From f6be6295950195fd089f0d6956942ae57030e8cc Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Mon, 13 Apr 2020 21:23:22 +0200 Subject: [PATCH] sslscan: enabling scanning for sslv3 --- pkgs/development/libraries/openssl/default.nix | 3 ++- pkgs/top-level/all-packages.nix | 5 ++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 322034b9fa7..25cf73e874a 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -1,6 +1,7 @@ { stdenv, fetchurl, buildPackages, perl, coreutils , withCryptodev ? false, cryptodev , enableSSL2 ? false +, enableSSL3 ? false , static ? false }: @@ -76,6 +77,7 @@ let "-DHAVE_CRYPTODEV" "-DUSE_CRYPTODEV_DIGESTS" ] ++ stdenv.lib.optional enableSSL2 "enable-ssl2" + ++ stdenv.lib.optional enableSSL3 "enable-ssl3" ++ stdenv.lib.optional (versionAtLeast version "1.1.0" && stdenv.hostPlatform.isAarch64) "no-afalgeng" # OpenSSL needs a specific `no-shared` configure flag. # See https://wiki.openssl.org/index.php/Compilation_and_Installation#Configure_Options @@ -164,5 +166,4 @@ in { ]; withDocs = true; }; - } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d7346c8ae1c..8928aaab157 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6742,7 +6742,10 @@ in sshpass = callPackage ../tools/networking/sshpass { }; sslscan = callPackage ../tools/security/sslscan { - openssl = openssl_1_0_2.override { enableSSL2 = true; }; + openssl = openssl_1_0_2.override { + enableSSL2 = true; + enableSSL3 = true; + }; }; sslmate = callPackage ../development/tools/sslmate { };