pool/scamper
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- remove new-openssl.patch, included upstream

Browse Source 
- update to version 20171204:
 - scamper:
   * add a blind-fin tbit test, which tests receiver behavior to TCP FIN
     packets which could have come from an off-path attacker.
 - sc_radargun:
   * add -d 2 option, which dumps interface IP-ID behavior classifications.

OBS-URL: https://build.opensuse.org/package/show/network:utilities/scamper?expand=0&rev=10
This commit is contained in:
Sebastian Wagner 2017-12-04 08:48:06 +00:00 committed by Git OBS Bridge
parent d5513388c9
commit ae6e3389f3
5 changed files with 15 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
new-openssl.patch
View File

@ -1,61 +0,0 @@
Index: scamper/scamper_control.c
===================================================================
RCS file: /home/mjl/cvsroot/scamper/scamper/scamper_control.c,v
retrieving revision 1.194
diff -u -p -r1.194 scamper_control.c
--- scamper/scamper_control.c 12 Jul 2017 07:23:15 -0000 1.194
+++ scamper/scamper_control.c 30 Nov 2017 21:01:56 -0000
@@ -2495,6 +2495,7 @@ static int remote_sock_ssl_init(control_
* it is based on post_connection_check in "Network Security with
* OpenSSL" by John Viega, Matt Messier, and Pravir Chandra.
*/
+#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
static int remote_sock_is_valid_cert(control_remote_t *rm)
{
X509 *cert = NULL;
@@ -2562,6 +2563,7 @@ static int remote_sock_is_valid_cert(con
if(cert != NULL) X509_free(cert);
return rc;
}
+#endif /* OpenSSL version < 1.1.0 */
#endif
/*
@@ -2963,8 +2965,10 @@ static int remote_read_sock(control_remo
if(SSL_is_init_finished(rm->ssl) != 0 ||
(rc = SSL_do_handshake(rm->ssl)) > 0)
{
+#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
if(remote_sock_is_valid_cert(rm) == 0)
return -1;
+#endif
rm->mode = SSL_MODE_ESTABLISHED;
}
if(remote_sock_ssl_want_read(rm) < 0)
@@ -3296,6 +3300,11 @@ int scamper_control_add_remote(const cha
{
uint32_t u32;
+#if defined(HAVE_OPENSSL) && \
+ defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+ X509_VERIFY_PARAM *param = NULL;
+#endif
+
if((ctrl_rem = malloc_zero(sizeof(control_remote_t))) == NULL ||
(ctrl_rem->list = dlist_alloc()) == NULL ||
(ctrl_rem->sq = scamper_queue_alloc(NULL)) == NULL)
@@ -3316,6 +3325,14 @@ int scamper_control_add_remote(const cha
}
SSL_CTX_set_options(tls_ctx,
SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1);
+
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+ param = SSL_CTX_get0_param(tls_ctx);
+ X509_VERIFY_PARAM_set_hostflags(param,
+ X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+ X509_VERIFY_PARAM_set1_host(param, name, 0);
+#endif
+
SSL_CTX_set_verify(tls_ctx, SSL_VERIFY_PEER, NULL);
/* load the default set of certs into the SSL context */

3
scamper-cvs-20170822.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b239f3c302a4c39b329835794b31a9c80da2b2b43baa674ad881a78f4fc5892c
size 1670353

3
scamper-cvs-20171204.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:556596a138b6a403fbe105affdc7beb8fa98e292767304378c8308fa11b73529
size 1671056

11
scamper.changes
View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Mon Dec 4 08:40:18 UTC 2017 - sebix+novell.com@sebix.at
- remove new-openssl.patch, included upstream
- update to version 20171204:
- scamper:
* add a blind-fin tbit test, which tests receiver behavior to TCP FIN
packets which could have come from an off-path attacker.
- sc_radargun:
* add -d 2 option, which dumps interface IP-ID behavior classifications.
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Nov 30 21:22:24 UTC 2017 - sebix+novell.com@sebix.at Thu Nov 30 21:22:24 UTC 2017 - sebix+novell.com@sebix.at

5
scamper.spec
View File

@ -18,15 +18,13 @@
Name: scamper Name: scamper
Version: 20170822 Version: 20171204
Release: 0 Release: 0
Summary: Parallel Internet measurement utility Summary: Parallel Internet measurement utility
License: GPL-2.0 License: GPL-2.0
Group: Productivity/Networking/Diagnostic Group: Productivity/Networking/Diagnostic
Url: https://www.caida.org/tools/measurement/scamper/ Url: https://www.caida.org/tools/measurement/scamper/
Source: https://www.caida.org/tools/measurement/%{name}/code/%{name}-cvs-%{version}.tar.gz Source: https://www.caida.org/tools/measurement/%{name}/code/%{name}-cvs-%{version}.tar.gz
# PATCH-FIX-UPSTREAM new-openssl.patch -- from developer, new release will come soon
Patch0: new-openssl.patch
BuildRequires: libopenssl-devel BuildRequires: libopenssl-devel
BuildRequires: pkgconfig BuildRequires: pkgconfig
@ -75,7 +73,6 @@ libscamperfile library.
%prep %prep
%setup -q -n %{name}-cvs-%{version} %setup -q -n %{name}-cvs-%{version}
%patch0
%build %build
%configure --disable-static %configure --disable-static