Bug#803881: boost: SSLv3 methods removed

Gianfranco Costamagna Wed, 04 Nov 2015 03:58:32 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi,


> The SSLv3 methods have now been removed from OpenSSL.  Please use a
> patch like in #621402 but then using OPENSSL_NO_SSL3_METHOD.
> 
> Please let me know if you need any help.

I followed up on this discussion, created a patch (NOTE: I did use
OPENSSL_NO_SSL3 instead of OPENSSL_NO_SSL3_METHOD, please tell me if I
need to use the latter, because the former was used on SSL2
deprecation patch and upstream)

I'm attaching a debdiff to this bug report and I would like to upload
in the next few days if you don't have any objections.

EDIT:
following up with the irc conversation with xnox I'm uploading
straight away, because my tests with casablanca were successful with
the new build.

I also sent the patches in
https://github.com/boostorg/asio/pull/29
https://github.com/boostorg/asio/pull/30
(after I discovered a similar patch was already there)
https://github.com/boostorg/asio/pull/23

cheers,

G.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWOfFtAAoJEPNPCXROn13Zxu4QAIpzq7hrtYkS6j7cMQ7RWTPt
WAPnI2oloeMA5stFfwdHKeAkuOEtkZEkMjAbQ5K2TZ3kFyzlbsBzAEmUMg7LxlK2
HuSB3oBvq1McYKZBFa67o0jGZU3YDp1lEWpXI7uoK/ae+8Efr/ycbzBsi4CICzu+
fzG26Y36kq6EPXwK55MxulmQ+B4bc5ygmMHdvgh9sqcMJD/0SxxKG+0i+WfXv4L8
xO4oSHocePgYDupJAnoIKrCbalRNWm8Lb289vo11AKJA6JpOyPjfcwYC7CjJdYQi
c7VjA5oaBFNgCRnFgjq6dX3BHkBZbalpwF755/6p5dX1H/h6hPLGvBukgxrl0/uU
4FkMzt8CiQUts6HXZxAKICUrkh2rJ8luEp2bQcRBwDrDCEGuDcdaZDbLGx1isV8L
sVa1nlYcp5Uq7g/d5cO+wFV9ReUvs4UkoL2s9Fu8sQjWvLz8zQd3cV+K5bYkdZCE
l+hPc55lb6W+68ebqP1ejirJCVr1N9jPqNKLAntSy6HJpFntnPnLvJ/Av5zHmr0+
AagCQmDv+3ONeKP+FgttstzNfE4mqsJsQ2fnpUwrj2g4mxfo4xcqa/atK+af8hY5
bl/BoqMD/bn2R4wgUK3Fww6R2VpIo+fdysxRTLKV6tMd55b9bQ8kExZHMxCWjzm3
UX/MHkx9DYivxTZO1wzn
=OoD6
-----END PGP SIGNATURE-----

diff -Nru boost1.58-1.58.0+dfsg/debian/changelog 
boost1.58-1.58.0+dfsg/debian/changelog
--- boost1.58-1.58.0+dfsg/debian/changelog      2015-10-03 19:59:54.000000000 
+0200
+++ boost1.58-1.58.0+dfsg/debian/changelog      2015-11-04 11:41:47.000000000 
+0100
@@ -1,3 +1,10 @@
+boost1.58 (1.58.0+dfsg-3.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTBFS due to openssl SSL3 method removals.
+
+ -- Gianfranco Costamagna <locutusofb...@debian.org>  Wed, 04 Nov 2015 
11:41:19 +0100
+
 boost1.58 (1.58.0+dfsg-3.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru boost1.58-1.58.0+dfsg/debian/patches/remove-ssl3-methods.patch 
boost1.58-1.58.0+dfsg/debian/patches/remove-ssl3-methods.patch
--- boost1.58-1.58.0+dfsg/debian/patches/remove-ssl3-methods.patch      
1970-01-01 01:00:00.000000000 +0100
+++ boost1.58-1.58.0+dfsg/debian/patches/remove-ssl3-methods.patch      
2015-11-04 11:50:54.000000000 +0100
@@ -0,0 +1,55 @@
+Description: tweak patch from 621402 to remove SSL3 deprecated methods.
+
+Author: Gianfranco Costamagna <locutusofb...@debian.org>
+
+Bug-Debian: https://bugs.debian.org/803881
+
+--- boost1.58-1.58.0+dfsg.orig/boost/asio/ssl/impl/context.ipp
++++ boost1.58-1.58.0+dfsg/boost/asio/ssl/impl/context.ipp
+@@ -89,6 +89,14 @@ context::context(context::method m)
+     handle_ = ::SSL_CTX_new(::SSLv2_server_method());
+     break;
+ #endif // defined(OPENSSL_NO_SSL2)
++#if defined(OPENSSL_NO_SSL3)
++  case context::sslv3:
++  case context::sslv3_client:
++  case context::sslv3_server:
++    boost::asio::detail::throw_error(
++        boost::asio::error::invalid_argument, "context");
++    break;
++#else // defined(OPENSSL_NO_SSL3)
+   case context::sslv3:
+     handle_ = ::SSL_CTX_new(::SSLv3_method());
+     break;
+@@ -98,6 +106,7 @@ context::context(context::method m)
+   case context::sslv3_server:
+     handle_ = ::SSL_CTX_new(::SSLv3_server_method());
+     break;
++#endif // defined(OPENSSL_NO_SSL3)
+   case context::tlsv1:
+     handle_ = ::SSL_CTX_new(::TLSv1_method());
+     break;
+--- 
boost1.58-1.58.0+dfsg.orig/boost/asio/ssl/old/detail/openssl_context_service.hpp
++++ boost1.58-1.58.0+dfsg/boost/asio/ssl/old/detail/openssl_context_service.hpp
+@@ -85,6 +85,13 @@ public:
+       impl = ::SSL_CTX_new(::SSLv2_server_method());
+       break;
+ #endif // defined(OPENSSL_NO_SSL2)
++#if defined(OPENSSL_NO_SSL3)
++    case context_base::sslv3:
++    case context_base::sslv3_client:
++    case context_base::sslv3_server:
++      boost::asio::detail::throw_error(boost::asio::error::invalid_argument);
++      break;
++#else // defined(OPENSSL_NO_SSL3)
+     case context_base::sslv3:
+       impl = ::SSL_CTX_new(::SSLv3_method());
+       break;
+@@ -94,6 +101,7 @@ public:
+     case context_base::sslv3_server:
+       impl = ::SSL_CTX_new(::SSLv3_server_method());
+       break;
++#endif // defined(OPENSSL_NO_SSL3)
+     case context_base::tlsv1:
+       impl = ::SSL_CTX_new(::TLSv1_method());
+       break;
diff -Nru boost1.58-1.58.0+dfsg/debian/patches/series 
boost1.58-1.58.0+dfsg/debian/patches/series
--- boost1.58-1.58.0+dfsg/debian/patches/series 2015-10-03 19:55:21.000000000 
+0200
+++ boost1.58-1.58.0+dfsg/debian/patches/series 2015-11-04 11:47:19.000000000 
+0100
@@ -11,3 +11,4 @@
 ec60c37295146bb80aa44a92cf416027b75b5ff7.patch
 boost-context-use-sysv-not-aapcs.patch
 numeric-ublas-storage.hpp.patch
+remove-ssl3-methods.patch

Bug#803881: boost: SSLv3 methods removed

Reply via email to