SHA256
1
0
forked from pool/sslscan
sslscan/fedora-sslscan-patents.patch
Marcus Meissner 4c93bfb109 Accepting request 438006 from home:weberho:branches:security
The latest version can not be compiled with SLE_11 and SLE12 w/o SP, but it brings a lot of great features:
  * Support for
    - STARTTLS: POP3, IMAP, FTP, XMPP
    - PostgreSQL
    - IPv6 addresses
    - TLSv1.1 and TLSv1.2
    - XMPP server-to-server connections
  * Added check for 
    - OpenSSL Heartbleed
    - POODLE
  * Highlight the following issues
    - weak RSA and DHE keys in output
    - SSLv2, SSLv3, RC4 ciphers
    - anonymous ADH and AECDH ciphers
    - weak (n <= 40 bit) and medium (40 < n <= 56 bit)
  * Certificates
    - Display certificate signing algorithm highlighting weak algorithms.
    - Display certificate key strength highlighting weak keys.
    - Flag expired certificates
  * Most secure protocols are scanned first
  * Display cipher details by default

OBS-URL: https://build.opensuse.org/request/show/438006
OBS-URL: https://build.opensuse.org/package/show/security/sslscan?expand=0&rev=3
2016-10-31 11:09:56 +00:00

27 lines
1.8 KiB
Diff

diff -ur sslscan-1.11.0-rbsec-orig/sslscan.c sslscan-1.11.0-rbsec/sslscan.c
--- sslscan-1.11.0-rbsec-orig/sslscan.c 2015-09-24 16:18:55.000000000 +0200
+++ sslscan-1.11.0-rbsec/sslscan.c 2016-10-27 11:10:40.634492563 +0200
@@ -1613,18 +1613,21 @@
printf(" DSA Public Key: NULL\n");
}
break;
+ /* Comment out patented technology not enabled in Fedora */
+ /*
case EVP_PKEY_EC:
if (publicKey->pkey.ec)
{
// TODO - display key strength
printf_xml(" <pk error=\"false\" type=\"EC\" />\n");
- /* EC_KEY_print(stdoutBIO, publicKey->pkey.ec, 6); */
+ // EC_KEY_print(stdoutBIO, publicKey->pkey.ec, 6);
}
else
{
printf(" EC Public Key: NULL\n");
}
break;
+ */
default:
printf(" Public Key: Unknown\n");
printf_xml(" <pk error=\"true\" type=\"unknown\" />\n");