From c8148443e5caadc14b2d4f24ff24ec4186abbca8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lubo=C5=A1=20Uhliarik?= <luhliari@redhat.com>
Date: Thu, 5 Aug 2021 22:33:36 +0200
Subject: [PATCH] Resolves: #1985231 - squid: FTBFS because of OpenSSL 3.0
 preprocessor macro   changes

---
 squid-5.0.6-openssl3.patch | 168 +++++++++++++++++++++++++++++++++++++
 squid.spec                 |   2 +
 2 files changed, 170 insertions(+)

diff --git a/squid-5.0.6-openssl3.patch b/squid-5.0.6-openssl3.patch
index c3a7a7d..32ff6ee 100644
--- a/squid-5.0.6-openssl3.patch
+++ b/squid-5.0.6-openssl3.patch
@@ -15,3 +15,171 @@ index 3ad135d..73912ce 100644
  static int
  ssl_dupAclChecklist(CRYPTO_EX_DATA *, const CRYPTO_EX_DATA *, void *,
                      int, long, void *)
+diff --git a/src/security/PeerOptions.cc b/src/security/PeerOptions.cc
+index cf1d4ba..4346ba5 100644
+--- a/src/security/PeerOptions.cc
++++ b/src/security/PeerOptions.cc
+@@ -297,130 +297,130 @@ static struct ssl_option {
+ 
+ } ssl_options[] = {
+ 
+-#if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
++#ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
+     {
+         "NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
+     },
+ #endif
+-#if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
++#ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
+     {
+         "SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
+     },
+ #endif
+-#if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
++#ifdef SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+     {
+         "MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+     },
+ #endif
+-#if SSL_OP_SSLEAY_080_CLIENT_DH_BUG
++#ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+     {
+         "SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+     },
+ #endif
+-#if SSL_OP_TLS_D5_BUG
++#ifdef SSL_OP_TLS_D5_BUG
+     {
+         "TLS_D5_BUG", SSL_OP_TLS_D5_BUG
+     },
+ #endif
+-#if SSL_OP_TLS_BLOCK_PADDING_BUG
++#ifdef SSL_OP_TLS_BLOCK_PADDING_BUG
+     {
+         "TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG
+     },
+ #endif
+-#if SSL_OP_TLS_ROLLBACK_BUG
++#ifdef SSL_OP_TLS_ROLLBACK_BUG
+     {
+         "TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG
+     },
+ #endif
+-#if SSL_OP_ALL
++#ifdef SSL_OP_ALL
+     {
+         "ALL", (long)SSL_OP_ALL
+     },
+ #endif
+-#if SSL_OP_SINGLE_DH_USE
++#ifdef SSL_OP_SINGLE_DH_USE
+     {
+         "SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE
+     },
+ #endif
+-#if SSL_OP_EPHEMERAL_RSA
++#ifdef SSL_OP_EPHEMERAL_RSA
+     {
+         "EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA
+     },
+ #endif
+-#if SSL_OP_PKCS1_CHECK_1
++#ifdef SSL_OP_PKCS1_CHECK_1
+     {
+         "PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1
+     },
+ #endif
+-#if SSL_OP_PKCS1_CHECK_2
++#ifdef SSL_OP_PKCS1_CHECK_2
+     {
+         "PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2
+     },
+ #endif
+-#if SSL_OP_NETSCAPE_CA_DN_BUG
++#ifdef SSL_OP_NETSCAPE_CA_DN_BUG
+     {
+         "NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG
+     },
+ #endif
+-#if SSL_OP_NON_EXPORT_FIRST
++#ifdef SSL_OP_NON_EXPORT_FIRST
+     {
+         "NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
+     },
+ #endif
+-#if SSL_OP_CIPHER_SERVER_PREFERENCE
++#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
+     {
+         "CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE
+     },
+ #endif
+-#if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
++#ifdef SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
+     {
+         "NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
+     },
+ #endif
+-#if SSL_OP_NO_SSLv3
++#ifdef SSL_OP_NO_SSLv3
+     {
+         "NO_SSLv3", SSL_OP_NO_SSLv3
+     },
+ #endif
+-#if SSL_OP_NO_TLSv1
++#ifdef SSL_OP_NO_TLSv1
+     {
+         "NO_TLSv1", SSL_OP_NO_TLSv1
+     },
+ #else
+     { "NO_TLSv1", 0 },
+ #endif
+-#if SSL_OP_NO_TLSv1_1
++#ifdef SSL_OP_NO_TLSv1_1
+     {
+         "NO_TLSv1_1", SSL_OP_NO_TLSv1_1
+     },
+ #else
+     { "NO_TLSv1_1", 0 },
+ #endif
+-#if SSL_OP_NO_TLSv1_2
++#ifdef SSL_OP_NO_TLSv1_2
+     {
+         "NO_TLSv1_2", SSL_OP_NO_TLSv1_2
+     },
+ #else
+     { "NO_TLSv1_2", 0 },
+ #endif
+-#if SSL_OP_NO_TLSv1_3
++#ifdef SSL_OP_NO_TLSv1_3
+     {
+         "NO_TLSv1_3", SSL_OP_NO_TLSv1_3
+     },
+ #else
+     { "NO_TLSv1_3", 0 },
+ #endif
+-#if SSL_OP_NO_COMPRESSION
++#ifdef SSL_OP_NO_COMPRESSION
+     {
+         "No_Compression", SSL_OP_NO_COMPRESSION
+     },
+ #endif
+-#if SSL_OP_NO_TICKET
++#ifdef SSL_OP_NO_TICKET
+     {
+         "NO_TICKET", SSL_OP_NO_TICKET
+     },
+ #endif
+-#if SSL_OP_SINGLE_ECDH_USE
++#ifdef SSL_OP_SINGLE_ECDH_USE
+     {
+         "SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE
+     },
+@@ -512,7 +512,7 @@ Security::PeerOptions::parseOptions()
+ 
+     }
+ 
+-#if SSL_OP_NO_SSLv2
++#ifdef SSL_OP_NO_SSLv2
+     // compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0
+     op = op | SSL_OP_NO_SSLv2;
+ #endif
diff --git a/squid.spec b/squid.spec
index 491a954..72e6085 100644
--- a/squid.spec
+++ b/squid.spec
@@ -348,6 +348,8 @@ fi
 * Thu Aug 05 2021 Luboš Uhliarik <luhliari@redhat.com> - 7:5.1-1
 - new version 5.1
 - Resolves: #1990517 - Rebase squid to 5.1
+- Resolves: #1985231 - squid: FTBFS because of OpenSSL 3.0 preprocessor macro
+  changes
 
 * Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 7:5.0.6-4
 - Rebuilt for RHEL 9 BETA for openssl 3.0