From 6f7d71c02ccb4a74bdafb245d3442baee1bb7378 Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
Date: Tue, 3 Aug 2021 16:13:46 +0200
Subject: [PATCH] Stunnel cannot use an encrypted private key being built
 against OpenSSL 3.0

Resolves: rhbz#1976854
---
 stunnel-5.58-openssl30.patch | 24 ++++++++----------------
 stunnel.spec                 |  6 +++++-
 2 files changed, 13 insertions(+), 17 deletions(-)

diff --git a/stunnel-5.58-openssl30.patch b/stunnel-5.58-openssl30.patch
index 26cb588..f786bd2 100644
--- a/stunnel-5.58-openssl30.patch
+++ b/stunnel-5.58-openssl30.patch
@@ -1,19 +1,11 @@
 diff -up stunnel-5.58/src/ctx.c.openssl30 stunnel-5.58/src/ctx.c
---- stunnel-5.58/src/ctx.c.openssl30	2021-07-28 11:12:05.743832246 +0200
-+++ stunnel-5.58/src/ctx.c	2021-07-28 11:18:19.318021120 +0200
-@@ -1015,6 +1015,15 @@ NOEXPORT int ui_retry() {
+--- stunnel-5.58/src/ctx.c.openssl30	2021-08-03 16:02:24.687409192 +0200
++++ stunnel-5.58/src/ctx.c	2021-08-03 16:03:36.889009510 +0200
+@@ -1011,6 +1011,7 @@ NOEXPORT int ui_retry() {
+         switch(ERR_GET_REASON(err)) {
+         case UI_R_RESULT_TOO_LARGE:
+         case UI_R_RESULT_TOO_SMALL:
++        case UI_R_PROCESSING_ERROR:
+             return 1;
          default:
              return 0;
-         }
-+#ifdef ERR_LIB_OSSL_DECODER
-+    case ERR_LIB_OSSL_DECODER:
-+        switch(ERR_GET_REASON(err)) {
-+        case ERR_R_UNSUPPORTED:
-+            return 1;
-+        default:
-+            return 0;
-+        }
-+#endif
-     case ERR_LIB_USER: /* PKCS#11 hacks */
-         switch(ERR_GET_REASON(err)) {
-         case 7UL: /* CKR_ARGUMENTS_BAD */
diff --git a/stunnel.spec b/stunnel.spec
index 85a8548..8655779 100644
--- a/stunnel.spec
+++ b/stunnel.spec
@@ -10,7 +10,7 @@
 Summary: A TLS-encrypting socket wrapper
 Name: stunnel
 Version: 5.58
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2
 URL: http://www.stunnel.org/
 Source0: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz
@@ -143,6 +143,10 @@ make test || (for i in tests/logs/*.log ; do echo "$i": ; cat "$i" ; done)
 %systemd_postun_with_restart %{name}.service
 
 %changelog
+* Tue Aug 03 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 5.58-5
+- Stunnel cannot use an encrypted private key being built against OpenSSL 3.0
+- Resolves: rhbz#1976854
+
 * Wed Jul 28 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 5.58-4
 - Stunnel cannot use an encrypted private key being built against OpenSSL 3.0
 - Resolves: rhbz#1976854