Bug#780491: unblock: (pre-approval) tomcat-native/1.1.32~repack-2

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#780491: unblock: (pre-approval) tomcat-native/1.1.32~repack-2
From: Emmanuel Bourg <ebourg@apache.org>
Date: Sat, 14 Mar 2015 22:34:43 +0100
Message-id: <[🔎] 20150314213443.18078.2476.reportbug@icare.ariane-software.com>
Reply-to: Emmanuel Bourg <ebourg@apache.org>, 780491@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi,

This is a pre-approval request to update and unblock tomcat-native/1.1.32~repack-2.
This update fixes a mistake in the version uploaded and unblocked in December.
The patch disabling the SSLv3 protocol removed the ability to support more
than one protocol (see #780447).

Thank you,

Emmanuel Bourg

unblock tomcat-native/1.1.32~repack-2


diff -Nru tomcat-native-1.1.32~repack/debian/changelog tomcat-native-1.1.32~repack/debian/changelog
--- tomcat-native-1.1.32~repack/debian/changelog        2014-12-03 22:59:19.000000000 +0100
+++ tomcat-native-1.1.32~repack/debian/changelog        2015-03-14 22:21:26.000000000 +0100
@@ -1,3 +1,10 @@
+tomcat-native (1.1.32~repack-2) unstable; urgency=medium
+
+  * Team upload.
+  * Fixed the patch disabling the deprecated SSL protocols (Closes: #780447)
+
+ -- Emmanuel Bourg <ebourg@apache.org>  Sat, 14 Mar 2015 22:18:29 +0100
+
 tomcat-native (1.1.32~repack-1) unstable; urgency=medium

   * Team upload.
diff -Nru tomcat-native-1.1.32~repack/debian/patches/drop_sslv2_support.diff tomcat-native-1.1.32~repack/debian/patches/drop_sslv2_support.diff
--- tomcat-native-1.1.32~repack/debian/patches/drop_sslv2_support.diff  2014-12-03 22:59:19.000000000 +0100
+++ tomcat-native-1.1.32~repack/debian/patches/drop_sslv2_support.diff  2015-03-14 01:08:47.000000000 +0100
@@ -54,33 +54,3 @@
  #ifndef OPENSSL_NO_SSL2
      } else if (protocol == SSL_PROTOCOL_SSLV2) {
          if (mode == SSL_MODE_CLIENT)
-@@ -121,12 +123,14 @@
-         /* requested but not supported */
- #endif
-     } else {
-+#ifndef OPENSSL_NO_SSL2
-         if (mode == SSL_MODE_CLIENT)
-             ctx = SSL_CTX_new(SSLv23_client_method());
-         else if (mode == SSL_MODE_SERVER)
-             ctx = SSL_CTX_new(SSLv23_server_method());
-         else
-             ctx = SSL_CTX_new(SSLv23_method());
-+#endif
-     }
-
-     if (!ctx) {
-@@ -148,10 +152,14 @@
-     if (c->bio_os != NULL)
-         BIO_set_fp(c->bio_os, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
-     SSL_CTX_set_options(c->ctx, SSL_OP_ALL);
-+#ifndef OPENSSL_NO_SSL2
-     if (!(protocol & SSL_PROTOCOL_SSLV2))
-         SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv2);
-+#endif
-+#ifndef OPENSSL_NO_SSL3
-     if (!(protocol & SSL_PROTOCOL_SSLV3))
-         SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv3);
-+#endif
-     if (!(protocol & SSL_PROTOCOL_TLSV1))
-         SSL_CTX_set_options(c->ctx, SSL_OP_NO_TLSv1);
- #ifdef SSL_OP_NO_TLSv1_1

Reply to:

Follow-Ups:
- Bug#780491: unblock: (pre-approval) tomcat-native/1.1.32~repack-2
  - From: Niels Thykier <niels@thykier.net>
- Processed: Re: Bug#780491: unblock: (pre-approval) tomcat-native/1.1.32~repack-2
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#780491: marked as done (unblock: (pre-approval) tomcat-native/1.1.32~repack-2)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#780486: unblock: coreutils/8.23-4
Next by Date: Bug#780492: unblock: kissplice/2.2.1-3
Previous by thread: Bug#780486: marked as done (unblock: coreutils/8.23-4)
Next by thread: Bug#780491: unblock: (pre-approval) tomcat-native/1.1.32~repack-2
Index(es):
- Date
- Thread