Hmmm, I think the answer might be to take the upstream tree that goes with that debian patch and do a diff of all the files in src/network/ssl (guessing that's the only place that touches OpenSSL) with the ones we have in our own tree and use that as a guide as to any changes that need to be made to our version of the code.