diff -Nru pound-2.5/debian/changelog pound-2.5/debian/changelog
--- pound-2.5/debian/changelog	2011-02-09 15:54:23.000000000 +0000
+++ pound-2.5/debian/changelog	2012-01-27 11:41:08.000000000 +0000
@@ -1,8 +1,18 @@
-pound (2.5-1~lucid1) lucid; urgency=low
+pound (2.5-1.1~lucid1) lucid; urgency=low
 
-  *  Backport for MF Install on Lucid
+  * Build to remove SSLv2
 
- -- Martin Meredith <martin.meredith@mobilefun.co.uk>  Wed, 09 Feb 2011 15:53:13 +0000
+ -- Martin Meredith <martin.meredith@mobilefun.co.uk>  Fri, 27 Jan 2012 11:40:31 +0000
+
+pound (2.5-1.1) unstable; urgency=low
+
+  * NMU
+  * Apply patch to work with new openssl. Thanks to Ilya Barygin
+    <barygin@gmail.com> for the patch. Closes: #622041
+  * Add simple initial build-arch and build-indep rules as suggested by
+    lintian
+
+ -- Steve McIntyre <steve.mcintyre@linaro.org>  Thu, 12 Dec 2011 15:29:12 +0000
 
 pound (2.5-1) unstable; urgency=low
 
diff -Nru pound-2.5/debian/patches/disable_sslv2_server.patch pound-2.5/debian/patches/disable_sslv2_server.patch
--- pound-2.5/debian/patches/disable_sslv2_server.patch	1970-01-01 00:00:00.000000000 +0000
+++ pound-2.5/debian/patches/disable_sslv2_server.patch	2012-01-27 11:55:37.000000000 +0000
@@ -0,0 +1,16 @@
+Description: Disable SSLv2 Server
+ Disable serving HTTPS using SSLv2
+Author: Martin Meredith <martin.meredith@mobilefun.co.uk>
+Last-Update: 2012-01-27
+
+--- pound-2.5.orig/config.c
++++ pound-2.5/config.c
+@@ -798,7 +798,7 @@ parse_HTTPS(void)
+     if((res = (LISTENER *)malloc(sizeof(LISTENER))) == NULL)
+         conf_err("ListenHTTPS config: out of memory - aborted");
+     memset(res, 0, sizeof(LISTENER));
+-    if((res->ctx = SSL_CTX_new(SSLv23_server_method())) == NULL)
++    if((res->ctx = SSL_CTX_new(SSLv3_server_method())) == NULL)
+         conf_err("SSL_CTX_new failed - aborted");
+ 
+     res->to = clnt_to;
diff -Nru pound-2.5/debian/patches/openssl1.0.0.patch pound-2.5/debian/patches/openssl1.0.0.patch
--- pound-2.5/debian/patches/openssl1.0.0.patch	1970-01-01 00:00:00.000000000 +0000
+++ pound-2.5/debian/patches/openssl1.0.0.patch	2011-12-15 15:34:29.000000000 +0000
@@ -0,0 +1,310 @@
+Description: Port to OpenSSL 1.0.0. Patch backported from upstream version
+ 2.6c.
+Author: Ilya Barygin <barygin@gmail.com>
+Bug-Debian: http://bugs.debian.org/622041
+--- pound-2.5.orig/svc.c
++++ pound-2.5/svc.c
+@@ -27,12 +27,17 @@
+ 
+ #include    "pound.h"
+ 
++#ifndef LHASH_OF
++#define LHASH_OF(x) LHASH
++#define CHECKED_LHASH_OF(type, h) h
++#endif
++
+ /*
+  * Add a new key/content pair to a hash table
+  * the table should be already locked
+  */
+ static void
+-t_add(LHASH *const tab, const char *key, const void *content, const size_t cont_len)
++t_add(LHASH_OF(TABNODE) *const tab, const char *key, const void *content, const size_t cont_len)
+ {
+     TABNODE *t, *old;
+ 
+@@ -53,7 +58,11 @@
+     }
+     memcpy(t->content, content, cont_len);
+     t->last_acc = time(NULL);
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++    if((old = LHM_lh_insert(TABNODE, tab, t)) != NULL) {
++#else
+     if((old = (TABNODE *)lh_insert(tab, t)) != NULL) {
++#endif
+         free(old->key);
+         free(old->content);
+         free(old);
+@@ -68,12 +77,16 @@
+  * side-effect: update the time of last access
+  */
+ static void *
+-t_find(LHASH *const tab, char *const key)
++t_find(LHASH_OF(TABNODE) *const tab, char *const key)
+ {
+     TABNODE t, *res;
+ 
+     t.key = key;
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++    if((res = LHM_lh_retrieve(TABNODE, tab, &t)) != NULL) {
++#else
+     if((res = (TABNODE *)lh_retrieve(tab, &t)) != NULL) {
++#endif
+         res->last_acc = time(NULL);
+         return res->content;
+     }
+@@ -84,12 +97,16 @@
+  * Delete a key
+  */
+ static void
+-t_remove(LHASH *const tab, char *const key)
++t_remove(LHASH_OF(TABNODE) *const tab, char *const key)
+ {
+     TABNODE t, *res;
+ 
+     t.key = key;
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++    if((res = LHM_lh_delete(TABNODE, tab, &t)) != NULL) {
++#else
+     if((res = (TABNODE *)lh_delete(tab, &t)) != NULL) {
++#endif
+         free(res->key);
+         free(res->content);
+         free(res);
+@@ -98,59 +115,77 @@
+ }
+ 
+ typedef struct  {
+-    LHASH   *tab;
++    LHASH_OF(TABNODE)   *tab;
+     time_t  lim;
+     void    *content;
+     int     cont_len;
+ }   ALL_ARG;
+ 
+ static void
+-t_old(TABNODE *t, void *arg)
++t_old_doall_arg(TABNODE *t, ALL_ARG *a)
+ {
+-    ALL_ARG *a;
+ 
+-    a = (ALL_ARG *)arg;
+     if(t->last_acc < a->lim)
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++        LHM_lh_delete(TABNODE, a->tab, t);
++#else
+         lh_delete(a->tab, t);
++#endif
+     return;
+ }
+-IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE *, void *)
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE, ALL_ARG)
++#else
++#define t_old t_old_doall_arg
++IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE *, ALL_ARG *)
++#endif
+ 
+ /*
+  * Expire all old nodes
+  */
+ static void
+-t_expire(LHASH *const tab, const time_t lim)
++t_expire(LHASH_OF(TABNODE) *const tab, const time_t lim)
+ {
+     ALL_ARG a;
+     int down_load;
+ 
+     a.tab = tab;
+     a.lim = lim;
+-    down_load = tab->down_load;
+-    tab->down_load = 0;
++    down_load = CHECKED_LHASH_OF(TABNODE, tab)->down_load;
++    CHECKED_LHASH_OF(TABNODE, tab)->down_load = 0;
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++    LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_old), ALL_ARG, &a);
++#else
+     lh_doall_arg(tab, LHASH_DOALL_ARG_FN(t_old), &a);
+-    tab->down_load = down_load;
++#endif
++    CHECKED_LHASH_OF(TABNODE, tab)->down_load = down_load;
+     return;
+ }
+ 
+ static void
+-t_cont(TABNODE *t, void *arg)
++t_cont_doall_arg(TABNODE *t, ALL_ARG *arg)
+ {
+-    ALL_ARG *a;
+ 
+-    a = (ALL_ARG *)arg;
+-    if(memcmp(t->content, a->content, a->cont_len) == 0)
+-        lh_delete(a->tab, t);
++    if(memcmp(t->content, arg->content, arg->cont_len) == 0)
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++        LHM_lh_delete(TABNODE, arg->tab, t);
++#else
++        lh_delete(arg->tab, t);
++#endif
+     return;
+ }
+-IMPLEMENT_LHASH_DOALL_ARG_FN(t_cont, TABNODE *, void *)
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++IMPLEMENT_LHASH_DOALL_ARG_FN(t_cont, TABNODE, ALL_ARG)
++#else
++#define t_cont t_cont_doall_arg
++IMPLEMENT_LHASH_DOALL_ARG_FN(t_cont, TABNODE *, ALL_ARG *)
++#endif
+ 
+ /*
+  * Remove all nodes with the given content
+  */
+ static void
+-t_clean(LHASH *const tab, void *const content, const size_t cont_len)
++t_clean(LHASH_OF(TABNODE) *const tab, void *const content, const size_t cont_len)
+ {
+     ALL_ARG a;
+     int down_load;
+@@ -158,10 +193,14 @@
+     a.tab = tab;
+     a.content = content;
+     a.cont_len = cont_len;
+-    down_load = tab->down_load;
+-    tab->down_load = 0;
++    down_load = CHECKED_LHASH_OF(TABNODE, tab)->down_load;
++    CHECKED_LHASH_OF(TABNODE, tab)->down_load = 0;
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++    LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_cont), ALL_ARG, &a);
++#else
+     lh_doall_arg(tab, LHASH_DOALL_ARG_FN(t_cont), &a);
+-    tab->down_load = down_load;
++#endif
++    CHECKED_LHASH_OF(TABNODE, tab)->down_load = down_load;
+     return;
+ }
+ 
+@@ -1410,41 +1449,47 @@
+ }   DUMP_ARG;
+ 
+ static void
+-t_dump(TABNODE *t, void *arg)
++t_dump_doall_arg(TABNODE *t, DUMP_ARG *arg)
+ {
+-    DUMP_ARG    *a;
+     BACKEND     *be, *bep;
+     int         n_be, sz;
+ 
+-    a = (DUMP_ARG *)arg;
+     memcpy(&bep, t->content, sizeof(bep));
+-    for(n_be = 0, be = a->backends; be; be = be->next, n_be++)
++    for(n_be = 0, be = arg->backends; be; be = be->next, n_be++)
+         if(be == bep)
+             break;
+     if(!be)
+         /* should NEVER happen */
+         n_be = 0;
+-    write(a->control_sock, t, sizeof(TABNODE));
+-    write(a->control_sock, &n_be, sizeof(n_be));
++    write(arg->control_sock, t, sizeof(TABNODE));
++    write(arg->control_sock, &n_be, sizeof(n_be));
+     sz = strlen(t->key);
+-    write(a->control_sock, &sz, sizeof(sz));
+-    write(a->control_sock, t->key, sz);
++    write(arg->control_sock, &sz, sizeof(sz));
++    write(arg->control_sock, t->key, sz);
+     return;
+ }
+-
+-IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE *, void *)
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE, DUMP_ARG)
++#else
++#define t_dump t_dump_doall_arg
++IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE *, DUMP_ARG *)
++#endif
+ 
+ /*
+  * write sessions to the control socket
+  */
+ static void
+-dump_sess(const int control_sock, LHASH *const sess, BACKEND *const backends)
++dump_sess(const int control_sock, LHASH_OF(TABNODE) *const sess, BACKEND *const backends)
+ {
+     DUMP_ARG a;
+ 
+     a.control_sock = control_sock;
+     a.backends = backends;
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++    LHM_lh_doall_arg(TABNODE, sess, LHASH_DOALL_ARG_FN(t_dump), DUMP_ARG, &a);
++#else
+     lh_doall_arg(sess, LHASH_DOALL_ARG_FN(t_dump), &a);
++#endif
+     return;
+ }
+ 
+--- pound-2.5.orig/pound.h
++++ pound-2.5/pound.h
+@@ -322,6 +322,10 @@
+ /* maximal session key size */
+ #define KEY_SIZE    127
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++DECLARE_LHASH_OF(TABNODE);
++#endif
++
+ /* service definition */
+ typedef struct _service {
+     char                name[KEY_SIZE + 1]; /* symbolic name */
+@@ -337,7 +341,11 @@
+     int                 sess_ttl;   /* session time-to-live */
+     regex_t             sess_start; /* pattern to identify the session data */
+     regex_t             sess_pat;   /* pattern to match the session data */
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++    LHASH_OF(TABNODE)   *sessions;  /* currently active sessions */
++#else
+     LHASH               *sessions;  /* currently active sessions */
++#endif
+     int                 dynscale;   /* true if the back-ends should be dynamically rescaled */
+     int                 disabled;   /* true if the service is disabled */
+     struct _service     *next;
+--- pound-2.5.orig/config.c
++++ pound-2.5/config.c
+@@ -431,14 +431,25 @@
+         res = (res ^ *k++) * 16777619;
+     return res;
+ }
+-static IMPLEMENT_LHASH_HASH_FN(t_hash, const TABNODE *)
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++static IMPLEMENT_LHASH_HASH_FN(t, TABNODE)
++#else
++static IMPLEMENT_LHASH_HASH_FN(t_hash, const TABNODE *)
++#endif
++ 
+ static int
+ t_cmp(const TABNODE *d1, const TABNODE *d2)
+ {
+     return strcmp(d1->key, d2->key);
+ }
++
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++static IMPLEMENT_LHASH_COMP_FN(t, TABNODE)
++#else
+ static IMPLEMENT_LHASH_COMP_FN(t_cmp, const TABNODE *)
++#endif
++
+ 
+ /*
+  * parse a service
+@@ -460,7 +471,11 @@
+     pthread_mutex_init(&res->mut, NULL);
+     if(svc_name)
+         strncpy(res->name, svc_name, KEY_SIZE);
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++    if((res->sessions = LHM_lh_new(TABNODE, t)) == NULL)
++#else
+     if((res->sessions = lh_new(LHASH_HASH_FN(t_hash), LHASH_COMP_FN(t_cmp))) == NULL)
++#endif
+         conf_err("lh_new failed - aborted");
+     ign_case = ignore_case;
+     while(conf_fgets(lin, MAXBUF)) {
diff -Nru pound-2.5/debian/patches/series pound-2.5/debian/patches/series
--- pound-2.5/debian/patches/series	1970-01-01 00:00:00.000000000 +0000
+++ pound-2.5/debian/patches/series	2012-01-27 11:55:45.000000000 +0000
@@ -0,0 +1 @@
+openssl1.0.0.patch
diff -Nru pound-2.5/debian/rules pound-2.5/debian/rules
--- pound-2.5/debian/rules	2010-03-10 21:36:08.000000000 +0000
+++ pound-2.5/debian/rules	2011-12-15 15:45:25.000000000 +0000
@@ -36,8 +36,9 @@
 	rm config.sub && mv config.sub.upstream config.sub
 	rm config.guess && mv config.guess.upstream config.guess
 
-
-build: build-stamp
+build: build-arch build-indep
+build-arch: build-stamp
+build-indep: build-stamp
 
 build-stamp:  config.status
 	dh_testdir