ports/contrib (3.5): [notify] skipfish: fixed build, new dependency openssl1
commit 127f58cd931e866458dc014548e0a5c8381a8fd3 Author: Tim Biermann <tbier@posteo.de> Date: Thu May 28 16:08:30 2020 +0000 [notify] skipfish: fixed build, new dependency openssl1 diff --git a/skipfish/.signature b/skipfish/.signature index 65f085c0c..1b962f960 100644 --- a/skipfish/.signature +++ b/skipfish/.signature @@ -1,5 +1,7 @@ untrusted comment: verify with /etc/ports/contrib.pub -RWSagIOpLGJF396esbLZ7sD0rEVs3GIfFmnfPYAFQR9kk1fhracRsJj61DB9nj1BfNrULbf6nRgoEIXy40fPS87PvW2fFGRFQgY= -SHA256 (Pkgfile) = a95fb581aeca65ac365305737a71f2f407a616bbea98922abdc4cb78d57c8949 +RWSagIOpLGJF3xdxK3+UCc2Tzyv0ybch0HiA55HslkBApsTKPZo2WrSanF05r9RnEUO0lYBYsGvc+ofJ2/ObkROFhDvRvLffegc= +SHA256 (Pkgfile) = bc6a17517829c15f2952eff3f2c68c8a431358ef97c1125520669c3476985fdc SHA256 (.footprint) = df675d7d0e900e9960b5d5c6db3f3d30ab6822c93077f64e5c29b93f286b7338 SHA256 (skipfish-2.10b.tgz) = 1a4fbc9d013f1f9b970946ea7228d943266127b7f4100c994ad26c82c5352a9e +SHA256 (skipfish.patch) = 096e9f7095a499605c8bf29bb9737397e9d5a168ec47888004dc8c2e7ceb0b62 +SHA256 (skipfish-openssl-1.0.patch) = ac606b9b3f64dedca2560cca5b36d76cf93c5d6f82212866e6748794d6feb55c diff --git a/skipfish/Pkgfile b/skipfish/Pkgfile index b768ac11c..81c8632fb 100644 --- a/skipfish/Pkgfile +++ b/skipfish/Pkgfile @@ -1,22 +1,25 @@ # Description: web application security scanner # URL: http://code.google.com/p/skipfish/ # Maintainer: Thomas Penteker, tek at serverop dot de -# Depends on: libpcre openssl zlib libidn +# Depends on: libpcre openssl1 zlib libidn name=skipfish version=2.10b release=1 source=(https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.... - skipfish.patch) + skipfish.patch skipfish-openssl-1.0.patch) build() { cd $name-$version patch -Np0 -i $SRC/skipfish.patch + patch -Np0 -i $SRC/skipfish-openssl-1.0.patch sed -i -e 's|"assets"|"/usr/share/skipfish/assets"|g' src/config.h sed -i -e 's|"signatures/|"/usr/share/skipfish/signatures/|g' src/config.h sed -i -e 's|include signatures/|include /usr/share/skipfish/signatures/|g' signatures/signatures.conf + CFLAGS+=" -I/usr/include/openssl-1.0" + LDFLAGS+=" -I/usr/lib/openssl-1.0" make rm assets/COPYING diff --git a/skipfish/skipfish-openssl-1.0.patch b/skipfish/skipfish-openssl-1.0.patch new file mode 100644 index 000000000..e40d604cd --- /dev/null +++ b/skipfish/skipfish-openssl-1.0.patch @@ -0,0 +1,19 @@ +--- Makefile.orig 2020-05-28 16:04:48.412888331 +0000 ++++ Makefile 2020-05-28 16:06:02.901701194 +0000 +@@ -33,13 +33,13 @@ + OBJFILES = $(patsubst %,$(SRCDIR)/%,$(SFILES)) + INCFILES = $(patsubst %,$(SRCDIR)/%,$(IFILES)) + +-CFLAGS_GEN = -Wall -funsigned-char -g -ggdb -I/usr/local/include/ \ +- -I/opt/local/include/ $(CFLAGS) -DVERSION=\"$(VERSION)\" ++CFLAGS_GEN = -Wall -funsigned-char -g -ggdb -I/usr/include/openssl-1.0 \ ++ -I/usr/include/ $(CFLAGS) -DVERSION=\"$(VERSION)\" + CFLAGS_DBG = -DLOG_STDERR=1 -DDEBUG_ALLOCATOR=1 \ + $(CFLAGS_GEN) + CFLAGS_OPT = -O3 -Wno-format $(CFLAGS_GEN) + +-LDFLAGS += -L/usr/local/lib/ -L/opt/local/lib ++LDFLAGS += -L/usr/lib/openssl-1.0 -L/usr/lib + LIBS += -lcrypto -lssl -lidn -lz -lpcre + + all: $(PROGNAME) diff --git a/skipfish/skipfish.patch b/skipfish/skipfish.patch new file mode 100644 index 000000000..a88924677 --- /dev/null +++ b/skipfish/skipfish.patch @@ -0,0 +1,49 @@ +--- src/config.h 2012-09-01 07:53:25.000000000 +0200 ++++ src/config.h.new 2012-09-05 09:08:37.099387176 +0200 +@@ -35,10 +35,10 @@ + + /* Default paths to runtime files: */ + +-#define ASSETS_DIR "assets" ++#define ASSETS_DIR "/usr/share/skipfish/assets" + + /* Default signature file */ +-#define SIG_FILE "signatures/signatures.conf" ++#define SIG_FILE "/usr/share/skipfish/signatures/signatures.conf" + + /* Various default settings for HTTP client (cmdline override): */ + + +--- signatures/signatures.conf 2012-09-01 07:53:25.000000000 +0200 ++++ signatures/signatures.conf.new 2012-09-05 09:09:10.027968510 +0200 +@@ -6,23 +6,23 @@ + # The mime signatures warn about server responses that have an interesting + # mime. For example anything that is presented as php-source will likely + # be interesting +-include signatures/mime.sigs ++include /usr/share/skipfish/signatures/mime.sigs + + # The files signature will use the content to determine if a response + # is an interesting file. For example, a SVN file. +-include signatures/files.sigs ++include /usr/share/skipfish/signatures/files.sigs + + # The messages signatures look for interesting server messages. Most + # are based on errors, such as caused by incorrect SQL queries or PHP + # execution failures. +-include signatures/messages.sigs ++include /usr/share/skipfish/signatures/messages.sigs + + # The apps signatures will help to find pages and applications who's + # functionality is a security risk by default. For example, phpinfo() + # pages that leak information or CMS admin interfaces. +-include signatures/apps.sigs ++include /usr/share/skipfish/signatures/apps.sigs + + # Context signatures are linked to injection tests. They look for strings + # that are relevant to the current injection test and help to highlight + # potential vulnerabilities. +-include signatures/context.sigs ++include /usr/share/skipfish/signatures/context.sigs + +
participants (1)
-
crux@crux.nu