Subject: [Fwd: Fortified Communicator 4.6 for LinuxPPC]
From: Neil Jolly (njolly@home.com)
Date: Sun Sep 26 1999 - 18:53:52 MDT
Alvin Brattli wrote:
As people are probably aware of, Fortify (<http://www.fortify.net>) does
not work for Netscape Communicator 4.6, which is shipped with
LinuxPPC-1999. I finally got tired of waiting for Fortify to include
this version of Netscape, so I decided to try to do something about it
myself, and I am now sharing my results with the rest of you LinuxPPC
people.Examining the files that comes with the source version of Fortify, I
discovered that exactly the same things are being done for one specific
version of Netscape, regardless of platform. So, comparing Communicator
4.6 binaries for Linux/x86, Linux/Sparc, and Linux/PPC, I used a hex
editor to hand patch the PPC version according to the rules set out in
the morph-files for Communicator 4.6 for Linux/x86 and Linux/Sparc. The
result looks encouraging, and the Fortify SSL check web page
(<https://www.fortify.net/sslcheck.html>) reports that my (now formerly)
export-grade browser can utilize US domestic strength crypto.To do this yourself, you can either get the source version of Fortify
and build the binaries, or the ppc version and apply fix961212 to the
binaries included before proceeding. Next, add the following line to
the Index file that is located in the top catalog of the Fortify
distribution:15757980 - aabcd5f336acdd8bd7f74f9898b0f566 comm 4.6 0 2 morphs-1.2 ppc-unknown-linux2.0 -
The first number (15757980) is the filesize of the binary, and
"aabcd5f336acdd8bd7f74f9898b0f566" is its MD5 hash. If you are extra
paranoid, you can check these numbers before proceeding, although
Fortify will check this for you before touching the binary. An MD5
message digest program is included with Fortify.Next, extract the attached "morph-file", and put
it here:
ppc-unknown-linux2.0/comm-4.6/morphs-1.2Now make a backup copy of the netscape binary (you will most probably
find it here: /usr/lib/netscape/netscape-communicator), and apply
Fortify. If everything goes well, you will now have a version of
Netscape with US domestic strength crypto.I have reported this to the maintainers of Fortify, so if everyting is
OK, we will hopefully see it included in the next version.DISCLAIMER: Although I believe the above to be correct, I can in no way
guarantee it. I can not be held responsible for any forms of damage to
your system, loss of data, credit card numbers, or whatever. In short,
by applying the above Netscape Communicator binary, you are on your own,
and you cannot blaim me if something goes wrong as a direct or indirect
result of this.Enjoy,
aLViN
Here is the "morph-file" for Netscape Communicator 4.6 for LinuxPPC:
8<----- Cut here -----8<----- Cut here -----8<----- Cut here -----8<-----
# Copyright (C) 1997-1999 Farrell McKay
# All rights reserved.
#
# This file is part of the Fortify distribution, a toolkit for
# upgrading the cryptographic strength of the Netscape web browsers.
#
# This toolkit is provided to the recipient under the
# following terms and conditions:-
# 1. This copyright notice must not be removed or modified.
# 2. This toolkit may not be reproduced or included in any commercial
# media distribution, or commercial publication (for example CD-ROM,
# disk, book, magazine, journal) without first obtaining the author's
# express permission.
# 3. This toolkit, or any component of this toolkit, may not be
# used, resold, redeveloped, rewritten, enhanced or otherwise
# employed by a commercial organisation, or as part of a commercial
# venture, without first obtaining the author's express permission.
# 4. Subject to the above conditions being observed (1-3), this toolkit
# may be freely reproduced or redistributed.
# 5. To the extent permitted by applicable law, this software is
# provided "as-is", without warranty of any kind, including
# without limitation, the warrantees of merchantability,
# freedom from defect, non-infringement, and fitness for
# purpose. In no event shall the author be liable for any
# direct, indirect or consequential damages however arising
# and however caused.
# 6. Subject to the above conditions being observed (1-5),
# this toolkit may be used at no cost to the recipient.
#
# Farrell McKay
# Wayfarer Systems Pty Ltd contact@fortify.netinit {
grammar 1.2
target "comm-v46-export.ppc-unknown-linux2.0"
text_offset 0x1800000
data_offset 0x1840000
rodata_offset 0x1800000
}
version_str {
segment rodata
base 0x2369954
offset 0xd
old_value "Export,"
new_value "Fortify"
}
k0 {
segment data
base 0x2684850
offset 0x30
old_value 0x00 0x00 0x02 0x00
new_value 0x00 0x00 0x08 0x00
}
d0 {
segment data
base 0x2684850
offset 0x34
old_value 0x13 0x00 0x00 0x00
0x00 0x00 0x01 0x01
0x00 0x00 0x02 0x02
0x02 0x00 0x00 0x01
0x01 0x01 0x01 0x00
0x01
new_value 0x13 0x00 0x01 0x01
0x01 0x01 0x01 0x01
0x01 0x01 0x01 0x01
0x01 0x01 0x01 0x01
0x01 0x01 0x01 0x01
0x01
}
d1 {
segment data
base 0x2692db4
offset 0x34
old_value 0x07 0x00 0x00 0x00
0x00 0x00 0x01 0x01
0x01
new_value 0x07 0x00 0x01 0x01
0x01 0x01 0x01 0x01
0x01
}
d2 {
segment data
base 0x2692fe0
offset 0x34
old_value 0x09 0x00 0x00 0x00
0x00 0x00 0x00 0x00
0x00 0x01 0x01
new_value 0x09 0x00 0x01 0x01
0x01 0x01 0x01 0x01
0x01 0x01 0x01
}8<----- Cut here -----8<----- Cut here -----8<----- Cut here -----8<-----
--
:r .signature** Sent via the linuxppc-user mail list. See http://lists.linuxppc.org/
-- Neil Jolly (with Yoda-like voice) "Confrontation leads to anger... Anger leads to fear... Fear leads to using Windows NT in mission-critical combat systems... And this is how the ancients fell...
This archive was generated by hypermail 2a24 : Fri Oct 01 1999 - 16:13:45 MDT