--- ike-scan-1.9.orig/debian/changelog
+++ ike-scan-1.9/debian/changelog
@@ -0,0 +1,82 @@
+ike-scan (1.9-4build1) oneiric; urgency=low
+
+  * Rebuild for OpenSSL 1.0.0.
+
+ -- Colin Watson <cjwatson@ubuntu.com>  Tue, 17 May 2011 11:29:27 +0100
+
+ike-scan (1.9-4) unstable; urgency=low
+
+  * Regular cleanup duties:
+    * Standards version to 3.8.0.
+    * Refer to GPL-2 instead of GPL in copyright file.
+    * Debhelper to 7.
+  * Disallow combinations of --aggressive and --ikev2.
+    Closes: #512962.
+  * Introduce patchsystem (dpatch).
+
+ -- Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>  Thu, 26 Feb 2009 03:04:36 +0100
+
+ike-scan (1.9-3) unstable; urgency=low
+
+  * Adapt watch file to upstream's site access restrictions.
+    Closes: #453572.
+  * Bump Standards version to 3.7.3.
+  * Include GPL/SSL exception in debian/copyright.
+
+ -- Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>  Fri, 11 Apr 2008 20:04:30 +0200
+
+ike-scan (1.9-2) unstable; urgency=low
+
+  * As this package is low-traffic, make the wait comfortable:
+    add watch file.
+
+ -- Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>  Sun, 22 Jul 2007 02:25:13 +0200
+
+ike-scan (1.9-1) unstable; urgency=low
+
+  * New maintainer.
+  * New upstream version. Closes: #351907.
+  * Clean up build system (remove superfluous helper calls and comments).
+  * Build with openssl support. Introduce dependency on libssl-dev.
+  * Bump debhelper compat level (3 -> 5).
+  * Bump Standards version, no changes needed.
+
+ -- Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>  Tue, 03 Jul 2007 18:46:26 +0200
+
+ike-scan (1.7-4) unstable; urgency=medium
+
+  * Remove usage tracking code (closes: #327220) 
+  
+ -- Benoit Mortier <benoit.mortier@opensides.be>  Sun, 11 Sep 2005 02:31:00 +0200
+
+ike-scan (1.7-3) unstable; urgency=low
+
+  * moved check-* programs from /usr/bin to /usr/share/ike-scan/checks.
+  * Corrected short debian description. 
+  
+ -- Benoit Mortier <benoit.mortier@opensides.be>  Mon, 14 Mar 2005 00:17:00 +0200
+
+ike-scan (1.7-2) unstable; urgency=low
+
+  * Corrected debian copyright file.
+  
+ -- Benoit Mortier <benoit.mortier@opensides.be>  Sat, 06 Mar 2005 14:12:00 +0200
+
+ike-scan (1.7-1) unstable; urgency=low
+
+  * New upstream release.
+  
+ -- Benoit Mortier <benoit.mortier@opensides.be>  Mon, 21 Feb 2005 10:48:00 +0200
+
+ike-scan (1.6-1) unstable; urgency=low
+
+  * New upstream release.
+
+ -- Benoit Mortier <benoit.mortier@opensides.be>  Mon, 05 Apr 2004 22:38:00 +0200
+
+ike-scan (1.5.1-1) unstable; urgency=low
+
+  * Initial Release.
+
+ -- Benoit Mortier <benoit.mortier@opensides.be>  Sat, 13 Dec 2003 12:30:54 +0100
+
--- ike-scan-1.9.orig/debian/rules
+++ ike-scan-1.9/debian/rules
@@ -0,0 +1,72 @@
+#!/usr/bin/make -f
+# Sample debian/rules that uses debhelper.
+# GNU copyright 1997 to 1999 by Joey Hess.
+
+# These are used for cross-compiling and for saving the configure script
+# from having to guess our platform (since we know it already)
+DEB_HOST_GNU_TYPE   ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
+DEB_BUILD_GNU_TYPE  ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
+
+include /usr/share/dpatch/dpatch.make
+
+ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS)))
+	CFLAGS += -g
+endif
+ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
+	INSTALL_PROGRAM += -s
+endif
+
+config: config-stamp
+config-stamp: patch
+	dh_testdir
+	./configure --host=$(DEB_HOST_GNU_TYPE) \
+		    --build=$(DEB_BUILD_GNU_TYPE) \
+		    --prefix=/usr \
+		    --mandir=\$${prefix}/share/man \
+		    --infodir=\$${prefix}/share/info \
+		    --with-openssl
+	touch $@
+
+build: build-stamp
+build-stamp: config
+	dh_testdir
+	cp -f /usr/share/misc/config.sub /usr/share/misc/config.guess .
+	$(MAKE)
+	touch $@
+
+clean: unpatch
+	dh_testdir
+	dh_testroot
+	rm -f build-stamp config-stamp config.sub config.guess
+	[ ! -f Makefile ] || $(MAKE) distclean
+	dh_clean
+
+install: build
+	dh_testdir
+	dh_testroot
+	dh_prep
+	dh_installdirs
+	$(MAKE) install DESTDIR=debian/ike-scan
+	cp check-psk-crack-* check-run* check-packet check-decode \
+	    debian/ike-scan/usr/share/ike-scan/checks
+
+binary: binary-indep binary-arch
+
+binary-indep:
+
+binary-arch: install
+	dh_testdir
+	dh_testroot
+	dh_installdocs
+	dh_installchangelogs ChangeLog
+	dh_link
+	dh_strip
+	dh_compress
+	dh_fixperms
+	dh_installdeb
+	dh_shlibdeps
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+.PHONY: build clean config binary-indep binary-arch binary install 
--- ike-scan-1.9.orig/debian/watch
+++ ike-scan-1.9/debian/watch
@@ -0,0 +1,4 @@
+version=3
+# http://www.nta-monitor.com/tools/ike-scan/download/ike-scan-(.*).tar.gz
+http://www.nta-monitor.com/tools/ike-scan/index.html \
+  .*tools/ike-scan/download/ike-scan-([0-9.]*)\.tar\.gz
--- ike-scan-1.9.orig/debian/compat
+++ ike-scan-1.9/debian/compat
@@ -0,0 +1 @@
+7
--- ike-scan-1.9.orig/debian/control
+++ ike-scan-1.9/debian/control
@@ -0,0 +1,29 @@
+Source: ike-scan
+Section: net
+Priority: optional
+Maintainer: Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>
+Build-Depends: debhelper (>> 7), autotools-dev, libssl-dev (>= 0.9.8), dpatch
+Standards-Version: 3.8.0
+
+Package: ike-scan
+Architecture: any
+Depends: ${shlibs:Depends}
+Description: discover and fingerprint IKE hosts (IPsec VPN Servers)
+ ike-scan discovers IKE hosts and can also fingerprint them using the
+ retransmission backoff pattern.
+ .
+ ike-scan does two things:
+ .
+ a) Discovery: Determine which hosts are running IKE.
+    This is done by displaying those hosts which respond to the IKE requests
+    sent by ike-scan.
+    .   
+ b) Fingerprinting: Determine which IKE implementation the hosts are using.
+    This is done by recording the times of the IKE response packets from the
+    target hosts and comparing the observed retransmission backoff pattern
+    against known patterns.
+    .		
+    The retransmission backoff fingerprinting concept is discussed in more
+    detail in the UDP backoff fingerprinting paper which should be included
+    in the ike-scan kit as udp-backoff-fingerprinting-paper.txt.
+		
--- ike-scan-1.9.orig/debian/dirs
+++ ike-scan-1.9/debian/dirs
@@ -0,0 +1,2 @@
+usr/bin
+usr/share/ike-scan/checks
--- ike-scan-1.9.orig/debian/copyright
+++ ike-scan-1.9/debian/copyright
@@ -0,0 +1,37 @@
+This package was debianized by Benoit Mortier <benoit.mortier@opensides.be> on
+Sat, 13 Dec 2003 12:30:54 +0100. It is currently maintained by
+Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>.
+
+It was downloaded from http://www.nta-monitor.com/ike-scan/
+
+Copyright:
+   Copyright (C) 2003-2007	Roy Hills <Roy.Hills@nta-monitor.com>
+
+License:
+   This package is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991.
+
+   In addition, as a special exception, the copyright holders give
+   permission to link the code of portions of this program with the
+   OpenSSL library, and distribute linked combinations including the two.
+
+   You must obey the GNU General Public License in all respects
+   for all of the code used other than OpenSSL.  If you modify
+   file(s) with this exception, you may extend this exception to your
+   version of the file(s), but you are not obligated to do so.  If you
+   do not wish to do so, delete this exception statement from your
+   version.
+
+   This package is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this package; if not, write to the Free Software Foundation,
+   Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+On Debian GNU/Linux systems, the complete text of the GNU General
+Public License, version 2 can be found in
+`/usr/share/common-licenses/GPL-2'.
--- ike-scan-1.9.orig/debian/docs
+++ ike-scan-1.9/debian/docs
@@ -0,0 +1,4 @@
+NEWS
+README
+README-WIN32
+udp-backoff-fingerprinting-paper.txt
--- ike-scan-1.9.orig/debian/patches/10disable_aggressive_in_v2.dpatch
+++ ike-scan-1.9/debian/patches/10disable_aggressive_in_v2.dpatch
@@ -0,0 +1,28 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 10disable_aggressive_in_v2.dpatch by  <hesso@pool.math.tu-berlin.de>
+##
+## DP: --ikev2 overrides --aggressive anyway by reusing the
+## DP: .exchange_type member. Sadly, the override works the
+## DP: other way, too. For consistency disallow both.
+
+@DPATCH@
+--- ike-scan-1.9.orig/ike-scan.c	2007-01-14 20:05:42.000000000 +0100
++++ ike-scan-1.9/ike-scan.c	2009-02-26 02:51:34.063234781 +0100
+@@ -472,6 +472,8 @@
+             strncpy(patfile, optarg, MAXLINE);
+             break;
+          case 'A':	/* --aggressive */
++            if (ike_params.ike_version == 2)
++               err_msg("ERROR: Aggressive mode not applicable for IKEv2.");
+             ike_params.exchange_type = ISAKMP_XCHG_AGGR;
+             break;
+          case 'G':	/* --gssid */
+@@ -604,6 +606,8 @@
+             shownum_flag = 1;
+             break;
+          case '2':	/* --ikev2 */
++            if (ike_params.exchange_type == ISAKMP_XCHG_AGGR)
++               err_msg("ERROR: Aggressive mode not applicable for IKEv2.");
+             ike_params.ike_version = 2;
+             ike_params.header_version = 0x20;	/* v2.0 */
+             ike_params.hdr_flags=0x08;	/* Set Initiator bit */
--- ike-scan-1.9.orig/debian/patches/00list
+++ ike-scan-1.9/debian/patches/00list
@@ -0,0 +1 @@
+10disable_aggressive_in_v2