tags 622018 + pending thanks Dear maintainer,
I've prepared an NMU for socat (versioned as 2.0.0~beta4-1.1) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer.
-- Jakub Wilk
diffstat for socat-2.0.0~beta4 socat-2.0.0~beta4 NEWS | 6 ++++ changelog | 13 ++++++++ control | 2 - patches/03-Disable-SSLv2 | 69 +++++++++++++++++++++++++++++++++++++++++++++++ patches/series | 1 rules | 3 ++ 6 files changed, 93 insertions(+), 1 deletion(-) diff -Nru socat-2.0.0~beta4/debian/NEWS socat-2.0.0~beta4/debian/NEWS --- socat-2.0.0~beta4/debian/NEWS 1970-01-01 01:00:00.000000000 +0100 +++ socat-2.0.0~beta4/debian/NEWS 2012-04-22 11:29:17.000000000 +0200 @@ -0,0 +1,6 @@ +socat (2.0.0~beta4-1.1) experimental; urgency=low + + Readline support has been disabled for license reason: GNU Readline license + (GPL) is incompatible with the OpenSSL license. + + -- Jakub Wilk <[email protected]> Sun, 22 Apr 2012 11:24:12 +0200 diff -Nru socat-2.0.0~beta4/debian/changelog socat-2.0.0~beta4/debian/changelog --- socat-2.0.0~beta4/debian/changelog 2010-08-03 08:34:34.000000000 +0200 +++ socat-2.0.0~beta4/debian/changelog 2012-04-22 11:29:17.000000000 +0200 @@ -1,3 +1,16 @@ +socat (2.0.0~beta4-1.1) experimental; urgency=low + + * Non-maintainer upload. + * Disable readline support (closes: #632481). GNU Readline license (GPL) is + incompatible with the OpenSSL license. Thanks to Julien Cristau for the + bug report. + + Pass --disable-readline to the configure script. + + Remove libreadline5-dev from Build-Depends. + * Disable SSLv2 support (closes: #622018). Thanks to Lucas Nussbaum for the + bug report and Julien Cristau for the patch. + + -- Jakub Wilk <[email protected]> Sun, 22 Apr 2012 11:24:12 +0200 + socat (2.0.0~beta4-1) experimental; urgency=low * New upstream release. diff -Nru socat-2.0.0~beta4/debian/control socat-2.0.0~beta4/debian/control --- socat-2.0.0~beta4/debian/control 2010-08-03 08:32:59.000000000 +0200 +++ socat-2.0.0~beta4/debian/control 2012-04-22 10:52:46.000000000 +0200 @@ -3,7 +3,7 @@ Priority: extra Maintainer: Chris Taylor <[email protected]> Homepage: http://www.dest-unreach.org/socat/socat-version2.html -Build-Depends: debhelper (>= 7.0.50~), libreadline5-dev, libssl-dev, +Build-Depends: debhelper (>= 7.0.50~), libssl-dev, libwrap0-dev, quilt Standards-Version: 3.9.1 diff -Nru socat-2.0.0~beta4/debian/patches/03-Disable-SSLv2 socat-2.0.0~beta4/debian/patches/03-Disable-SSLv2 --- socat-2.0.0~beta4/debian/patches/03-Disable-SSLv2 1970-01-01 01:00:00.000000000 +0100 +++ socat-2.0.0~beta4/debian/patches/03-Disable-SSLv2 2012-04-22 11:17:57.000000000 +0200 @@ -0,0 +1,69 @@ +Description: disable SSLv2 support + Disable use of SSLv2 functions when they are not supported by OpenSSL itself + (e.g. in OpenSSL >= 1.0 in Debian). +Author: Julien Cristau <[email protected]> +Bug-Debian: http://bugs.debian.org/622018 +Forwarded: no +Last-Update: 2012-04-22 + +--- a/sslcls.c ++++ b/sslcls.c +@@ -35,6 +35,7 @@ + return result; + } + ++#ifndef OPENSSL_NO_SSL2 + SSL_METHOD *sycSSLv2_client_method(void) { + SSL_METHOD *result; + Debug("SSLv2_client_method()"); +@@ -50,6 +51,7 @@ + Debug1("SSLv2_server_method() -> %p", result); + return result; + } ++#endif + + SSL_METHOD *sycSSLv3_client_method(void) { + SSL_METHOD *result; +--- a/xio-openssl.c ++++ b/xio-openssl.c +@@ -798,9 +798,12 @@ + + if (!server) { + if (me_str != 0) { ++#ifndef OPENSSL_NO_SSL2 + if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) { + method = sycSSLv2_client_method(); +- } else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { ++ } else ++#endif ++ if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { + method = sycSSLv3_client_method(); + } else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") || + !strcasecmp(me_str, "SSL")) { +@@ -817,9 +820,12 @@ + } + } else /* server */ { + if (me_str != 0) { ++#ifndef OPENSSL_NO_SSL2 + if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) { + method = sycSSLv2_server_method(); +- } else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { ++ } else ++#endif ++ if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) { + method = sycSSLv3_server_method(); + } else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") || + !strcasecmp(me_str, "SSL")) { +--- a/sslcls.h ++++ b/sslcls.h +@@ -10,8 +10,10 @@ + + void sycSSL_load_error_strings(void); + int sycSSL_library_init(void); ++#ifndef OPENSSL_NO_SSL2 + SSL_METHOD *sycSSLv2_client_method(void); + SSL_METHOD *sycSSLv2_server_method(void); ++#endif + SSL_METHOD *sycSSLv3_client_method(void); + SSL_METHOD *sycSSLv3_server_method(void); + SSL_METHOD *sycSSLv23_client_method(void); diff -Nru socat-2.0.0~beta4/debian/patches/series socat-2.0.0~beta4/debian/patches/series --- socat-2.0.0~beta4/debian/patches/series 2010-08-03 08:31:50.000000000 +0200 +++ socat-2.0.0~beta4/debian/patches/series 2012-04-22 11:16:07.000000000 +0200 @@ -2,3 +2,4 @@ 00-Manpage 01-Index 02-ftbfs-kfreebsd +03-Disable-SSLv2 diff -Nru socat-2.0.0~beta4/debian/rules socat-2.0.0~beta4/debian/rules --- socat-2.0.0~beta4/debian/rules 2010-08-03 08:31:50.000000000 +0200 +++ socat-2.0.0~beta4/debian/rules 2012-04-22 10:51:04.000000000 +0200 @@ -3,4 +3,7 @@ %: dh $@ +override_dh_auto_configure: + dh_auto_configure -- --disable-readline + override_dh_auto_test:
