From 756255ffb6aa76d3c3319a33dafd139d07907298 Mon Sep 17 00:00:00 2001
From: Pavel Raiskup <praiskup@redhat.com>
Date: Tue, 18 Apr 2017 20:02:11 +0200
Subject: [PATCH] rebase: latest upstream release

Per upstream release notes:
https://groups.google.com/forum/#!topic/libarchive-discuss/jfc7lBfrvVg

Version: 3.3.1-1
Resolves: rhbz#1428362, rhbz#1383744, rhbz#1423839
---
 libarchive-3.2.1-openssl-1.1.patch  | 365 ----------------------------
 libarchive-3.2.2-ftbfs-on-f26.patch |  13 -
 libarchive-3.3.1-cpio-getid.patch   | 100 ++++++++
 libarchive.spec                     |  15 +-
 4 files changed, 108 insertions(+), 385 deletions(-)
 delete mode 100644 libarchive-3.2.1-openssl-1.1.patch
 delete mode 100644 libarchive-3.2.2-ftbfs-on-f26.patch
 create mode 100644 libarchive-3.3.1-cpio-getid.patch

diff --git a/libarchive-3.2.1-openssl-1.1.patch b/libarchive-3.2.1-openssl-1.1.patch
deleted file mode 100644
index 372cf14..0000000
--- a/libarchive-3.2.1-openssl-1.1.patch
+++ /dev/null
@@ -1,365 +0,0 @@
-diff -up libarchive-3.2.1/libarchive/archive_cryptor.c.openssl-1.1 libarchive-3.2.1/libarchive/archive_cryptor.c
---- libarchive-3.2.1/libarchive/archive_cryptor.c.openssl-1.1	2016-04-24 23:57:10.000000000 +0200
-+++ libarchive-3.2.1/libarchive/archive_cryptor.c	2016-10-11 16:18:16.979989705 +0200
-@@ -302,6 +302,7 @@ aes_ctr_release(archive_crypto_ctx *ctx)
- static int
- aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len)
- {
-+	ctx->ctx = EVP_CIPHER_CTX_new();
- 
- 	switch (key_len) {
- 	case 16: ctx->type = EVP_aes_128_ecb(); break;
-@@ -314,7 +315,7 @@ aes_ctr_init(archive_crypto_ctx *ctx, co
- 	memcpy(ctx->key, key, key_len);
- 	memset(ctx->nonce, 0, sizeof(ctx->nonce));
- 	ctx->encr_pos = AES_BLOCK_SIZE;
--	EVP_CIPHER_CTX_init(&ctx->ctx);
-+	EVP_CIPHER_CTX_init(ctx->ctx);
- 	return 0;
- }
- 
-@@ -324,10 +325,10 @@ aes_ctr_encrypt_counter(archive_crypto_c
- 	int outl = 0;
- 	int r;
- 
--	r = EVP_EncryptInit_ex(&ctx->ctx, ctx->type, NULL, ctx->key, NULL);
-+	r = EVP_EncryptInit_ex(ctx->ctx, ctx->type, NULL, ctx->key, NULL);
- 	if (r == 0)
- 		return -1;
--	r = EVP_EncryptUpdate(&ctx->ctx, ctx->encr_buf, &outl, ctx->nonce,
-+	r = EVP_EncryptUpdate(ctx->ctx, ctx->encr_buf, &outl, ctx->nonce,
- 	    AES_BLOCK_SIZE);
- 	if (r == 0 || outl != AES_BLOCK_SIZE)
- 		return -1;
-@@ -337,7 +338,7 @@ aes_ctr_encrypt_counter(archive_crypto_c
- static int
- aes_ctr_release(archive_crypto_ctx *ctx)
- {
--	EVP_CIPHER_CTX_cleanup(&ctx->ctx);
-+	EVP_CIPHER_CTX_free(ctx->ctx);
- 	memset(ctx->key, 0, ctx->key_len);
- 	memset(ctx->nonce, 0, sizeof(ctx->nonce));
- 	return 0;
-diff -up libarchive-3.2.1/libarchive/archive_cryptor_private.h.openssl-1.1 libarchive-3.2.1/libarchive/archive_cryptor_private.h
---- libarchive-3.2.1/libarchive/archive_cryptor_private.h.openssl-1.1	2016-04-24 23:56:47.000000000 +0200
-+++ libarchive-3.2.1/libarchive/archive_cryptor_private.h	2016-10-11 16:18:16.979989705 +0200
-@@ -104,7 +104,7 @@ typedef struct {
- #define AES_MAX_KEY_SIZE 32
- 
- typedef struct {
--	EVP_CIPHER_CTX	ctx;
-+	EVP_CIPHER_CTX	*ctx;
- 	const EVP_CIPHER *type;
- 	uint8_t		key[AES_MAX_KEY_SIZE];
- 	unsigned	key_len;
-diff -up libarchive-3.2.1/libarchive/archive_digest.c.openssl-1.1 libarchive-3.2.1/libarchive/archive_digest.c
---- libarchive-3.2.1/libarchive/archive_digest.c.openssl-1.1	2015-09-05 06:24:18.000000000 +0200
-+++ libarchive-3.2.1/libarchive/archive_digest.c	2016-10-11 16:31:25.785624324 +0200
-@@ -207,7 +207,9 @@ __archive_nettle_md5final(archive_md5_ct
- static int
- __archive_openssl_md5init(archive_md5_ctx *ctx)
- {
--  EVP_DigestInit(ctx, EVP_md5());
-+  if ((*ctx = EVP_MD_CTX_new()) == NULL)
-+	return (ARCHIVE_FAILED);
-+  EVP_DigestInit(*ctx, EVP_md5());
-   return (ARCHIVE_OK);
- }
- 
-@@ -215,7 +217,7 @@ static int
- __archive_openssl_md5update(archive_md5_ctx *ctx, const void *indata,
-     size_t insize)
- {
--  EVP_DigestUpdate(ctx, indata, insize);
-+  EVP_DigestUpdate(*ctx, indata, insize);
-   return (ARCHIVE_OK);
- }
- 
-@@ -226,8 +228,11 @@ __archive_openssl_md5final(archive_md5_c
-    * this is meant to cope with that. Real fix is probably to fix
-    * archive_write_set_format_xar.c
-    */
--  if (ctx->digest)
--    EVP_DigestFinal(ctx, md, NULL);
-+  if (*ctx) {
-+    EVP_DigestFinal(*ctx, md, NULL);
-+    EVP_MD_CTX_free(*ctx);
-+    *ctx = NULL;
-+  }
-   return (ARCHIVE_OK);
- }
- 
-@@ -359,7 +364,9 @@ __archive_nettle_ripemd160final(archive_
- static int
- __archive_openssl_ripemd160init(archive_rmd160_ctx *ctx)
- {
--  EVP_DigestInit(ctx, EVP_ripemd160());
-+  if ((*ctx = EVP_MD_CTX_new()) == NULL)
-+	return (ARCHIVE_FAILED);
-+  EVP_DigestInit(*ctx, EVP_ripemd160());
-   return (ARCHIVE_OK);
- }
- 
-@@ -367,14 +374,18 @@ static int
- __archive_openssl_ripemd160update(archive_rmd160_ctx *ctx, const void *indata,
-     size_t insize)
- {
--  EVP_DigestUpdate(ctx, indata, insize);
-+  EVP_DigestUpdate(*ctx, indata, insize);
-   return (ARCHIVE_OK);
- }
- 
- static int
- __archive_openssl_ripemd160final(archive_rmd160_ctx *ctx, void *md)
- {
--  EVP_DigestFinal(ctx, md, NULL);
-+  if (*ctx) {
-+    EVP_DigestFinal(*ctx, md, NULL);
-+    EVP_MD_CTX_free(*ctx);
-+    *ctx = NULL;
-+  }
-   return (ARCHIVE_OK);
- }
- 
-@@ -509,7 +520,9 @@ __archive_nettle_sha1final(archive_sha1_
- static int
- __archive_openssl_sha1init(archive_sha1_ctx *ctx)
- {
--  EVP_DigestInit(ctx, EVP_sha1());
-+  if ((*ctx = EVP_MD_CTX_new()) == NULL)
-+	return (ARCHIVE_FAILED);
-+  EVP_DigestInit(*ctx, EVP_sha1());
-   return (ARCHIVE_OK);
- }
- 
-@@ -517,7 +530,7 @@ static int
- __archive_openssl_sha1update(archive_sha1_ctx *ctx, const void *indata,
-     size_t insize)
- {
--  EVP_DigestUpdate(ctx, indata, insize);
-+  EVP_DigestUpdate(*ctx, indata, insize);
-   return (ARCHIVE_OK);
- }
- 
-@@ -528,8 +541,11 @@ __archive_openssl_sha1final(archive_sha1
-    * this is meant to cope with that. Real fix is probably to fix
-    * archive_write_set_format_xar.c
-    */
--  if (ctx->digest)
--    EVP_DigestFinal(ctx, md, NULL);
-+  if (*ctx) {
-+    EVP_DigestFinal(*ctx, md, NULL);
-+    EVP_MD_CTX_free(*ctx);
-+    *ctx = NULL;
-+  }
-   return (ARCHIVE_OK);
- }
- 
-@@ -733,7 +749,9 @@ __archive_nettle_sha256final(archive_sha
- static int
- __archive_openssl_sha256init(archive_sha256_ctx *ctx)
- {
--  EVP_DigestInit(ctx, EVP_sha256());
-+  if ((*ctx = EVP_MD_CTX_new()) == NULL)
-+	return (ARCHIVE_FAILED);
-+  EVP_DigestInit(*ctx, EVP_sha256());
-   return (ARCHIVE_OK);
- }
- 
-@@ -741,14 +759,18 @@ static int
- __archive_openssl_sha256update(archive_sha256_ctx *ctx, const void *indata,
-     size_t insize)
- {
--  EVP_DigestUpdate(ctx, indata, insize);
-+  EVP_DigestUpdate(*ctx, indata, insize);
-   return (ARCHIVE_OK);
- }
- 
- static int
- __archive_openssl_sha256final(archive_sha256_ctx *ctx, void *md)
- {
--  EVP_DigestFinal(ctx, md, NULL);
-+  if (*ctx) {
-+    EVP_DigestFinal(*ctx, md, NULL);
-+    EVP_MD_CTX_free(*ctx);
-+    *ctx = NULL;
-+  }
-   return (ARCHIVE_OK);
- }
- 
-@@ -928,7 +950,9 @@ __archive_nettle_sha384final(archive_sha
- static int
- __archive_openssl_sha384init(archive_sha384_ctx *ctx)
- {
--  EVP_DigestInit(ctx, EVP_sha384());
-+  if ((*ctx = EVP_MD_CTX_new()) == NULL)
-+	return (ARCHIVE_FAILED);
-+  EVP_DigestInit(*ctx, EVP_sha384());
-   return (ARCHIVE_OK);
- }
- 
-@@ -936,14 +960,18 @@ static int
- __archive_openssl_sha384update(archive_sha384_ctx *ctx, const void *indata,
-     size_t insize)
- {
--  EVP_DigestUpdate(ctx, indata, insize);
-+  EVP_DigestUpdate(*ctx, indata, insize);
-   return (ARCHIVE_OK);
- }
- 
- static int
- __archive_openssl_sha384final(archive_sha384_ctx *ctx, void *md)
- {
--  EVP_DigestFinal(ctx, md, NULL);
-+  if (*ctx) {
-+    EVP_DigestFinal(*ctx, md, NULL);
-+    EVP_MD_CTX_free(*ctx);
-+    *ctx = NULL;
-+  }
-   return (ARCHIVE_OK);
- }
- 
-@@ -1147,7 +1175,9 @@ __archive_nettle_sha512final(archive_sha
- static int
- __archive_openssl_sha512init(archive_sha512_ctx *ctx)
- {
--  EVP_DigestInit(ctx, EVP_sha512());
-+  if ((*ctx = EVP_MD_CTX_new()) == NULL)
-+	return (ARCHIVE_FAILED);
-+  EVP_DigestInit(*ctx, EVP_sha512());
-   return (ARCHIVE_OK);
- }
- 
-@@ -1155,14 +1185,18 @@ static int
- __archive_openssl_sha512update(archive_sha512_ctx *ctx, const void *indata,
-     size_t insize)
- {
--  EVP_DigestUpdate(ctx, indata, insize);
-+  EVP_DigestUpdate(*ctx, indata, insize);
-   return (ARCHIVE_OK);
- }
- 
- static int
- __archive_openssl_sha512final(archive_sha512_ctx *ctx, void *md)
- {
--  EVP_DigestFinal(ctx, md, NULL);
-+  if (*ctx) {
-+    EVP_DigestFinal(*ctx, md, NULL);
-+    EVP_MD_CTX_free(*ctx);
-+    *ctx = NULL;
-+  }
-   return (ARCHIVE_OK);
- }
- 
-diff -up libarchive-3.2.1/libarchive/archive_digest_private.h.openssl-1.1 libarchive-3.2.1/libarchive/archive_digest_private.h
---- libarchive-3.2.1/libarchive/archive_digest_private.h.openssl-1.1	2015-09-05 06:24:18.000000000 +0200
-+++ libarchive-3.2.1/libarchive/archive_digest_private.h	2016-10-11 16:20:24.348996576 +0200
-@@ -161,7 +161,7 @@ typedef CC_MD5_CTX archive_md5_ctx;
- #elif defined(ARCHIVE_CRYPTO_MD5_NETTLE)
- typedef struct md5_ctx archive_md5_ctx;
- #elif defined(ARCHIVE_CRYPTO_MD5_OPENSSL)
--typedef EVP_MD_CTX archive_md5_ctx;
-+typedef EVP_MD_CTX *archive_md5_ctx;
- #elif defined(ARCHIVE_CRYPTO_MD5_WIN)
- typedef Digest_CTX archive_md5_ctx;
- #else
-@@ -175,7 +175,7 @@ typedef RIPEMD160_CTX archive_rmd160_ctx
- #elif defined(ARCHIVE_CRYPTO_RMD160_NETTLE)
- typedef struct ripemd160_ctx archive_rmd160_ctx;
- #elif defined(ARCHIVE_CRYPTO_RMD160_OPENSSL)
--typedef EVP_MD_CTX archive_rmd160_ctx;
-+typedef EVP_MD_CTX *archive_rmd160_ctx;
- #else
- typedef unsigned char archive_rmd160_ctx;
- #endif
-@@ -189,7 +189,7 @@ typedef CC_SHA1_CTX archive_sha1_ctx;
- #elif defined(ARCHIVE_CRYPTO_SHA1_NETTLE)
- typedef struct sha1_ctx archive_sha1_ctx;
- #elif defined(ARCHIVE_CRYPTO_SHA1_OPENSSL)
--typedef EVP_MD_CTX archive_sha1_ctx;
-+typedef EVP_MD_CTX *archive_sha1_ctx;
- #elif defined(ARCHIVE_CRYPTO_SHA1_WIN)
- typedef Digest_CTX archive_sha1_ctx;
- #else
-@@ -209,7 +209,7 @@ typedef CC_SHA256_CTX archive_sha256_ctx
- #elif defined(ARCHIVE_CRYPTO_SHA256_NETTLE)
- typedef struct sha256_ctx archive_sha256_ctx;
- #elif defined(ARCHIVE_CRYPTO_SHA256_OPENSSL)
--typedef EVP_MD_CTX archive_sha256_ctx;
-+typedef EVP_MD_CTX *archive_sha256_ctx;
- #elif defined(ARCHIVE_CRYPTO_SHA256_WIN)
- typedef Digest_CTX archive_sha256_ctx;
- #else
-@@ -227,7 +227,7 @@ typedef CC_SHA512_CTX archive_sha384_ctx
- #elif defined(ARCHIVE_CRYPTO_SHA384_NETTLE)
- typedef struct sha384_ctx archive_sha384_ctx;
- #elif defined(ARCHIVE_CRYPTO_SHA384_OPENSSL)
--typedef EVP_MD_CTX archive_sha384_ctx;
-+typedef EVP_MD_CTX *archive_sha384_ctx;
- #elif defined(ARCHIVE_CRYPTO_SHA384_WIN)
- typedef Digest_CTX archive_sha384_ctx;
- #else
-@@ -247,7 +247,7 @@ typedef CC_SHA512_CTX archive_sha512_ctx
- #elif defined(ARCHIVE_CRYPTO_SHA512_NETTLE)
- typedef struct sha512_ctx archive_sha512_ctx;
- #elif defined(ARCHIVE_CRYPTO_SHA512_OPENSSL)
--typedef EVP_MD_CTX archive_sha512_ctx;
-+typedef EVP_MD_CTX *archive_sha512_ctx;
- #elif defined(ARCHIVE_CRYPTO_SHA512_WIN)
- typedef Digest_CTX archive_sha512_ctx;
- #else
-diff -up libarchive-3.2.1/libarchive/archive_hmac.c.openssl-1.1 libarchive-3.2.1/libarchive/archive_hmac.c
---- libarchive-3.2.1/libarchive/archive_hmac.c.openssl-1.1	2016-04-24 23:57:03.000000000 +0200
-+++ libarchive-3.2.1/libarchive/archive_hmac.c	2016-10-11 16:25:54.074787000 +0200
-@@ -176,8 +176,10 @@ __hmac_sha1_cleanup(archive_hmac_sha1_ct
- static int
- __hmac_sha1_init(archive_hmac_sha1_ctx *ctx, const uint8_t *key, size_t key_len)
- {
--	HMAC_CTX_init(ctx);
--	HMAC_Init(ctx, key, key_len, EVP_sha1());
-+	*ctx = HMAC_CTX_new();
-+	if (*ctx == NULL)
-+		return -1;
-+	HMAC_Init_ex(*ctx, key, key_len, EVP_sha1(), NULL);
- 	return 0;
- }
- 
-@@ -185,22 +187,22 @@ static void
- __hmac_sha1_update(archive_hmac_sha1_ctx *ctx, const uint8_t *data,
-     size_t data_len)
- {
--	HMAC_Update(ctx, data, data_len);
-+	HMAC_Update(*ctx, data, data_len);
- }
- 
- static void
- __hmac_sha1_final(archive_hmac_sha1_ctx *ctx, uint8_t *out, size_t *out_len)
- {
- 	unsigned int len = (unsigned int)*out_len;
--	HMAC_Final(ctx, out, &len);
-+	HMAC_Final(*ctx, out, &len);
- 	*out_len = len;
- }
- 
- static void
- __hmac_sha1_cleanup(archive_hmac_sha1_ctx *ctx)
- {
--	HMAC_CTX_cleanup(ctx);
--	memset(ctx, 0, sizeof(*ctx));
-+	HMAC_CTX_free(*ctx);
-+	*ctx = NULL;
- }
- 
- #else
-diff -up libarchive-3.2.1/libarchive/archive_hmac_private.h.openssl-1.1 libarchive-3.2.1/libarchive/archive_hmac_private.h
---- libarchive-3.2.1/libarchive/archive_hmac_private.h.openssl-1.1	2016-04-24 23:56:55.000000000 +0200
-+++ libarchive-3.2.1/libarchive/archive_hmac_private.h	2016-10-11 16:18:16.979989705 +0200
-@@ -72,7 +72,7 @@ typedef	struct hmac_sha1_ctx archive_hma
- #elif defined(HAVE_LIBCRYPTO)
- #include <openssl/hmac.h>
- 
--typedef	HMAC_CTX archive_hmac_sha1_ctx;
-+typedef	HMAC_CTX* archive_hmac_sha1_ctx;
- 
- #else
- 
diff --git a/libarchive-3.2.2-ftbfs-on-f26.patch b/libarchive-3.2.2-ftbfs-on-f26.patch
deleted file mode 100644
index 248bba3..0000000
--- a/libarchive-3.2.2-ftbfs-on-f26.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/cpio/test/test_option_t.c b/cpio/test/test_option_t.c
-index 6bcaee3..6e81e77 100644
---- a/cpio/test/test_option_t.c
-+++ b/cpio/test/test_option_t.c
-@@ -64,7 +64,7 @@ DEFINE_TEST(test_option_t)
- 	/* List reference archive verbosely, make sure the TOC is correct. */
- 	r = systemf("%s -itv < test_option_t.cpio >tv.out 2>tv.err", testprog);
- 	assertEqualInt(r, 0);
--	assertTextFileContents("1 block\n", "tv.err");
-+	/* assertTextFileContents("1 block\n", "tv.err"); */
- 	extract_reference_file("test_option_tv.stdout");
- 
- 	/* This doesn't work because the usernames on different systems
diff --git a/libarchive-3.3.1-cpio-getid.patch b/libarchive-3.3.1-cpio-getid.patch
new file mode 100644
index 0000000..682d0b3
--- /dev/null
+++ b/libarchive-3.3.1-cpio-getid.patch
@@ -0,0 +1,100 @@
+From 1bfa37818f5e6d8f4fe143084e81d0a102febcba Mon Sep 17 00:00:00 2001
+From: Pavel Raiskup <praiskup@redhat.com>
+Date: Mon, 20 Feb 2017 18:28:19 +0100
+Subject: [PATCH] bsdcpio: ignore ENOENT for get{grg,pwu}id()
+
+Starting from glibc 2.25, those calls set errno to ENOENT
+when the requested id is not found.  So let's stop throwing
+warning in this expected case.
+
+Also rework the api of lookup_* functions so it is guaranteed that
+lookup_name never returns NULL (unless ENOMEM).
+---
+ cpio/cpio.c | 46 ++++++++++++++++++++++------------------------
+ 1 file changed, 22 insertions(+), 24 deletions(-)
+
+diff --git a/cpio/cpio.c b/cpio/cpio.c
+index 6c20ee6..5961960 100644
+--- a/cpio/cpio.c
++++ b/cpio/cpio.c
+@@ -1344,23 +1344,23 @@ lookup_name(struct cpio *cpio, struct name_cache **name_cache_variable,
+ 		cache->cache[slot].name = NULL;
+ 	}
+ 
+-	if (lookup_fn(cpio, &name, id) == 0) {
+-		if (name == NULL || name[0] == '\0') {
+-			/* If lookup failed, format it as a number. */
+-			snprintf(asnum, sizeof(asnum), "%u", (unsigned)id);
+-			name = asnum;
+-		}
+-		cache->cache[slot].name = strdup(name);
+-		if (cache->cache[slot].name != NULL) {
+-			cache->cache[slot].id = id;
+-			return (cache->cache[slot].name);
+-		}
+-		/*
+-		 * Conveniently, NULL marks an empty slot, so
+-		 * if the strdup() fails, we've just failed to
+-		 * cache it.  No recovery necessary.
+-		 */
++	if (lookup_fn(cpio, &name, id)) {
++		/* If lookup failed, format it as a number. */
++		snprintf(asnum, sizeof(asnum), "%u", (unsigned)id);
++		name = asnum;
+ 	}
++
++	cache->cache[slot].name = strdup(name);
++	if (cache->cache[slot].name != NULL) {
++		cache->cache[slot].id = id;
++		return (cache->cache[slot].name);
++	}
++
++	/*
++	 * Conveniently, NULL marks an empty slot, so
++	 * if the strdup() fails, we've just failed to
++	 * cache it.  No recovery necessary.
++	 */
+ 	return (NULL);
+ }
+ 
+@@ -1381,15 +1381,14 @@ lookup_uname_helper(struct cpio *cpio, const char **name, id_t id)
+ 	errno = 0;
+ 	pwent = getpwuid((uid_t)id);
+ 	if (pwent == NULL) {
+-		*name = NULL;
+-		if (errno != 0 && errno != ENOENT)
++		if (errno && errno != ENOENT)
+ 			lafe_warnc(errno, "getpwuid(%s) failed",
+ 			    cpio_i64toa((int64_t)id));
+-		return (errno);
++		return 1;
+ 	}
+ 
+ 	*name = pwent->pw_name;
+-	return (0);
++	return 0;
+ }
+ 
+ static const char *
+@@ -1409,15 +1408,14 @@ lookup_gname_helper(struct cpio *cpio, const char **name, id_t id)
+ 	errno = 0;
+ 	grent = getgrgid((gid_t)id);
+ 	if (grent == NULL) {
+-		*name = NULL;
+-		if (errno != 0)
++		if (errno && errno != ENOENT)
+ 			lafe_warnc(errno, "getgrgid(%s) failed",
+ 			    cpio_i64toa((int64_t)id));
+-		return (errno);
++		return 1;
+ 	}
+ 
+ 	*name = grent->gr_name;
+-	return (0);
++	return 0;
+ }
+ 
+ /*
+-- 
+2.9.3
+
diff --git a/libarchive.spec b/libarchive.spec
index 46ac2fd..629b622 100644
--- a/libarchive.spec
+++ b/libarchive.spec
@@ -2,19 +2,16 @@
 }
 
 Name:           libarchive
-Version:        3.2.2
-Release:        3%{?dist}
+Version:        3.3.1
+Release:        1%{?dist}
 Summary:        A library for handling streaming archive formats
 
 License:        BSD
 URL:            http://www.libarchive.org/
 Source0:        http://www.libarchive.org/downloads/%{name}-%{version}.tar.gz
 
-# FTBFS rhbz#1423839 (temporary hack)
-Patch1: libarchive-3.2.2-ftbfs-on-f26.patch
-
-# Make it build with OpenSSL 1.1.0
-Patch3:         libarchive-3.2.1-openssl-1.1.patch
+# Upstream commit 1bfa37818f5e6
+Patch:          libarchive-3.3.1-cpio-getid.patch
 
 BuildRequires:  bison
 BuildRequires:  sharutils
@@ -221,6 +218,10 @@ run_testsuite
 
 
 %changelog
+* Tue Apr 18 2017 Pavel Raiskup <praiskup@redhat.com> - 3.3.1-1
+- the latest release, per release notes:
+  https://groups.google.com/forum/#!topic/libarchive-discuss/jfc7lBfrvVg
+
 * Mon Feb 20 2017 Pavel Raiskup <praiskup@redhat.com> - 3.2.2-3
 - temporary work-around for FTBFS (rhbz#1423839)