From 2ae3c7af3394b92de2b823c1ef5f7789d8ee4778 Mon Sep 17 00:00:00 2001
From: Juan RP <xtraeme@gmail.com>
Date: Mon, 4 Aug 2014 18:41:16 +0200
Subject: [PATCH] sslscan: switch to libressl.

---
 srcpkgs/sslscan/patches/libressl.patch | 133 +++++++++++++++++++++++++
 srcpkgs/sslscan/template               |   4 +-
 2 files changed, 135 insertions(+), 2 deletions(-)
 create mode 100644 srcpkgs/sslscan/patches/libressl.patch

diff --git a/srcpkgs/sslscan/patches/libressl.patch b/srcpkgs/sslscan/patches/libressl.patch
new file mode 100644
index 0000000000..098f97a756
--- /dev/null
+++ b/srcpkgs/sslscan/patches/libressl.patch
@@ -0,0 +1,133 @@
+LibreSSL patch by xtraeme:
+
+- SSLv2_client_method() completely removed; SSLv2 is unsupported.
+- SSL_METHOD has been const'ified.
+
+--- sslscan.1.orig	2014-08-04 18:31:56.219747964 +0200
++++ sslscan.1	2014-08-04 18:32:12.762885840 +0200
+@@ -34,10 +34,6 @@ ports (i.e. host:port). One target per l
+ List only accepted ciphers
+ (default is to listing all ciphers).
+ .TP
+-.B \-\-ssl2
+-.br
+-Only check SSLv2 ciphers.
+-.TP
+ .B \-\-ssl3
+ .br
+ Only check SSLv3 ciphers.
+--- sslscan.c.orig	2009-09-01 14:35:59.000000000 +0200
++++ sslscan.c	2014-08-04 18:38:11.405056914 +0200
+@@ -91,7 +91,7 @@ struct sslCipher
+ 	char *version;
+ 	int bits;
+ 	char description[512];
+-	SSL_METHOD *sslMethod;
++	const SSL_METHOD *sslMethod;
+ 	struct sslCipher *next;
+ };
+ 
+@@ -125,7 +125,7 @@ struct sslCheckOptions
+ 
+ 
+ // Adds Ciphers to the Cipher List structure
+-int populateCipherList(struct sslCheckOptions *options, SSL_METHOD *sslMethod)
++int populateCipherList(struct sslCheckOptions *options, const SSL_METHOD *sslMethod)
+ {
+ 	// Variables...
+ 	int returnCode = true;
+@@ -563,16 +563,7 @@ int testCipher(struct sslCheckOptions *o
+ 					}
+ 					if (options->xmlOutput != 0)
+ 						fprintf(options->xmlOutput, " sslversion=\"");
+-					if (sslCipherPointer->sslMethod == SSLv2_client_method())
+-					{
+-						if (options->xmlOutput != 0)
+-							fprintf(options->xmlOutput, "SSLv2\" bits=\"");
+-						if (options->pout == true)
+-							printf("SSLv2 || ");
+-						else
+-							printf("SSLv2  ");
+-					}
+-					else if (sslCipherPointer->sslMethod == SSLv3_client_method())
++					if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ 					{
+ 						if (options->xmlOutput != 0)
+ 							fprintf(options->xmlOutput, "SSLv3\" bits=\"");
+@@ -645,7 +636,7 @@ int testCipher(struct sslCheckOptions *o
+ 
+ 
+ // Test for prefered ciphers
+-int defaultCipher(struct sslCheckOptions *options, SSL_METHOD *sslMethod)
++int defaultCipher(struct sslCheckOptions *options, const SSL_METHOD *sslMethod)
+ {
+ 	// Variables...
+ 	int cipherStatus;
+@@ -688,16 +679,7 @@ int defaultCipher(struct sslCheckOptions
+ 						cipherStatus = SSL_connect(ssl);
+ 						if (cipherStatus == 1)
+ 						{
+-							if (sslMethod == SSLv2_client_method())
+-							{
+-								if (options->xmlOutput != 0)
+-									fprintf(options->xmlOutput, "  <defaultcipher sslversion=\"SSLv2\" bits=\"");
+-								if (options->pout == true)
+-									printf("|| SSLv2 || ");
+-								else
+-									printf("    SSLv2  ");
+-							}
+-							else if (sslMethod == SSLv3_client_method())
++							if (sslMethod == SSLv3_client_method())
+ 							{
+ 								if (options->xmlOutput != 0)
+ 									fprintf(options->xmlOutput, "  <defaultcipher sslversion=\"SSLv3\" bits=\"");
+@@ -793,7 +775,7 @@ int getCertificate(struct sslCheckOption
+ 	BIO *fileBIO = NULL;
+ 	X509 *x509Cert = NULL;
+ 	EVP_PKEY *publicKey = NULL;
+-	SSL_METHOD *sslMethod = NULL;
++	const SSL_METHOD *sslMethod = NULL;
+ 	ASN1_OBJECT *asn1Object = NULL;
+ 	X509_EXTENSION *extension = NULL;
+ 	char buffer[1024];
+@@ -1192,15 +1174,10 @@ int testHost(struct sslCheckOptions *opt
+ 		switch (options->sslVersion)
+ 		{
+ 			case ssl_all:
+-				status = defaultCipher(options, SSLv2_client_method());
+-				if (status != false)
+ 					status = defaultCipher(options, SSLv3_client_method());
+ 				if (status != false)
+ 					status = defaultCipher(options, TLSv1_client_method());
+ 				break;
+-			case ssl_v2:
+-				status = defaultCipher(options, SSLv2_client_method());
+-				break;
+ 			case ssl_v3:
+ 				status = defaultCipher(options, SSLv3_client_method());
+ 				break;
+@@ -1298,10 +1275,6 @@ int main(int argc, char *argv[])
+ 			options.starttls = true;
+ 		}
+ 
+-		// SSL v2 only...
+-		else if (strcmp("--ssl2", argv[argLoop]) == 0)
+-			options.sslVersion = ssl_v2;
+-
+ 		// SSL v3 only...
+ 		else if (strcmp("--ssl3", argv[argLoop]) == 0)
+ 			options.sslVersion = ssl_v3;
+@@ -1415,13 +1388,9 @@ int main(int argc, char *argv[])
+ 			switch (options.sslVersion)
+ 			{
+ 				case ssl_all:
+-					populateCipherList(&options, SSLv2_client_method());
+ 					populateCipherList(&options, SSLv3_client_method());
+ 					populateCipherList(&options, TLSv1_client_method());
+ 					break;
+-				case ssl_v2:
+-					populateCipherList(&options, SSLv2_client_method());
+-					break;
+ 				case ssl_v3:
+ 					populateCipherList(&options, SSLv3_client_method());
+ 					break;
diff --git a/srcpkgs/sslscan/template b/srcpkgs/sslscan/template
index 168cdd8c37..429ccdb1ad 100644
--- a/srcpkgs/sslscan/template
+++ b/srcpkgs/sslscan/template
@@ -1,9 +1,9 @@
 # Template file for 'sslscan'
 pkgname=sslscan
 version=1.8.2
-revision=1
+revision=2
 build_style=gnu-makefile
-makedepends="openssl-devel"
+makedepends="libressl-devel"
 short_desc="A Fast SSL scanner"
 maintainer="Juan RP <xtraeme@gmail.com>"
 license="GPL-2"