argv,"vr:f:S:yTtai:k:p:nsAxXhHVNdqem:P"))!=EOF){
+ switch(c){
+ case 'v':
+ print_version();
+--- ssl/ssl_analyze.c
++++ ssl/ssl_analyze.c
+@@ -133,7 +133,7 @@ flag_struct flags[]={
+ SSL_PRINT_DECODE
+ },
+ {
+- 0,
++ 'y',
+ "nroff",
+ SSL_PRINT_NROFF
+ },
</ins></span></pre></div>
<a id="trunkdportsnetssldumpfilespatchssl_ssldecode_c"></a>
<div class="delfile"><h4>Deleted: trunk/dports/net/ssldump/files/patch-ssl_ssldecode_c (154190 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/files/patch-ssl_ssldecode_c 2016-10-23 19:18:35 UTC (rev 154190)
+++ trunk/dports/net/ssldump/files/patch-ssl_ssldecode_c 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -1,21 +0,0 @@
</span><del>-$OpenBSD: patch-ssl_ssldecode_c,v 1.1 2002/06/16 19:43:39 pvalchev Exp $
---- ssl/ssldecode.c.orig Sun Jun 16 13:41:46 2002
-+++ ssl/ssldecode.c Sun Jun 16 13:42:10 2002
-@@ -51,6 +51,7 @@
- #include <openssl/ssl.h>
- #include <openssl/hmac.h>
- #include <openssl/evp.h>
-+#include <openssl/md5.h>
- #include <openssl/x509v3.h>
- #endif
- #include "ssldecode.h"
-@@ -132,7 +132,8 @@
- ssl_decode_ctx *d=0;
- int r,_status;
-
-- SSLeay_add_all_algorithms();
-+ SSL_library_init();
-+ OpenSSL_add_all_algorithms();
- if(!(d=(ssl_decode_ctx *)malloc(sizeof(ssl_decode_ctx))))
- ABORT(R_NO_MEMORY);
- if(!(d->ssl_ctx=SSL_CTX_new(SSLv23_server_method())))
</del></span></pre></div>
<a id="trunkdportsnetssldumpfilespatchsupportTUNinterfacesdiff"></a>
<div class="addfile"><h4>Added: trunk/dports/net/ssldump/files/patch-support-TUN-interfaces.diff (0 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/files/patch-support-TUN-interfaces.diff (rev 0)
+++ trunk/dports/net/ssldump/files/patch-support-TUN-interfaces.diff 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -0,0 +1,19 @@
</span><ins>+Description: Add support for TUN interfaces
+Author: Roland Pallai <pallair@magex.hu>
+Bug-Debian: http://bugs.debian.org/610334
+Last-Update: 2016-03-11
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- base/pcap-snoop.c
++++ base/pcap-snoop.c
+@@ -157,6 +157,10 @@ void pcap_cb(ptr,hdr,data)
+ return;
+
+ break;
++ case DLT_LINUX_SLL:
++ data+=16;
++ len-=16;
++ break;
+ }
+ network_process_packet(n,&hdr->ts,data,len);
+ }
</ins></span></pre></div>
<a id="trunkdportsnetssldumpfilespatchupdateforglibc220diff"></a>
<div class="addfile"><h4>Added: trunk/dports/net/ssldump/files/patch-update-for-glibc2.20.diff (0 => 154191)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/dports/net/ssldump/files/patch-update-for-glibc2.20.diff (rev 0)
+++ trunk/dports/net/ssldump/files/patch-update-for-glibc2.20.diff 2016-10-23 19:26:27 UTC (rev 154191)
</span><span class="lines">@@ -0,0 +1,29 @@
</span><ins>+Description: Fix warning about deprecated macro _BSD_SOURCE
+ use _DEFAULT_SOURCE: _BSD_SOURCE and _SVID_SOURCE are deprecated since
+ glibc 2.20
+Author: Sophie Brun <sophie@freexian.com>
+Last-Update: 2016-03-11
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- configure
++++ configure
+@@ -1040,7 +1040,7 @@ fi
+
+ case "$target_os" in
+ linux*)
+- DEFINES="$DEFINES -D_BSD_SOURCE=1 -DLINUX"
++ DEFINES="$DEFINES -D_DEFAULT_SOURCE=1 -DLINUX"
+ ;;
+ solaris*)
+ LIBS="$LIBS -lsocket -lnsl"
+--- configure.in
++++ configure.in
+@@ -50,7 +50,7 @@ AC_CHECK_LIB(m, pow)
+ dnl System-specific stuff
+ case "$target_os" in
+ linux*)
+- DEFINES="$DEFINES -D_BSD_SOURCE=1 -DLINUX"
++ DEFINES="$DEFINES -D_DEFAULT_SOURCE=1 -DLINUX"
+ ;;
+ solaris*)
+ LIBS="$LIBS -lsocket -lnsl"
</ins></span></pre>
</div>
</div>
</body>
</html>