diff --git a/openssl-bins/Readme.md b/openssl-bins/Readme.md new file mode 100644 index 0000000..28de6c3 --- /dev/null +++ b/openssl-bins/Readme.md @@ -0,0 +1,6 @@ + +Compiling and Usage Instructions +================================ + +see Readme.md in bin directory + diff --git a/openssl-bins/make-openssl.sh b/openssl-bins/make-openssl.sh new file mode 100755 index 0000000..127448c --- /dev/null +++ b/openssl-bins/make-openssl.sh @@ -0,0 +1,79 @@ +#!/bin/bash + +echo +echo "have you patched yet?" +read a + +STDOPTIONS="--prefix=/usr/ --openssldir=/etc/ssl enable-zlib enable-ssl2 enable-rc5 enable-rc2 \ +enable-GOST enable-cms enable-md2 enable-mdc2 enable-ec enable-ec2m enable-ecdh enable-ecdsa \ +enable-seed enable-camellia enable-idea enable-rfc3779 experimental-jpake" + +clean() { + make clean + #[ $? -ne 0 ] && error "no openssl directory" + return 0 +} + +error() { + tput bold + echo "ERROR $1" + tput sgr0 + exit 2 +} + +makeall() { + make depend && make && make report + if [ $? -ne 0 ]; then + error "making" + fi + return 0 +} + +copyfiles() { + echo; apps/openssl version -a; echo + cp -p apps/openssl ../openssl$1 + echo + return $? +} + +case `uname -m` in + "i686") clean ; + if [[ "$1" = krb ]]; then + name2add=krb + ./config $STDOPTIONS no-ec_nistp_64_gcc_128 --with-krb5-flavor=MIT + else + name2add=static + ./config $STDOPTIONS no-ec_nistp_64_gcc_128 -static + fi + [ $? -ne 0 ] && error "configuring" + makeall && copyfiles "32-$name2add" + [ $? -ne 0 ] && error "copying files" + apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l + echo + echo "------------ all ok ------------" + echo + ;; + "x86_64") clean; + if [[ "$1" = krb ]]; then + name2add=krb + ./config $STDOPTIONS enable-ec_nistp_64_gcc_128 --with-krb5-flavor=MIT + else + name2add=static + ./config $STDOPTIONS enable-ec_nistp_64_gcc_128 -static + fi + [ $? -ne 0 ] && error "configuring" + makeall && copyfiles "64-$name2add" + [ $? -ne 0 ] && error "copying files" + apps/openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l + echo + echo "------------ all ok ------------" + echo + ;; + *) echo "architecture ???" + exit 1 + ;; +esac + +# vim:tw=90:ts=5:sw=5 +# $Id: make-openssl.sh,v 1.6 2015/04/02 07:39:27 dirkw Exp $ + diff --git a/openssl-bins/openssl-1.0.2-beta1/Readme.md b/openssl-bins/openssl-1.0.2-beta1/Readme.md deleted file mode 100644 index 4bdfaff..0000000 --- a/openssl-bins/openssl-1.0.2-beta1/Readme.md +++ /dev/null @@ -1,32 +0,0 @@ - -Instructions ----- - -Both versions here are compiled from OpenSSL 1.0.2-beta1. The - -* 64 bit version was compiled under Opensuse 12.3 -* 32 bit version was compiled under Ubuntu 12.04 LTS - -Both are statically linked, except a few libraries which are nowadays sometimes -hard to link in, i.e. the dynamic loader (libdl) and glibc (libc). - -If you want to compile OpenSSL yourself, here are my configure options: - -### for 32 Bit: -> --prefix=/usr/ --openssldir=/etc/ssl enable-zlib enable-ssl2 enable-rc5 enable-rc2 enable-gost enable-cms enable-md2 enable-mdc2 enable-rc5 enable-ec enable-ec2m enable-ecdh enable-ecdsa enable-seed enable-idea -Wa,--noexecstack no-dane no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-libunbound no-multiblock no-rfc3779 no-sctp no-shared no-ssl-trace no-store no-zlib-dynamic static-engine - -### for 64Bit: -> --prefix=/usr/ --openssldir=/etc/ssl enable-zlib enable-ssl2 enable-ec_nistp_64_gcc_128 enable-rc5 enable-rc2 enable-gost enable-cms enable-md2 enable-mdc2 enable-rc5 enable-ec enable-ec2m enable-ecdh enable-ecdsa enable-seed enable-idea -Wa,--noexecstack no-dane no-gmp no-jpake no-krb5 no-libunbound no-multiblock no-rfc3779 no-sctp no-shared no-ssl-trace no-store no-zlib-dynamic static-engine - -And: You have to patch the sources, see file vanilla.patch otherwise you miss the experimental -and some RC4/MD5 cipher suites. "openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l" lists for me 150 -ciphers as opposed to 109 from Ubuntu or Opensuse. More soon to come! - -**Don't use them for other purposes except testing!** - - -Enjoy, - -Dirk - - diff --git a/openssl-bins/openssl-1.0.2-beta1/openssl.i686 b/openssl-bins/openssl-1.0.2-beta1/openssl.i686 deleted file mode 100755 index d41e3b9..0000000 Binary files a/openssl-bins/openssl-1.0.2-beta1/openssl.i686 and /dev/null differ diff --git a/openssl-bins/openssl-1.0.2-beta1/openssl.i686.asc b/openssl-bins/openssl-1.0.2-beta1/openssl.i686.asc deleted file mode 100644 index 52a800c..0000000 --- a/openssl-bins/openssl-1.0.2-beta1/openssl.i686.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.19 (GNU/Linux) - -iD8DBQBTtWqtWZzt6LgYwDkRAh66AKDPH+8Z96WkGMY37JQ660TdCuiuNACfY6wi -RAhPwM6AiWqkJfcnltSJ9kc= -=eyei ------END PGP SIGNATURE----- diff --git a/openssl-bins/openssl-1.0.2-beta1/openssl.x86_64 b/openssl-bins/openssl-1.0.2-beta1/openssl.x86_64 deleted file mode 100755 index f2fc5a4..0000000 Binary files a/openssl-bins/openssl-1.0.2-beta1/openssl.x86_64 and /dev/null differ diff --git a/openssl-bins/openssl-1.0.2-beta1/openssl.x86_64.asc b/openssl-bins/openssl-1.0.2-beta1/openssl.x86_64.asc deleted file mode 100644 index 0788a8c..0000000 --- a/openssl-bins/openssl-1.0.2-beta1/openssl.x86_64.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.19 (GNU/Linux) - -iD8DBQBTtWqzWZzt6LgYwDkRAgXhAKCSnhieSIzcIxUSUlHThrLLmXp71QCg0K9e -bvp1NF/9InyxgD53PXddEA4= -=/OeI ------END PGP SIGNATURE----- diff --git a/openssl-bins/openssl-1.0.2-beta1/readme.txt b/openssl-bins/openssl-1.0.2-beta1/readme.txt deleted file mode 100644 index ee19b9d..0000000 --- a/openssl-bins/openssl-1.0.2-beta1/readme.txt +++ /dev/null @@ -1,29 +0,0 @@ -Both versions here are compiled from OpenSSL 1.0.2-beta1. The - -64 bit version was compiled under Opensuse 12.3 -32 bit version was compiled under Ubuntu 12.04 LTS - -Both are statically linked, except a few libraries which -are nowadays sometimes hard to link in, i.e. the dynamic -loader (libdl) and glibc (libc). - -If you want to compile OpenSSL yourself, here are my configure options: - -for 32 Bit: ---prefix=/usr/ --openssldir=/etc/ssl enable-zlib enable-ssl2 enable-rc5 enable-rc2 enable-gost enable-cms enable-md2 enable-mdc2 enable-rc5 enable-ec enable-ec2m enable-ecdh enable-ecdsa enable-seed enable-idea -Wa,--noexecstack no-dane no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-libunbound no-multiblock no-rfc3779 no-sctp no-shared no-ssl-trace no-store no-zlib-dynamic static-engine - -for 64Bit: ---prefix=/usr/ --openssldir=/etc/ssl enable-zlib enable-ssl2 enable-ec_nistp_64_gcc_128 enable-rc5 enable-rc2 enable-gost enable-cms enable-md2 enable-mdc2 enable-rc5 enable-ec enable-ec2m enable-ecdh enable-ecdsa enable-seed enable-idea -Wa,--noexecstack no-dane no-gmp no-jpake no-krb5 no-libunbound no-multiblock no-rfc3779 no-sctp no-shared no-ssl-trace no-store no-zlib-dynamic static-engine - -And: You have to patch the sources, see file vanilla.patch otherwise you miss the experimental -and some RC4/MD5 cipher suites. "openssl ciphers -V 'ALL:COMPLEMENTOFALL' | wc -l" lists for me 150 -ciphers as opposed to 109 from Ubuntu or Opensuse. More soon to come! - -Don't use them for other purposes except testing! - - -Enjoy, - -Dirk - - diff --git a/openssl-bins/openssl-1.0.2-beta1/vanilla.patch b/openssl-bins/openssl-1.0.2-beta1/vanilla.patch deleted file mode 100644 index 2af859d..0000000 --- a/openssl-bins/openssl-1.0.2-beta1/vanilla.patch +++ /dev/null @@ -1,31 +0,0 @@ ---- ./ssl/tls1.h.orig 2014-03-03 20:43:11.535295959 +0100 -+++ ./ssl/tls1.h 2014-03-03 20:43:25.911430196 +0100 -@@ -157,7 +157,7 @@ - extern "C" { - #endif - --#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0 -+#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1 - - #define TLS1_2_VERSION 0x0303 - #define TLS1_2_VERSION_MAJOR 0x03 ---- ./ssl/s2_lib.c.orig 2014-03-05 18:16:40.966589866 +0100 -+++ ./ssl/s2_lib.c 2014-03-05 18:17:36.572043680 +0100 -@@ -122,7 +122,7 @@ - - /* list of available SSLv2 ciphers (sorted by id) */ - OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[]={ --#if 0 -+#if 1 - /* NULL_WITH_MD5 v3 */ - { - 1, -@@ -254,7 +254,7 @@ - 168, - }, - --#if 0 -+#if 1 - /* RC4_64_WITH_MD5 */ - { - 1,