Control: tags 804606 + patch Control: tags 804606 + pending Dear maintainer,
I've prepared an NMU for httest (versioned as 2.4.8-1.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards. Sebastian
diff -Nru httest-2.4.8/debian/changelog httest-2.4.8/debian/changelog --- httest-2.4.8/debian/changelog 2013-10-09 22:09:23.000000000 +0200 +++ httest-2.4.8/debian/changelog 2016-04-20 21:00:46.000000000 +0200 @@ -1,3 +1,10 @@ +httest (2.4.8-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Do not use SSLv3 protocol functions (Closes: #804606). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Wed, 20 Apr 2016 21:00:04 +0200 + httest (2.4.8-1) unstable; urgency=low * New upstream release diff -Nru httest-2.4.8/debian/patches/consider-OPENSSL_NO_SSL3.patch httest-2.4.8/debian/patches/consider-OPENSSL_NO_SSL3.patch --- httest-2.4.8/debian/patches/consider-OPENSSL_NO_SSL3.patch 1970-01-01 01:00:00.000000000 +0100 +++ httest-2.4.8/debian/patches/consider-OPENSSL_NO_SSL3.patch 2016-04-20 21:00:46.000000000 +0200 @@ -0,0 +1,45 @@ +From 59be4f8e650276452a4a2db8b61b9d28f04544c4 Mon Sep 17 00:00:00 2001 +From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> +Date: Wed, 20 Apr 2016 20:57:40 +0200 +Subject: [PATCH] consider OPENSSL_NO_SSL3 + +Don't use SSLv3 functions / methods + +Signed-off-by: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> +--- + src/ssl_module.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/ssl_module.c b/src/ssl_module.c +index bd18cac24577..27a78830b24b 100644 +--- a/src/ssl_module.c ++++ b/src/ssl_module.c +@@ -733,10 +733,12 @@ static int worker_set_client_method(worker_t * worker, const char *sslstr) { + config->meth = SSLv2_client_method(); + } + #endif ++#ifndef OPENSSL_NO_SSL3 + else if (strcasecmp(sslstr, "SSL3") == 0) { + is_ssl = 1; + config->meth = SSLv3_client_method(); + } ++#endif + else if (strcasecmp(sslstr, "TLS1") == 0) { + is_ssl = 1; + config->meth = TLSv1_client_method(); +@@ -780,10 +782,12 @@ static int worker_set_server_method(worker_t * worker, const char *sslstr) { + config->meth = SSLv2_server_method(); + } + #endif ++#ifndef OPENSSL_NO_SSL3 + else if (strcasecmp(sslstr, "SSL3") == 0) { + is_ssl = 1; + config->meth = SSLv3_server_method(); + } ++#endif + else if (strcasecmp(sslstr, "TLS1") == 0) { + is_ssl = 1; + config->meth = TLSv1_server_method(); +-- +2.8.1 + diff -Nru httest-2.4.8/debian/patches/series httest-2.4.8/debian/patches/series --- httest-2.4.8/debian/patches/series 2013-06-02 13:08:58.000000000 +0200 +++ httest-2.4.8/debian/patches/series 2016-04-20 21:00:46.000000000 +0200 @@ -1,2 +1,3 @@ generate-man-pages configure-lua-location +consider-OPENSSL_NO_SSL3.patch