--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Hi,
This is a pre-approval request to update and unblock tomcat-native/1.1.32~repack-2.
This update fixes a mistake in the version uploaded and unblocked in December.
The patch disabling the SSLv3 protocol removed the ability to support more
than one protocol (see #780447).
Thank you,
Emmanuel Bourg
unblock tomcat-native/1.1.32~repack-2
diff -Nru tomcat-native-1.1.32~repack/debian/changelog tomcat-native-1.1.32~repack/debian/changelog
--- tomcat-native-1.1.32~repack/debian/changelog 2014-12-03 22:59:19.000000000 +0100
+++ tomcat-native-1.1.32~repack/debian/changelog 2015-03-14 22:21:26.000000000 +0100
@@ -1,3 +1,10 @@
+tomcat-native (1.1.32~repack-2) unstable; urgency=medium
+
+ * Team upload.
+ * Fixed the patch disabling the deprecated SSL protocols (Closes: #780447)
+
+ -- Emmanuel Bourg <ebourg@apache.org> Sat, 14 Mar 2015 22:18:29 +0100
+
tomcat-native (1.1.32~repack-1) unstable; urgency=medium
* Team upload.
diff -Nru tomcat-native-1.1.32~repack/debian/patches/drop_sslv2_support.diff tomcat-native-1.1.32~repack/debian/patches/drop_sslv2_support.diff
--- tomcat-native-1.1.32~repack/debian/patches/drop_sslv2_support.diff 2014-12-03 22:59:19.000000000 +0100
+++ tomcat-native-1.1.32~repack/debian/patches/drop_sslv2_support.diff 2015-03-14 01:08:47.000000000 +0100
@@ -54,33 +54,3 @@
#ifndef OPENSSL_NO_SSL2
} else if (protocol == SSL_PROTOCOL_SSLV2) {
if (mode == SSL_MODE_CLIENT)
-@@ -121,12 +123,14 @@
- /* requested but not supported */
- #endif
- } else {
-+#ifndef OPENSSL_NO_SSL2
- if (mode == SSL_MODE_CLIENT)
- ctx = SSL_CTX_new(SSLv23_client_method());
- else if (mode == SSL_MODE_SERVER)
- ctx = SSL_CTX_new(SSLv23_server_method());
- else
- ctx = SSL_CTX_new(SSLv23_method());
-+#endif
- }
-
- if (!ctx) {
-@@ -148,10 +152,14 @@
- if (c->bio_os != NULL)
- BIO_set_fp(c->bio_os, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
- SSL_CTX_set_options(c->ctx, SSL_OP_ALL);
-+#ifndef OPENSSL_NO_SSL2
- if (!(protocol & SSL_PROTOCOL_SSLV2))
- SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv2);
-+#endif
-+#ifndef OPENSSL_NO_SSL3
- if (!(protocol & SSL_PROTOCOL_SSLV3))
- SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv3);
-+#endif
- if (!(protocol & SSL_PROTOCOL_TLSV1))
- SSL_CTX_set_options(c->ctx, SSL_OP_NO_TLSv1);
- #ifdef SSL_OP_NO_TLSv1_1
--- End Message ---