From 70468578b21fb80874d7291f56db44e32e47ace3 Mon Sep 17 00:00:00 2001
From: Gwyn Ciesla <gwync@protonmail.com>
Date: Nov 14 2022 20:25:47 +0000
Subject: Patch from Debian to use openssl 3.x


---

diff --git a/openssl3-compat.patch b/openssl3-compat.patch
new file mode 100644
index 0000000..247d56e
--- /dev/null
+++ b/openssl3-compat.patch
@@ -0,0 +1,130 @@
+Description: Compatibility with OpenSSL 3
+ We rely on RC4 because of the torrent protocol we're implementing, but this
+ is no longer available in the default provider.
+Author: Steve Langasek <steve.langasek@ubuntu.com>
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1946215
+Last-Update: 2021-12-13
+Forwarded: no
+
+Index: transmission-3.00/libtransmission/crypto-utils-openssl.c
+===================================================================
+--- libtransmission/crypto-utils-openssl.c
++++ libtransmission/crypto-utils-openssl.c
+@@ -20,6 +20,9 @@
+ #include <openssl/rand.h>
+ #include <openssl/ssl.h>
+ #include <openssl/x509.h>
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++#include <openssl/provider.h>
++#endif
+ 
+ #include "transmission.h"
+ #include "crypto-utils.h"
+@@ -182,46 +185,86 @@
+ 
+ #endif
+ 
++typedef struct tr_rc4_ctx {
++    EVP_CIPHER_CTX *cipher_ctx;
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++    OSSL_LIB_CTX *lib_ctx;
++#endif
++} tr_rc4_ctx;
++
+ tr_rc4_ctx_t tr_rc4_new(void)
+ {
+-    EVP_CIPHER_CTX* handle = EVP_CIPHER_CTX_new();
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++    OSSL_PROVIDER *legacy_provider = NULL;
++    OSSL_PROVIDER *default_provider = NULL;
++#endif
++    const EVP_CIPHER *cipher;
+ 
+-    if (check_result(EVP_CipherInit_ex(handle, EVP_rc4(), NULL, NULL, NULL, -1)))
++    tr_rc4_ctx *handle = malloc(sizeof(tr_rc4_ctx));
++
++    handle->cipher_ctx = EVP_CIPHER_CTX_new();
++
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++    handle->lib_ctx = OSSL_LIB_CTX_new();
++    TR_ASSERT(handle->lib_ctx);
++    legacy_provider = OSSL_PROVIDER_load(handle->lib_ctx, "legacy");
++    TR_ASSERT(legacy_provider);
++    default_provider = OSSL_PROVIDER_load(handle->lib_ctx, "default");
++    TR_ASSERT(default_provider);
++    
++    cipher = EVP_CIPHER_fetch(handle->lib_ctx, "RC4", NULL);
++#else
++    cipher = EVP_rc4();
++#endif
++
++    if (check_result(EVP_CipherInit_ex(handle->cipher_ctx, cipher, NULL, NULL,
++                                       NULL, -1)))
+     {
+         return handle;
+     }
+ 
+-    EVP_CIPHER_CTX_free(handle);
++    EVP_CIPHER_CTX_free(handle->cipher_ctx);
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++    OSSL_LIB_CTX_free(handle->lib_ctx);
++#endif
+     return NULL;
+ }
+ 
+-void tr_rc4_free(tr_rc4_ctx_t handle)
++void tr_rc4_free(tr_rc4_ctx_t h)
+ {
+-    if (handle == NULL)
++    if (h == NULL)
+     {
+         return;
+     }
+ 
+-    EVP_CIPHER_CTX_free(handle);
++    tr_rc4_ctx *handle = (tr_rc4_ctx *)h;
++
++    EVP_CIPHER_CTX_free(handle->cipher_ctx);
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++    OSSL_LIB_CTX_free(handle->lib_ctx);
++#endif
++    free(handle);
+ }
+ 
+-void tr_rc4_set_key(tr_rc4_ctx_t handle, uint8_t const* key, size_t key_length)
++void tr_rc4_set_key(tr_rc4_ctx_t h, uint8_t const* key, size_t key_length)
+ {
+-    TR_ASSERT(handle != NULL);
++    TR_ASSERT(h != NULL);
+     TR_ASSERT(key != NULL);
+ 
+-    if (!check_result(EVP_CIPHER_CTX_set_key_length(handle, key_length)))
++    tr_rc4_ctx *handle = (tr_rc4_ctx *)h;
++    if (!check_result(EVP_CIPHER_CTX_set_key_length(handle->cipher_ctx, key_length)))
+     {
+         return;
+     }
+ 
+-    check_result(EVP_CipherInit_ex(handle, NULL, NULL, key, NULL, -1));
++    check_result(EVP_CipherInit_ex(handle->cipher_ctx, NULL, NULL, key, NULL, -1));
+ }
+ 
+-void tr_rc4_process(tr_rc4_ctx_t handle, void const* input, void* output, size_t length)
++void tr_rc4_process(tr_rc4_ctx_t h, void const* input, void* output, size_t length)
+ {
+-    TR_ASSERT(handle != NULL);
++    TR_ASSERT(h != NULL);
+ 
++    tr_rc4_ctx *handle = (tr_rc4_ctx *)h;
+     if (length == 0)
+     {
+         return;
+@@ -232,7 +275,7 @@
+ 
+     int output_length;
+ 
+-    check_result(EVP_CipherUpdate(handle, output, &output_length, input, length));
++    check_result(EVP_CipherUpdate(handle->cipher_ctx, output, &output_length, input, length));
+ }
+ 
+ /***
diff --git a/transmission.spec b/transmission.spec
index 1c451ef..9ecce2b 100644
--- a/transmission.spec
+++ b/transmission.spec
@@ -2,7 +2,7 @@
 
 Name:           transmission
 Version:        3.00
-Release:        13%{?dist}
+Release:        14%{?dist}
 Summary:        A lightweight GTK+ BitTorrent client
 # See COPYING. This licensing situation is... special.
 License:        MIT and GPLv2
@@ -15,9 +15,10 @@ Patch1:		transmission-fdlimits.patch
 # Fix the DBus name to match the app name for flatpak builds
 # https://github.com/transmission/transmission/pull/847
 Patch2:         0001-gtk-use-com.transmissionbt.Transmission.-D-Bus-names.patch
+Patch3:         openssl3-compat.patch
 
 BuildRequires: make
-BuildRequires:  openssl1.1-devel >= 1.1.0
+BuildRequires:  openssl-devel
 BuildRequires:  glib2-devel >= 2.32.0
 BuildRequires:  gtk3-devel >= 3.2.0
 BuildRequires:  libnotify-devel >= 0.4.3
@@ -181,6 +182,9 @@ desktop-file-install \
 %doc %{_mandir}/man1/transmission-qt.*
 
 %changelog
+* Mon Nov 14 2022 Gwyn Ciesla <gwync@protonmail.com> - 3.00-14
+- Patch from Debian to use OpenSSL 3.x
+
 * Mon Aug 22 2022 Gwyn Ciesla <gwync@protonmail.com> - 3.00-13
 - Move to OpenSSL 1.1