[pkg-boost-devel] Bug#803881: boost: SSLv3 methods removed

Gianfranco Costamagna costamagnagianfranco at yahoo.it
Wed Nov 4 11:59:12 UTC 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi again,

> following up with the irc conversation with xnox I'm uploading 
> straight away, because my tests with casablanca were successful
> with the new build.

as per irc request I changed the NMU in a Team Upload.
new debdiff here

(I also tweaked the patch name/changelog, to be similar to the SSL2
deprecation one)

the package has been uploaded on unstable some seconds ago.

cheers,

G.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWOfMQAAoJEPNPCXROn13ZADgP/jCHvFHehpm/Nxywc4U6AGwt
Jo8ismB65NOox0+RJYFApz82++418lz21C9aQGigPIS1Tf/2ccW/nRcV13UOWWCa
fOK8DLsFgqliygqQmfHJJ3UGat8nFUWU/e7zSmKp5DHmKwzHxCzZ6hPfARHjBsXt
Bty/GSYk1tsHBJMFOeBekFdKn0ci3WJyu6vC+xYfqmnXRHdA2G5PiI5WA3eoxQpZ
kxLjdOhlbJH8MMHfv1sdVAc7l18MtcAQEeUi+D5i78XT+Vi3kYzS9fQiHptXuP4G
pPXsmf+8bIQPJkKKli78gZFWwBBNv7nkwonnAN0hL2fuitbf7kr1kkxTfRr4SlLN
N+U5hY5c/BDBjeGcZOprAq9UYquZuIutB82uTWBVT2uzE9LXIpTDxNvJ0bUFdScq
pVF7ibeoZrKrgAL1B+hszcg2+FFm3fg+mWt+OCdIu76N9UJLuABmpctYlSS5E3XO
O0tP+JG76B4PDwxAIXNUV26wcSFLm6lObQH/ALRWSWpQpVQxrqL0dfKVdRDn/GsT
l7aTjezA4ofWumNQQjKu9LEriysPgT1ANToEszUaLMQH0lr506BWQk8Up0K3i0bd
FIinHLGdoJVIZx/tZ7aecerEsAbdtIngA7VdSFeYXXvHVPRq9dejxjrrif3GH/sJ
cyka+wBfn9fTXEcnJF3n
=XV3a
-----END PGP SIGNATURE-----
-------------- next part --------------
diff -Nru boost1.58-1.58.0+dfsg/debian/changelog boost1.58-1.58.0+dfsg/debian/changelog
--- boost1.58-1.58.0+dfsg/debian/changelog	2015-10-03 19:59:54.000000000 +0200
+++ boost1.58-1.58.0+dfsg/debian/changelog	2015-11-04 12:54:28.000000000 +0100
@@ -1,3 +1,11 @@
+boost1.58 (1.58.0+dfsg-4) unstable; urgency=medium
+
+  * Team upload.
+  * patches/openssl-no-ssl3.patch. Throw exception if sslv3 context
+    requested but OPENSSL_NO_SSL3 defined (Closes: #803881).
+
+ -- Gianfranco Costamagna <locutusofborg at debian.org>  Wed, 04 Nov 2015 11:41:19 +0100
+
 boost1.58 (1.58.0+dfsg-3.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru boost1.58-1.58.0+dfsg/debian/patches/openssl-no-ssl3.patch boost1.58-1.58.0+dfsg/debian/patches/openssl-no-ssl3.patch
--- boost1.58-1.58.0+dfsg/debian/patches/openssl-no-ssl3.patch	1970-01-01 01:00:00.000000000 +0100
+++ boost1.58-1.58.0+dfsg/debian/patches/openssl-no-ssl3.patch	2015-11-04 12:56:45.000000000 +0100
@@ -0,0 +1,55 @@
+Description: tweak patch from #621402 to remove SSL3 deprecated methods.
+
+Author: Gianfranco Costamagna <locutusofborg at debian.org>
+
+Bug-Debian: https://bugs.debian.org/803881
+
+--- boost1.58-1.58.0+dfsg.orig/boost/asio/ssl/impl/context.ipp
++++ boost1.58-1.58.0+dfsg/boost/asio/ssl/impl/context.ipp
+@@ -89,6 +89,14 @@ context::context(context::method m)
+     handle_ = ::SSL_CTX_new(::SSLv2_server_method());
+     break;
+ #endif // defined(OPENSSL_NO_SSL2)
++#if defined(OPENSSL_NO_SSL3)
++  case context::sslv3:
++  case context::sslv3_client:
++  case context::sslv3_server:
++    boost::asio::detail::throw_error(
++        boost::asio::error::invalid_argument, "context");
++    break;
++#else // defined(OPENSSL_NO_SSL3)
+   case context::sslv3:
+     handle_ = ::SSL_CTX_new(::SSLv3_method());
+     break;
+@@ -98,6 +106,7 @@ context::context(context::method m)
+   case context::sslv3_server:
+     handle_ = ::SSL_CTX_new(::SSLv3_server_method());
+     break;
++#endif // defined(OPENSSL_NO_SSL3)
+   case context::tlsv1:
+     handle_ = ::SSL_CTX_new(::TLSv1_method());
+     break;
+--- boost1.58-1.58.0+dfsg.orig/boost/asio/ssl/old/detail/openssl_context_service.hpp
++++ boost1.58-1.58.0+dfsg/boost/asio/ssl/old/detail/openssl_context_service.hpp
+@@ -85,6 +85,13 @@ public:
+       impl = ::SSL_CTX_new(::SSLv2_server_method());
+       break;
+ #endif // defined(OPENSSL_NO_SSL2)
++#if defined(OPENSSL_NO_SSL3)
++    case context_base::sslv3:
++    case context_base::sslv3_client:
++    case context_base::sslv3_server:
++      boost::asio::detail::throw_error(boost::asio::error::invalid_argument);
++      break;
++#else // defined(OPENSSL_NO_SSL3)
+     case context_base::sslv3:
+       impl = ::SSL_CTX_new(::SSLv3_method());
+       break;
+@@ -94,6 +101,7 @@ public:
+     case context_base::sslv3_server:
+       impl = ::SSL_CTX_new(::SSLv3_server_method());
+       break;
++#endif // defined(OPENSSL_NO_SSL3)
+     case context_base::tlsv1:
+       impl = ::SSL_CTX_new(::TLSv1_method());
+       break;
diff -Nru boost1.58-1.58.0+dfsg/debian/patches/series boost1.58-1.58.0+dfsg/debian/patches/series
--- boost1.58-1.58.0+dfsg/debian/patches/series	2015-10-03 19:55:21.000000000 +0200
+++ boost1.58-1.58.0+dfsg/debian/patches/series	2015-11-04 12:55:37.000000000 +0100
@@ -11,3 +11,4 @@
 ec60c37295146bb80aa44a92cf416027b75b5ff7.patch
 boost-context-use-sysv-not-aapcs.patch
 numeric-ublas-storage.hpp.patch
+openssl-no-ssl3.patch

More information about the pkg-boost-devel mailing list