diff --git a/new-openssl.patch b/new-openssl.patch deleted file mode 100644 index 96c3c4d..0000000 --- a/new-openssl.patch +++ /dev/null @@ -1,61 +0,0 @@ -Index: scamper/scamper_control.c -=================================================================== -RCS file: /home/mjl/cvsroot/scamper/scamper/scamper_control.c,v -retrieving revision 1.194 -diff -u -p -r1.194 scamper_control.c ---- scamper/scamper_control.c 12 Jul 2017 07:23:15 -0000 1.194 -+++ scamper/scamper_control.c 30 Nov 2017 21:01:56 -0000 -@@ -2495,6 +2495,7 @@ static int remote_sock_ssl_init(control_ - * it is based on post_connection_check in "Network Security with - * OpenSSL" by John Viega, Matt Messier, and Pravir Chandra. - */ -+#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L - static int remote_sock_is_valid_cert(control_remote_t *rm) - { - X509 *cert = NULL; -@@ -2562,6 +2563,7 @@ static int remote_sock_is_valid_cert(con - if(cert != NULL) X509_free(cert); - return rc; - } -+#endif /* OpenSSL version < 1.1.0 */ - #endif - - /* -@@ -2963,8 +2965,10 @@ static int remote_read_sock(control_remo - if(SSL_is_init_finished(rm->ssl) != 0 || - (rc = SSL_do_handshake(rm->ssl)) > 0) - { -+#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L - if(remote_sock_is_valid_cert(rm) == 0) - return -1; -+#endif - rm->mode = SSL_MODE_ESTABLISHED; - } - if(remote_sock_ssl_want_read(rm) < 0) -@@ -3296,6 +3300,11 @@ int scamper_control_add_remote(const cha - { - uint32_t u32; - -+#if defined(HAVE_OPENSSL) && \ -+ defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L -+ X509_VERIFY_PARAM *param = NULL; -+#endif -+ - if((ctrl_rem = malloc_zero(sizeof(control_remote_t))) == NULL || - (ctrl_rem->list = dlist_alloc()) == NULL || - (ctrl_rem->sq = scamper_queue_alloc(NULL)) == NULL) -@@ -3316,6 +3325,14 @@ int scamper_control_add_remote(const cha - } - SSL_CTX_set_options(tls_ctx, - SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1); -+ -+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L -+ param = SSL_CTX_get0_param(tls_ctx); -+ X509_VERIFY_PARAM_set_hostflags(param, -+ X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); -+ X509_VERIFY_PARAM_set1_host(param, name, 0); -+#endif -+ - SSL_CTX_set_verify(tls_ctx, SSL_VERIFY_PEER, NULL); - - /* load the default set of certs into the SSL context */ diff --git a/scamper-cvs-20170822.tar.gz b/scamper-cvs-20170822.tar.gz deleted file mode 100644 index 87aa423..0000000 --- a/scamper-cvs-20170822.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b239f3c302a4c39b329835794b31a9c80da2b2b43baa674ad881a78f4fc5892c -size 1670353 diff --git a/scamper-cvs-20171204.tar.gz b/scamper-cvs-20171204.tar.gz new file mode 100644 index 0000000..4ec161d --- /dev/null +++ b/scamper-cvs-20171204.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:556596a138b6a403fbe105affdc7beb8fa98e292767304378c8308fa11b73529 +size 1671056 diff --git a/scamper.changes b/scamper.changes index a79be79..234c4d9 100644 --- a/scamper.changes +++ b/scamper.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Mon Dec 4 08:40:18 UTC 2017 - sebix+novell.com@sebix.at + +- remove new-openssl.patch, included upstream +- update to version 20171204: + - scamper: + * add a blind-fin tbit test, which tests receiver behavior to TCP FIN + packets which could have come from an off-path attacker. + - sc_radargun: + * add -d 2 option, which dumps interface IP-ID behavior classifications. + ------------------------------------------------------------------- Thu Nov 30 21:22:24 UTC 2017 - sebix+novell.com@sebix.at diff --git a/scamper.spec b/scamper.spec index 6283a81..bd6d311 100644 --- a/scamper.spec +++ b/scamper.spec @@ -18,15 +18,13 @@ Name: scamper -Version: 20170822 +Version: 20171204 Release: 0 Summary: Parallel Internet measurement utility License: GPL-2.0 Group: Productivity/Networking/Diagnostic Url: https://www.caida.org/tools/measurement/scamper/ Source: https://www.caida.org/tools/measurement/%{name}/code/%{name}-cvs-%{version}.tar.gz -# PATCH-FIX-UPSTREAM new-openssl.patch -- from developer, new release will come soon -Patch0: new-openssl.patch BuildRequires: libopenssl-devel BuildRequires: pkgconfig @@ -75,7 +73,6 @@ libscamperfile library. %prep %setup -q -n %{name}-cvs-%{version} -%patch0 %build %configure --disable-static