added -O option to support SSL servers that are SSLv3 only

CHANGES

@@ -2,6 +2,7 @@ Changelog for hydra
 -------------------
 
 Release 8.2-pre
+* Added new -O option to hydra to support SSL servers that do not suport TLS
 * Added xhydra gtk patche by Petar Kaleychev to support modules that do not use usernames
 * Better library finding in ./configure for SVN + support for Darwin Homebrew
 * Fixed http-form module crash that only occurs on *BSD/OSX systems. Thanks to zdk for reporting!

hydra-mod.c

@@ -47,6 +47,7 @@ int __first_connect = 1;
 char ipstring[64];
 unsigned int colored_output = 1;
 char quiet = 0;
+int old_ssl = 0;
 
 #ifdef LIBOPENSSL
 SSL *ssl = NULL;
@@ -468,13 +469,23 @@ int internal__hydra_connect_to_ssl(int socket) {
 
   if (sslContext == NULL) {
     /* context: ssl2 + ssl3 is allowed, whatever the server demands */
-//    if ((sslContext = SSL_CTX_new(SSLv23_client_method())) == NULL) {
-    if ((sslContext = SSL_CTX_new(TLSv1_2_client_method())) == NULL) {
-      if (verbose) {
-        err = ERR_get_error();
-        fprintf(stderr, "[ERROR] SSL allocating context: %s\n", ERR_error_string(err, NULL));
+    if (old_ssl) {
+      if ((sslContext = SSL_CTX_new(SSLv23_client_method())) == NULL) {
+        if (verbose) {
+          err = ERR_get_error();
+          fprintf(stderr, "[ERROR] SSL allocating context: %s\n", ERR_error_string(err, NULL));
+        }
+        return -1;
+      }
+    } else {
+//    if ((sslContext = SSL_CTX_new(SSLv23_client_method())) == NULL) {
+      if ((sslContext = SSL_CTX_new(TLSv1_2_client_method())) == NULL) {
+        if (verbose) {
+          err = ERR_get_error();
+          fprintf(stderr, "[ERROR] SSL allocating context: %s\n", ERR_error_string(err, NULL));
+        }
+        return -1;
       }
-      return -1;
     }
     /* set the compatbility mode */
     SSL_CTX_set_options(sslContext, SSL_OP_ALL);

hydra.c

@@ -170,6 +170,7 @@ extern char *hydra_address2string(char *address);
 extern int colored_output;
 extern char quiet;
 extern int do_retry;
+extern int old_ssl;
 
 void hydra_kill_head(int head_no, int killit, int fail);
 
@@ -310,7 +311,7 @@ void help(int ext) {
 #ifdef HAVE_MATH_H
          " [-x MIN:MAX:CHARSET]"
 #endif
-         " [-SuvVd46] "
+         " [-SOuvVd46] "
          //"[server service [OPT]]|"
          "[service://server[:PORT][/OPT]]\n");
   printf("\nOptions:\n");
@@ -346,7 +347,9 @@ void help(int ext) {
   if (ext)
     printf("  -v / -V / -d  verbose mode / show login+pass for each attempt / debug mode \n");
   if (ext)
-    printf("  -q        do not print messages about connection erros\n");
+    printf("  -O        use old SSL v2 and v3\n");
+  if (ext)
+    printf("  -q        do not print messages about connection errors\n");
   printf("  -U        service module usage details\n");
   if (ext == 0)
     printf("  -h        more command line options (COMPLETE HELP)\n");
@@ -2186,7 +2189,7 @@ int main(int argc, char *argv[]) {
     help(1);
   if (argc < 2)
     help(0);
-  while ((i = getopt(argc, argv, "hq64Rde:vVl:fFg:L:p:P:o:M:C:t:T:m:w:W:s:SUux:")) >= 0) {
+  while ((i = getopt(argc, argv, "hq64Rde:vVl:fFg:L:p:OP:o:M:C:t:T:m:w:W:s:SUux:")) >= 0) {
     switch (i) {
     case 'h':
       help(1);
@@ -2194,6 +2197,9 @@ int main(int argc, char *argv[]) {
     case 'q':
       quiet = 1;
       break;
+    case 'O':
+      old_ssl = 1;
+      break;
     case 'u':
       hydra_options.loop_mode = 1;
       break;