Merge pull request #34 from jtesta/Windows-Port

Windows Port (credit jtesta)

.gitignore

@@ -1,5 +1,10 @@
+# object files
+*.o
+*.obj
+
 # compiled binary
 sslscan
+sslscan.exe
 
 # debian build of openssl
 openssl-*/

INSTALL

@@ -11,3 +11,103 @@ Manual Build:
 
       gcc -lssl -o sslscan sslscan.c
       clang -lssl -o sslscan sslscan.c
+
+----
+
+There are three ways to build a Windows executable:
+
+  1.) By cross-compiling on a Linux build machine using MinGW or Mingw-w64.
+
+  2.) By compiling on a Windows build machine using MinGW or Mingw-w64.
+
+  3.) By compiling on a Windows build machine using Visual Studio 2013
+      (other versions may also work, but are untested).
+
+  If you have a Debian-like Linux machine (such as Ubuntu), option #1 is BY
+FAR the easiest.  Note that installing Visual Studio and additional tools
+requires downloading gigabytes of data!
+
+  In any case, it is necessary to compile OpenSSL to ensure that all
+protocols and algorithms are enabled (note that some systems that package
+OpenSSL have some deprecated features such as SSLv2 turned off for safety
+reasons; we actually need those to test with). 
+
+
+I. Cross-compiling from Linux
+
+  A. Building a 64-bit Windows executable
+
+    0.) Install Mingw-w64.  On Debian-like systems, this can be done with:
+        apt-get install mingw-w64
+
+    1.) Compile OpenSSL with the following:
+        ./Configure --cross-compile-prefix=x86_64-w64-mingw32- \
+            -fstack-protector-all -D_FORTIFY_SOURCE=2 mingw64 shared
+        make
+
+    2.) Compile sslscan with the path to the OpenSSL directory:
+        make -f Makefile.mingw OPENSSL_PATH=../path/to/openssl
+
+
+  B. Building a 32-bit Windows executable
+
+    0.) Install MinGW.  On Debian-like systems, this can be done with:
+        apt-get install mingw32
+
+    1.) Compile OpenSSL with the following:
+        ./Configure --cross-compile-prefix=i586-mingw32msvc- \
+            -fstack-protector-all -D_FORTIFY_SOURCE=2 mingw shared
+        make
+
+    2.) Compile sslscan with the path to the OpenSSL directory:
+        DEFINES="-DWONKY_LINUX_MINGW=1" make -f Makefile.mingw \
+            OPENSSL_PATH=../path/to/openssl
+
+
+II. Compiling on Windows using Mingw
+
+  A. Building a 64-bit Windows executable
+
+    0.) Install Mingw-w64 from http://mingw-w64.sourceforge.net/.  Install
+        MSYS from http://www.mingw.org/.
+
+    1.) In an MSYS shell, compile OpenSSL with the following:
+       ./Configure mingw64 -fstack-protector-all -D_FORTIFY_SOURCE=2 shared
+       make
+
+    2.) In an MSYS shell, compile sslscan with the path to the OpenSSL
+           directory:
+       make -f Makefile.mingw OPENSSL_PATH=../path/to/openssl
+
+
+  B. Building a 32-bit Windows executable
+
+    0.) Install MinGW and MSYS from http://www.mingw.org/.
+
+    1.) In an MSYS shell, compile OpenSSL with the following:
+       ./Configure mingw -fstack-protector-all -D_FORTIFY_SOURCE=2 shared
+       make
+
+    2.) In an MSYS shell, compile sslscan with the path to the OpenSSL
+           directory:
+       make -f Makefile.mingw OPENSSL_PATH=../path/to/openssl
+
+
+III. Compiling on Windows using Visual Studio 2013 Express for Windows Desktop
+
+  A. Install Visual Studio 2013 Express for Windows Desktop:
+         http://go.microsoft.com/?linkid=9832280
+
+  B. Install the Windows Driver Kit 8.1:
+         http://go.microsoft.com/fwlink/p/?linkid=393659
+
+  C. Install ActivePerl Community Edition:
+         http://www.activestate.com/activeperl/downloads
+
+  D. In the VS2013 x64 Cross Tools Command Prompt, compile OpenSSL with:
+    perl Configure VC-WIN64A
+    ms\do_win64a
+    nmake -f ms\nt.mak
+
+  E. Inside the sslscan folder, compile sslscan with:
+    nmake -f Makefile.vs OPENSSL_PATH=path/to/openssl

Makefile.mingw

@@ -0,0 +1,43 @@
+# If we're in Linux, lets see if we can find the path to Mingw automatically...
+ifeq ($(shell uname), Linux)
+  MINGW32=$(shell which i586-mingw32msvc-gcc)
+  ifneq ($(MINGW32),)
+    CC=$(MINGW32)
+  endif
+
+  MINGW64=$(shell which x86_64-w64-mingw32-gcc)
+  ifneq ($(MINGW64),)
+    CC=$(MINGW64)
+  endif
+endif
+
+ifndef CC
+  CC=gcc
+endif
+
+.PHONY: clean
+
+# Enable security options like stack protectors and variable formatting checks.
+SECURITY_OPTIONS=-fstack-protector-all -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security
+
+# Turn on linker optimizations, and DEP support (--nxcompat)
+LINK_OPTIONS=-Wl,-O1 -Wl,--discard-all -Wl,--no-undefined -Wl,--dynamicbase -Wl,--nxcompat -static
+
+# Set ARCHITECTURE to either x86 or x86_64...
+ARCHITECTURE=32-bit
+ifeq ($(shell $(CC) -dumpmachine), x86_64-w64-mingw32)
+  ARCHITECTURE=64-bit
+endif
+
+# Set the version string for the program.
+VERSION = "$(shell grep -E -o -m 1 "[0-9]+\.[0-9]+\.[0-9]+" Changelog) Windows $(ARCHITECTURE) (Mingw)"
+
+
+all: sslscan
+
+sslscan: sslscan.c
+	$(CC) -I$(OPENSSL_PATH)/include -DVERSION=\"$(VERSION)\" $(DEFINES) $(SECURITY_OPTIONS) $(LINK_OPTIONS) -o sslscan.exe sslscan.c $(OPENSSL_PATH)/libssl.a $(OPENSSL_PATH)/libcrypto.a -lws2_32 -lgdi32
+	strip sslscan.exe
+
+clean:
+	rm -f *.o sslscan.exe

Makefile.vs

@@ -0,0 +1,15 @@
+LFLAGS=/nologo /dynamicbase /highentropyva /nxcompat /opt:ref /subsystem:console /ltcg
+CFLAGS=/nologo /GL /GS /Gs0 /Gw /MT /Ox -DVERSION="\"1.9.8 Windows 64-bit (VS)\""
+
+all: sslscan.exe
+
+sslscan.obj: sslscan.c
+	cl.exe $(CFLAGS) /I $(OPENSSL_PATH)/include /c sslscan.c
+
+sslscan.exe: sslscan.obj
+	link.exe $(LFLAGS) /out:sslscan.exe sslscan.obj $(OPENSSL_PATH)/out32/libeay32.lib $(OPENSSL_PATH)/out32/ssleay32.lib advapi32.lib gdi32.lib user32.lib ws2_32.lib
+
+clean:
+	del sslscan.obj sslscan.exe
+
+rebuild: clean all

TODO

@@ -12,7 +12,6 @@ Fix XMPP scans that do not support StartTLS:
 Add HTML report generation
 Add diff between reported and actually supported ciphers
 Make a Debian package
-Merge the Windows port into tip: http://code.google.com/p/sslscan-win/
 We should explictly check for things that may be NULL; the original author was not very careful.
 Perhaps write a GUI for people who are console adverse?
 Compare with http://www.thesprawl.org/memdump/?entry=7