From 1e04805a5e5b9aba63503bbda1a783fb025428c4 Mon Sep 17 00:00:00 2001
From: Michael Gehring <mg@ebfe.org>
Date: Wed, 30 Mar 2016 23:47:59 +0200
Subject: [PATCH] tlsdate: drop sslv3 support (libressl-2.3 fix)

---
 .../tlsdate/patches/libressl-no-sslv3.patch   | 57 +++++++++++++++++++
 srcpkgs/tlsdate/template                      |  2 +-
 2 files changed, 58 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/tlsdate/patches/libressl-no-sslv3.patch

diff --git a/srcpkgs/tlsdate/patches/libressl-no-sslv3.patch b/srcpkgs/tlsdate/patches/libressl-no-sslv3.patch
new file mode 100644
index 00000000000..3865f71c2cb
--- /dev/null
+++ b/srcpkgs/tlsdate/patches/libressl-no-sslv3.patch
@@ -0,0 +1,57 @@
+--- src/tlsdate.c.orig	2016-03-30 23:41:39.121031885 +0200
++++ src/tlsdate.c	2016-03-30 23:41:49.442032351 +0200
+@@ -88,7 +88,7 @@
+            " [-n|--dont-set-clock]\n"
+            " [-H|--host] [hostname|ip]\n"
+            " [-p|--port] [port number]\n"
+-           " [-P|--protocol] [sslv23|sslv3|tlsv1]\n"
++           " [-P|--protocol] [sslv23|tlsv1]\n"
+            " [-C|--certcontainer] [dirname|filename]\n"
+            " [-v|--verbose]\n"
+            " [-V|--showtime] [human|raw]\n"
+--- man/tlsdate.1.orig	2016-03-30 23:42:18.100033647 +0200
++++ man/tlsdate.1	2016-03-30 23:42:35.659034441 +0200
+@@ -5,7 +5,7 @@
+ .SH NAME
+ tlsdate \- secure parasitic rdate replacement
+ .SH SYNOPSIS
+-.B tlsdate [\-hnvVstlw] [\-H [hostname]] [\-p [port]] [\-P [sslv23|sslv3|tlsv1]] \
++.B tlsdate [\-hnvVstlw] [\-H [hostname]] [\-p [port]] [\-P [sslv23|tlsv1]] \
+ [\-\-certdir [dirname]] [\-x [\-\-proxy] proxy\-type://proxyhost:proxyport]
+ .SH DESCRIPTION
+ .B tlsdate
+@@ -30,7 +30,7 @@
+ Do not set the system clock to the time of the remote server
+ .IP "\-p | \-\-port [port]"
+ Set remote port (default: '443')
+-.IP "\-P | \-\-protocol [sslv23|sslv3|tlsv1]"
++.IP "\-P | \-\-protocol [sslv23|tlsv1]"
+ Set protocol to use when communicating with server (default: 'tlsv1')
+ .IP "\-C | \-\-certdir [dirname]"
+ Set the local directory where certificates are located
+--- src/tlsdate-helper-plan9.c.orig	2016-03-30 23:43:12.577036110 +0200
++++ src/tlsdate-helper-plan9.c	2016-03-30 23:43:32.403037006 +0200
+@@ -978,10 +978,6 @@
+   {
+     verb ("V: using SSLv23_client_method()\n");
+     ctx = SSL_CTX_new(SSLv23_client_method());
+-  } else if (0 == strcmp("sslv3", protocol))
+-  {
+-    verb ("V: using SSLv3_client_method()\n");
+-    ctx = SSL_CTX_new(SSLv3_client_method());
+   } else if (0 == strcmp("tlsv1", protocol))
+   {
+     verb ("V: using TLSv1_client_method()\n");
+--- src/tlsdate-helper.c.orig	2016-03-30 23:33:02.056008510 +0200
++++ src/tlsdate-helper.c	2016-03-30 23:34:46.400013227 +0200
+@@ -1133,10 +1133,6 @@
+   {
+     verb ("V: using SSLv23_client_method()");
+     ctx = SSL_CTX_new(SSLv23_client_method());
+-  } else if (0 == strcmp("sslv3", protocol))
+-  {
+-    verb ("V: using SSLv3_client_method()");
+-    ctx = SSL_CTX_new(SSLv3_client_method());
+   } else if (0 == strcmp("tlsv1", protocol))
+   {
+     verb ("V: using TLSv1_client_method()");
diff --git a/srcpkgs/tlsdate/template b/srcpkgs/tlsdate/template
index 58c55e4ef29..23cbdae6251 100644
--- a/srcpkgs/tlsdate/template
+++ b/srcpkgs/tlsdate/template
@@ -1,7 +1,7 @@
 # Template file for 'tlsdate'
 pkgname=tlsdate
 version=0.0.13
-revision=4
+revision=5
 wrksrc="${pkgname}-${pkgname}-${version}"
 build_style=gnu-configure
 configure_args="--sbindir=/usr/bin