Bug#804616: sslscan: diff for NMU version 1.8.2-2.1

[Sebastian Andrzej Siewior]

Control: tags -1 +pending +patch

Dear maintainer,

I've prepared an NMU for sslscan (versioned as 1.8.2-2.1) and
uploaded it to DELAYED/3. Please feel free to tell me if I
should delay it longer.

Sebastian

diff --git a/debian/changelog b/debian/changelog
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+sslscan (1.8.2-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Make it build without SSLv3 (Closes: #804616)
+
+ -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc>  Sat, 05 Mar 2016 21:17:46 +0100
+
 sslscan (1.8.2-2) unstable; urgency=low
 
   * debian/control:
diff --git a/debian/patches/04-sslv3.diff b/debian/patches/04-sslv3.diff
new file mode 100644
--- /dev/null
+++ b/debian/patches/04-sslv3.diff
@@ -0,0 +1,88 @@
+Subject: compile against libssl1.0.2 without SSLv3
+
+SSLv3 methods are no longer available sine the transition to libssl1.0.2.
+BTS: #797926
+FTBFS of this package: #804616
+
+Signed-off-by: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
+Index: sslscan-1.8.2/sslscan.c
+===================================================================
+--- sslscan-1.8.2.orig/sslscan.c
++++ sslscan-1.8.2/sslscan.c
+@@ -575,6 +575,7 @@ int testCipher(struct sslCheckOptions *o
+ 					}
+ 					else
+ #endif
++#ifndef OPENSSL_NO_SSL3_METHOD
+ 					if (sslCipherPointer->sslMethod == SSLv3_client_method())
+ 					{
+ 						if (options->xmlOutput != 0)
+@@ -585,6 +586,7 @@ int testCipher(struct sslCheckOptions *o
+ 							printf("SSLv3  ");
+ 					}
+ 					else
++#endif
+ 					{
+ 						if (options->xmlOutput != 0)
+ 							fprintf(options->xmlOutput, "TLSv1\" bits=\"");
+@@ -703,6 +705,7 @@ int defaultCipher(struct sslCheckOptions
+ 							}
+ 							else
+ #endif
++#ifndef OPENSSL_NO_SSL3_METHOD
+ 							if (sslMethod == SSLv3_client_method())
+ 							{
+ 								if (options->xmlOutput != 0)
+@@ -713,6 +716,7 @@ int defaultCipher(struct sslCheckOptions
+ 									printf("    SSLv3  ");
+ 							}
+ 							else
++#endif
+ 							{
+ 								if (options->xmlOutput != 0)
+ 									fprintf(options->xmlOutput, "  <defaultcipher sslversion=\"TLSv1\" bits=\"");
+@@ -1202,8 +1206,10 @@ int testHost(struct sslCheckOptions *opt
+ 				status = defaultCipher(options, SSLv2_client_method());
+ 				if (status != false)
+ #endif
++#ifndef OPENSSL_NO_SSL3_METHOD
+ 					status = defaultCipher(options, SSLv3_client_method());
+ 				if (status != false)
++#endif
+ 					status = defaultCipher(options, TLSv1_client_method());
+ 				break;
+ #ifndef OPENSSL_NO_SSL2
+@@ -1211,9 +1217,11 @@ int testHost(struct sslCheckOptions *opt
+ 				status = defaultCipher(options, SSLv2_client_method());
+ 				break;
+ #endif
++#ifndef OPENSSL_NO_SSL3_METHOD
+ 			case ssl_v3:
+ 				status = defaultCipher(options, SSLv3_client_method());
+ 				break;
++#endif
+ 			case tls_v1:
+ 				status = defaultCipher(options, TLSv1_client_method());
+ 				break;
+@@ -1428,7 +1436,9 @@ int main(int argc, char *argv[])
+ #ifndef OPENSSL_NO_SSL2
+ 					populateCipherList(&options, SSLv2_client_method());
+ #endif
++#ifndef OPENSSL_NO_SSL3_METHOD
+ 					populateCipherList(&options, SSLv3_client_method());
++#endif
+ 					populateCipherList(&options, TLSv1_client_method());
+ 					break;
+ #ifndef OPENSSL_NO_SSL2
+@@ -1436,9 +1446,11 @@ int main(int argc, char *argv[])
+ 					populateCipherList(&options, SSLv2_client_method());
+ 					break;
+ #endif
++#ifndef OPENSSL_NO_SSL3_METHOD
+ 				case ssl_v3:
+ 					populateCipherList(&options, SSLv3_client_method());
+ 					break;
++#endif
+ 				case tls_v1:
+ 					populateCipherList(&options, TLSv1_client_method());
+ 					break;
diff --git a/debian/patches/series b/debian/patches/series
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 02-sslscan-spelling-mistake.diff
 01-Makefile-binutils-gold.diff
 03-sslv2.diff
+04-sslv3.diff
-- 
2.7.0