RHEL install with yum

[jsdads11]

Is there a RHEL based install for sslscan ? doesn't seem to work off the bat on my test RHEL machine - maybe a way to convert the apt based installer to a rpm based one ? thanks Tony

[rbsec]

You should be able to compile it using make static on RHEL based distros as long as you have the required dependencies installed (whatever the distros equivalents of build-essential git zlib1g-dev are, plus the build dependencies of OpenSSL).

But in terms of an prebuilt RPM package, that would be up to the distro maintainers.

[n8rade]

I made it far enough to get this error on a RHEL 9.1 install:

make[2]: Leaving directory '/root/sslscan/openssl'
make[1]: Leaving directory '/root/sslscan/openssl'
make -j `/usr/bin/nproc --all` sslscan STATIC_BUILD=TRUE
make[1]: Entering directory '/root/sslscan'
cc -o sslscan -Wall -Wformat=2 -Wformat-security -Wno-deprecated-declarations -pie -z relro -z now -L/root/sslscan/openssl/ -D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -std=gnu11 -I/root/sslscan/openssl/include/ -I/root/sslscan/openssl/  -DVERSION=\"2.0.15-7-gbc46606-static\" sslscan.c -lssl -lcrypto -lz -lpthread -ldl
In file included from /usr/include/netdb.h:25,
                 from sslscan.c:90:
/usr/include/features.h:412:4: warning: #warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Wcpp]
  412 | #  warning _FORTIFY_SOURCE requires compiling with optimization (-O)
      |    ^~~~~~~
make[1]: Leaving directory '/root/sslscan'

Which appears to match this issue and is caused by the gcc version according to the comments in the commit: znc/znc#887 // znc/znc@0734c6a

On my RHEL 9.1 server I needed to install make, perl, and zlib-devel to make it this far on top whatever was previously installed.

I also ran into the same error on an EL 8.7 server I had running. I needed to install gcc on that server in addition to the 3 above.

[jms1voalte]

I ran into the same thing, trying to build an RPM for CentOS 7 (under Docker). I worked around this particular problem by adding a -O option to the line which sets _FORTIFY_SOURCE, but I ran into some other errors.

Host:

docker run -it --rm centos:7

Container:

yum -y update && yum -y install gcc git make perl-IPC-Cmd rpm-build zlib-devel zlib-static
git clone https://github.com/rbsec/sslscan
cd sslscan
sed -i '/_FORTIFY_SOURCE/s/$/ -O/' Makefile
make static

Errors:

...
make[1]: Entering directory `/root/sslscan'
cc -o sslscan -Wall -Wformat=2 -Wformat-security -Wno-deprecated-declarations -pie -z relro -z now -L/root/sslscan/openssl/ -D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -O -std=gnu11 -I/root/sslscan/openssl/include/ -I/root/sslscan/openssl/  -DVERSION=\"2.1.1-wip-static\" sslscan.c -lssl -lcrypto -lz -lpthread -ldl
sslscan.c: In function 'readLine':
sslscan.c:251:10: warning: ignoring return value of 'fgets', declared with attribute warn_unused_result [-Wunused-result]
     fgets(lineFromFile, maxSize, input);
          ^
sslscan.c: In function 'testFallback':
sslscan.c:1254:21: warning: 'secondMethod' may be used uninitialized in this function [-Wmaybe-uninitialized]
         testFallback(options, secondMethod);
                     ^
sslscan.c: In function 'showCertificate':
sslscan.c:2902:59: warning: 'xml_bp' may be used uninitialized in this function [-Wmaybe-uninitialized]
                                             if (BIO_printf(xml_bp,"</serial>\n") <= 0)
                                                           ^
make[1]: Leaving directory `/root/sslscan'
[root@f78722357f70 sslscan]#