Package: monit Version: 5.9-1; Disables sslv3 if the system's openssl is compiled without it. (Jessie)
I am using Debian GNU/Linux 8 (Jessie), kernel 3.16.0-4-686-pae and GLIBC 2.19-18+deb8u4
diff -Nru monit-5.9/debian/changelog monit-5.9/debian/changelog --- monit-5.9/debian/changelog 2015-09-12 19:34:24.000000000 +0400 +++ monit-5.9/debian/changelog 2016-04-28 17:08:16.000000000 +0400 @@ -1,3 +1,10 @@ +monit (1:5.9-1+deb8u1.1) UNRELEASED; urgency=medium + + * Remove support for sslv3 when system doesn't support it. + * + + -- Yash Paupiah <yashpaupia...@gmail.com> Thu, 28 Apr 2016 17:06:49 +0400 + monit (1:5.9-1+deb8u1) jessie; urgency=medium * Fix umask-related regression between 5.8.1 and 5.9 (Closes: #796989) diff -Nru monit-5.9/debian/patches/OPENSSL_NO_SSLv3.patch monit-5.9/debian/patches/OPENSSL_NO_SSLv3.patch --- monit-5.9/debian/patches/OPENSSL_NO_SSLv3.patch 1970-01-01 04:00:00.000000000 +0400 +++ monit-5.9/debian/patches/OPENSSL_NO_SSLv3.patch 2016-04-28 17:00:27.000000000 +0400 @@ -0,0 +1,19 @@ +Index: monit-5.9/src/ssl.c +=================================================================== +--- monit-5.9.orig/src/ssl.c ++++ monit-5.9/src/ssl.c +@@ -624,6 +624,14 @@ ssl_connection *new_ssl_connection(char + break; + + case SSL_VERSION_SSLV3: ++ ++#ifdef OPENSSL_NO_SSL3 ++ LogError("SSL: SSLv3 not supported - use TLSv1\n"); ++ goto sslerror; ++#else ++ ssl->method = SSLv3_client_method(); ++#endif ++ break; + #ifdef OPENSSL_FIPS + if (FIPS_mode()) { + LogError("SSLv3 is not allowed in FIPS mode - use TLSv1\n"); diff -Nru monit-5.9/debian/patches/series monit-5.9/debian/patches/series --- monit-5.9/debian/patches/series 2015-09-12 19:34:24.000000000 +0400 +++ monit-5.9/debian/patches/series 2016-04-28 16:54:56.000000000 +0400 @@ -3,3 +3,4 @@ 11_enable_hurd.patch 12_FTBFS_on_kfreebsd.patch 13_umask_fix.patch +OPENSSL_NO_SSLv3.patch