From 4c7125abf0dbc8103020a345915a9c30e87432c1 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <landgraf@fedoraproject.org>
Date: Apr 04 2017 19:34:22 +0000
Subject: Add OpenSSL 1.1 support (#1423812)


---

diff --git a/kea-openssl-1.1.patch b/kea-openssl-1.1.patch
new file mode 100644
index 0000000..ad8d140
--- /dev/null
+++ b/kea-openssl-1.1.patch
@@ -0,0 +1,145 @@
+Author: Adam Majer <adamm@zombino.com>
+Summary: Add OpenSSL 1.1 support.
+PR: https://github.com/isc-projects/kea/pull/34
+
+--- a/src/lib/cryptolink/openssl_hash.cc
++++ b/src/lib/cryptolink/openssl_hash.cc
+@@ -5,11 +5,11 @@
+ // file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ 
+ #include <cryptolink.h>
+ #include <cryptolink/crypto_hash.h>
+ 
+-#include <boost/scoped_ptr.hpp>
++#include <boost/move/unique_ptr.hpp>
+ 
+ #include <openssl/evp.h>
+ 
+ #include <cryptolink/openssl_common.h>
+ 
+@@ -60,24 +60,17 @@ public:
+             isc_throw(isc::cryptolink::UnsupportedAlgorithm,
+                       "Unknown hash algorithm: " <<
+                       static_cast<int>(hash_algorithm));
+         }
+ 
+-        md_.reset(new EVP_MD_CTX);
++        md_.reset(EVP_MD_CTX_new());
+ 
+         EVP_MD_CTX_init(md_.get());
+ 
+         EVP_DigestInit_ex(md_.get(), algo, NULL);
+     }
+ 
+-    /// @brief Destructor
+-    ~HashImpl() {
+-        if (md_) {
+-            EVP_MD_CTX_cleanup(md_.get());
+-        }
+-    }
+-
+     /// @brief Returns the output size of the digest
+     ///
+     /// @return output size of the digest
+     size_t getOutputLength() const {
+         return (EVP_MD_CTX_size(md_.get()));
+@@ -128,12 +121,25 @@ public:
+         }
+         return (std::vector<uint8_t>(digest.begin(), digest.end()));
+     }
+ 
+ private:
++    class EvpDeleter {
++    public:
++        void operator()(EVP_MD_CTX *ptr) {EVP_MD_CTX_free(ptr);}
++    };
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++    static EVP_MD_CTX* EVP_MD_CTX_new() { return new EVP_MD_CTX; }
++    static void EVP_MD_CTX_free(EVP_MD_CTX *ptr) {
++        EVP_MD_CTX_cleanup(ptr);
++        delete ptr;
++    }
++#endif
++
+     /// @brief The protected pointer to the OpenSSL EVP_MD_CTX structure
+-    boost::scoped_ptr<EVP_MD_CTX> md_;
++    boost::movelib::unique_ptr<EVP_MD_CTX, EvpDeleter> md_;
+ };
+ 
+ Hash::Hash(const HashAlgorithm hash_algorithm)
+ {
+     impl_ = new HashImpl(hash_algorithm);
+--- a/src/lib/cryptolink/openssl_hmac.cc
++++ b/src/lib/cryptolink/openssl_hmac.cc
+@@ -5,11 +5,11 @@
+ // file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ 
+ #include <cryptolink.h>
+ #include <cryptolink/crypto_hmac.h>
+ 
+-#include <boost/scoped_ptr.hpp>
++#include <boost/move/unique_ptr.hpp>
+ 
+ #include <openssl/hmac.h>
+ 
+ #include <cryptolink/openssl_common.h>
+ 
+@@ -39,25 +39,16 @@ public:
+         }
+         if (secret_len == 0) {
+             isc_throw(BadKey, "Bad HMAC secret length: 0");
+         }
+ 
+-        md_.reset(new HMAC_CTX);
+-        HMAC_CTX_init(md_.get());
+-
++        md_.reset(HMAC_CTX_new());
+         HMAC_Init_ex(md_.get(), secret,
+                      static_cast<int>(secret_len),
+                      algo, NULL);
+     }
+ 
+-    /// @brief Destructor
+-    ~HMACImpl() {
+-        if (md_) {
+-            HMAC_CTX_cleanup(md_.get());
+-        }
+-    }
+-
+     /// @brief Returns the output size of the digest
+     ///
+     /// @return output size of the digest
+     size_t getOutputLength() const {
+         int size = HMAC_size(md_.get());
+@@ -128,13 +119,29 @@ public:
+         }
+         return (digest.same(sig, len));
+     }
+ 
+ private:
++    class HMAC_Deleter {
++    public:
++        void operator()(HMAC_CTX *ptr) { HMAC_CTX_free(ptr); }
++    };
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++    static HMAC_CTX* HMAC_CTX_new() {
++        HMAC_CTX *ptr = new HMAC_CTX;
++        HMAC_CTX_init(ptr);
++        return ptr;
++    }
++    static void HMAC_CTX_free(HMAC_CTX *ptr) {
++        HMAC_CTX_cleanup(ptr);
++        delete ptr;
++    }
++#endif
+ 
+     /// @brief The protected pointer to the OpenSSL HMAC_CTX structure
+-    boost::scoped_ptr<HMAC_CTX> md_;
++    boost::movelib::unique_ptr<HMAC_CTX, HMAC_Deleter> md_;
+ };
+ 
+ HMAC::HMAC(const void* secret, size_t secret_length,
+            const HashAlgorithm hash_algorithm)
+ {
diff --git a/kea.spec b/kea.spec
index 3c8d02b..d97dbf5 100644
--- a/kea.spec
+++ b/kea.spec
@@ -10,13 +10,15 @@
 Summary:  DHCPv4, DHCPv6 and DDNS server from ISC
 Name:     kea
 Version:  1.1.0
-Release:  2%{?dist}
+Release:  3%{?dist}
 License:  MPLv2.0 and Boost
 URL:      http://kea.isc.org
 Source0:  http://ftp.isc.org/isc/kea/%{VERSION}/kea-%{VERSION}.tar.gz
 
 # http://kea.isc.org/ticket/3529
 Patch0:   kea-systemd.patch
+## https://github.com/isc-projects/kea/pull/34
+Patch1: kea-openssl-1.1.patch
 
 # autoreconf
 BuildRequires: autoconf automake libtool
@@ -77,6 +79,7 @@ Header files and API documentation.
 %setup -q -n kea-%{VERSION}
 
 %patch0 -p1 -b .systemd
+%patch1 -p1 -b .openssl
 
 # install leases db in /var/lib/kea/ not /var/kea/
 # http://kea.isc.org/ticket/3523
@@ -240,6 +243,9 @@ EOF
 %{_libdir}/pkgconfig/dns++.pc
 
 %changelog
+* Tue Apr 04 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 1.1.0-3
+- Add patch for OpenSSL 1.1. Fix FTBFS (#1423812)
+
 * Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild