From ba2754e22c168e632f26b07b61dabdf445898e34 Mon Sep 17 00:00:00 2001
From: Nicola Sella <nsella@redhat.com>
Date: Mon, 31 Oct 2022 15:54:52 +0100
Subject: [PATCH] Backport patch for OpenSSL 3.0 API

Resolves: rhbz#2004860
---
 ...-functions-to-use-3.0-compatible-API.patch | 177 ++++++++++++++++++
 libsolv.spec                                  |   6 +-
 2 files changed, 182 insertions(+), 1 deletion(-)
 create mode 100644 0002-Move-OpenSSL-functions-to-use-3.0-compatible-API.patch

diff --git a/0002-Move-OpenSSL-functions-to-use-3.0-compatible-API.patch b/0002-Move-OpenSSL-functions-to-use-3.0-compatible-API.patch
new file mode 100644
index 0000000..d934717
--- /dev/null
+++ b/0002-Move-OpenSSL-functions-to-use-3.0-compatible-API.patch
@@ -0,0 +1,177 @@
+From 3f20e26f92a869ab3b19753883206df004c7d4dc Mon Sep 17 00:00:00 2001
+From: Jan Kolarik <jkolarik@redhat.com>
+Date: Mon, 26 Sep 2022 16:29:44 +0000
+Subject: [PATCH] Move OpenSSL functions to use 3.0 compatible API.
+
+Also fixing the clone and cleanup functions.
+---
+ src/chksum.c | 132 +++++++++++++++++++++++++++++++++++++++++----------
+ 1 file changed, 106 insertions(+), 26 deletions(-)
+
+diff --git a/src/chksum.c b/src/chksum.c
+index 9189b744..b5c3370a 100644
+--- a/src/chksum.c
++++ b/src/chksum.c
+@@ -17,31 +17,38 @@
+ 
+ #ifdef WITH_OPENSSL
+ 
+-#include <openssl/md5.h>
+-#include <openssl/sha.h>
+-
+-typedef SHA_CTX SHA1_CTX;
+-typedef SHA256_CTX SHA224_CTX;
+-typedef SHA512_CTX SHA384_CTX;
+-
+-#define solv_MD5_Init(ctx) MD5_Init(ctx)
+-#define solv_MD5_Update(ctx, data, len) MD5_Update(ctx, data, len)
+-#define solv_MD5_Final(md, ctx) MD5_Final(md, ctx)
+-#define solv_SHA1_Init(ctx) SHA1_Init(ctx)
+-#define solv_SHA1_Update(ctx, data, len) SHA1_Update(ctx, data, len)
+-#define solv_SHA1_Final(ctx, md) SHA1_Final(md, ctx)
+-#define solv_SHA224_Init(ctx) SHA224_Init(ctx)
+-#define solv_SHA224_Update(ctx, data, len) SHA224_Update(ctx, data, len)
+-#define solv_SHA224_Final(md, ctx) SHA224_Final(md, ctx)
+-#define solv_SHA256_Init(ctx) SHA256_Init(ctx)
+-#define solv_SHA256_Update(ctx, data, len) SHA256_Update(ctx, data, len)
+-#define solv_SHA256_Final(md, ctx) SHA256_Final(md, ctx)
+-#define solv_SHA384_Init(ctx) SHA384_Init(ctx)
+-#define solv_SHA384_Update(ctx, data, len) SHA384_Update(ctx, data, len)
+-#define solv_SHA384_Final(md, ctx) SHA384_Final(md, ctx)
+-#define solv_SHA512_Init(ctx) SHA512_Init(ctx)
+-#define solv_SHA512_Update(ctx, data, len) SHA512_Update(ctx, data, len)
+-#define solv_SHA512_Final(md, ctx) SHA512_Final(md, ctx)
++#include <openssl/evp.h>
++
++typedef EVP_MD_CTX* MD5_CTX;
++typedef EVP_MD_CTX* SHA1_CTX;
++typedef EVP_MD_CTX* SHA224_CTX;
++typedef EVP_MD_CTX* SHA256_CTX;
++typedef EVP_MD_CTX* SHA384_CTX;
++typedef EVP_MD_CTX* SHA512_CTX;
++
++#define solv_MD5_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_md5(), NULL); }
++#define solv_MD5_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
++#define solv_MD5_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
++
++#define solv_SHA1_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha1(), NULL); }
++#define solv_SHA1_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
++#define solv_SHA1_Final(ctx, md) EVP_DigestFinal_ex(*ctx, md, NULL)
++
++#define solv_SHA224_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha224(), NULL); }
++#define solv_SHA224_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
++#define solv_SHA224_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
++
++#define solv_SHA256_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha256(), NULL); }
++#define solv_SHA256_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
++#define solv_SHA256_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
++
++#define solv_SHA384_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha384(), NULL); }
++#define solv_SHA384_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
++#define solv_SHA384_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
++
++#define solv_SHA512_Init(ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit_ex(*ctx, EVP_sha512(), NULL); }
++#define solv_SHA512_Update(ctx, data, len) EVP_DigestUpdate(*ctx, data, len)
++#define solv_SHA512_Final(md, ctx) EVP_DigestFinal_ex(*ctx, md, NULL)
+ 
+ #else
+ 
+@@ -69,6 +76,72 @@ struct s_Chksum {
+   } c;
+ };
+ 
++#ifdef WITH_OPENSSL
++
++void
++openssl_ctx_copy(Chksum *chk_out, Chksum *chk_in)
++{
++  switch(chk_in->type)
++    {
++    case REPOKEY_TYPE_MD5:
++      chk_out->c.md5 = EVP_MD_CTX_new();
++      EVP_MD_CTX_copy_ex(chk_out->c.md5, chk_in->c.md5);
++      return;
++    case REPOKEY_TYPE_SHA1:
++      chk_out->c.sha1 = EVP_MD_CTX_new();
++      EVP_MD_CTX_copy_ex(chk_out->c.sha1, chk_in->c.sha1);
++      return;
++    case REPOKEY_TYPE_SHA224:
++      chk_out->c.sha224 = EVP_MD_CTX_new();
++      EVP_MD_CTX_copy_ex(chk_out->c.sha224, chk_in->c.sha224);
++      return;
++    case REPOKEY_TYPE_SHA256:
++      chk_out->c.sha256 = EVP_MD_CTX_new();
++      EVP_MD_CTX_copy_ex(chk_out->c.sha256, chk_in->c.sha256);
++      return;
++    case REPOKEY_TYPE_SHA384:
++      chk_out->c.sha384 = EVP_MD_CTX_new();
++      EVP_MD_CTX_copy_ex(chk_out->c.sha384, chk_in->c.sha384);
++      return;
++    case REPOKEY_TYPE_SHA512:
++      chk_out->c.sha512 = EVP_MD_CTX_new();
++      EVP_MD_CTX_copy_ex(chk_out->c.sha512, chk_in->c.sha512);
++      return;
++    default:
++      return;
++    }
++}
++
++void
++openssl_ctx_free(Chksum *chk)
++{
++  switch(chk->type)
++    {
++    case REPOKEY_TYPE_MD5:
++      EVP_MD_CTX_free(chk->c.md5);
++      return;
++    case REPOKEY_TYPE_SHA1:
++      EVP_MD_CTX_free(chk->c.sha1);
++      return;
++    case REPOKEY_TYPE_SHA224:
++      EVP_MD_CTX_free(chk->c.sha224);
++      return;
++    case REPOKEY_TYPE_SHA256:
++      EVP_MD_CTX_free(chk->c.sha256);
++      return;
++    case REPOKEY_TYPE_SHA384:
++      EVP_MD_CTX_free(chk->c.sha384);
++      return;
++    case REPOKEY_TYPE_SHA512:
++      EVP_MD_CTX_free(chk->c.sha512);
++      return;
++    default:
++      return;
++    }
++}
++
++#endif
++
+ Chksum *
+ solv_chksum_create(Id type)
+ {
+@@ -105,7 +178,11 @@ solv_chksum_create(Id type)
+ Chksum *
+ solv_chksum_create_clone(Chksum *chk)
+ {
+-  return solv_memdup(chk, sizeof(*chk));
++  Chksum *chk_clone = solv_memdup(chk, sizeof(*chk));
++#ifdef WITH_OPENSSL
++  openssl_ctx_copy(chk_clone, chk);
++#endif
++  return chk_clone;
+ }
+ 
+ int
+@@ -291,6 +368,9 @@ solv_chksum_free(Chksum *chk, unsigned char *cp)
+       if (l && res)
+         memcpy(cp, res, l);
+     }
++#ifdef WITH_OPENSSL
++  openssl_ctx_free(chk);
++#endif
+   solv_free(chk);
+   return 0;
+ }
+-- 
+2.37.3
+
diff --git a/libsolv.spec b/libsolv.spec
index 5fa2b63..427e782 100644
--- a/libsolv.spec
+++ b/libsolv.spec
@@ -23,7 +23,7 @@
 
 Name:           lib%{libname}
 Version:        0.7.22
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Package dependency solver
 
 License:        BSD
@@ -31,6 +31,7 @@ URL:            https://github.com/openSUSE/libsolv
 Source:         %{url}/archive/%{version}/%{name}-%{version}.tar.gz
 # https://bugzilla.redhat.com/show_bug.cgi?id=1993126
 Patch1:         0001-Add-support-for-computing-hashes-using-OpenSSL.patch
+Patch2:         0002-Move-OpenSSL-functions-to-use-3.0-compatible-API.patch
 
 BuildRequires:  cmake
 BuildRequires:  gcc-c++
@@ -257,6 +258,9 @@ export LD_LIBRARY_PATH=%{buildroot}%{_libdir}
 %endif
 
 %changelog
+* Mon Oct 31 2022 Nicola Sella <nsella@redhat.com> - 0.7.22-2
+- Move OpenSSL functions to use 3.0 compatible API
+
 * Thu Apr 28 2022 Pavla Kratochvilova <pkratoch@redhat.com> - 0.7.22-1
 - Update to 0.7.22
 - support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY