Include patch for OpenSSL 1.1 support

3 files changed, 94 insertions, 8 deletions

diff --git a/.SRCINFO b/.SRCINFO
index b578596aee78..0d15ac30ac03 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,9 +1,7 @@
-# Generated by mksrcinfo v8
-# Fri Sep 29 20:38:33 UTC 2017
 pkgbase = gnupg-pkcs11-scd
 	pkgdesc = A smart-card daemon to enable the use of PKCS11 tokens with GnuPG.
 	pkgver = 0.9.1
-	pkgrel = 0
+	pkgrel = 1
 	url = http://gnupg-pkcs11.sourceforge.net
 	arch = arm
 	arch = i686
@@ -13,9 +11,11 @@ pkgbase = gnupg-pkcs11-scd
 	depends = libgpg-error
 	depends = libassuan
 	depends = libgcrypt
-	depends = openssl-1.0
+	depends = openssl
 	source = https://github.com/alonbl/gnupg-pkcs11-scd/releases/download/gnupg-pkcs11-scd-0.9.1/gnupg-pkcs11-scd-0.9.1.tar.bz2
+	source = openssl11.patch
 	md5sums = f8657b13d14b055c58c8f3cc065421d9
+	md5sums = 5fed5d73bbf3f8692fd58af12e41a088
 
 pkgname = gnupg-pkcs11-scd
 
diff --git a/PKGBUILD b/PKGBUILD
index 6f0aaad4a4b4..dc5b2588c363 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,13 +1,21 @@
 pkgname=gnupg-pkcs11-scd
 pkgver=0.9.1
-pkgrel=0
+pkgrel=1
 pkgdesc="A smart-card daemon to enable the use of PKCS11 tokens with GnuPG."
 url="http://gnupg-pkcs11.sourceforge.net"
 license=("BSD")
-depends=(pkcs11-helper libgpg-error libassuan libgcrypt openssl-1.0)
+depends=(pkcs11-helper libgpg-error libassuan libgcrypt openssl)
 arch=('arm' 'i686' 'x86_64')
-md5sums=('f8657b13d14b055c58c8f3cc065421d9')
-source=(https://github.com/alonbl/gnupg-pkcs11-scd/releases/download/$pkgname-$pkgver/$pkgname-$pkgver.tar.bz2)
+md5sums=('f8657b13d14b055c58c8f3cc065421d9'
+         '5fed5d73bbf3f8692fd58af12e41a088')
+source=(https://github.com/alonbl/gnupg-pkcs11-scd/releases/download/$pkgname-$pkgver/$pkgname-$pkgver.tar.bz2
+	openssl11.patch)
+
+prepare() {
+  cd "$srcdir/$pkgname-$pkgver"
+
+  patch -Np1 -i "${srcdir}/openssl11.patch"
+}
 
 build() {
     cd "$srcdir/$pkgname-$pkgver"
diff --git a/openssl11.patch b/openssl11.patch
new file mode 100644
index 000000000000..72b589c58559
--- /dev/null
+++ b/openssl11.patch
@@ -0,0 +1,78 @@
+From b9e1828d2d7ec50ebb8ca16bd70529256e9cebab Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Fri, 6 Oct 2017 02:37:08 +0300
+Subject: [PATCH] gnupg-pkcs11-scd: support openssl-1.1
+
+Thanks: Thorsten Alteholz
+Thanks: W. Michael Petullo
+---
+ ChangeLog                  |  1 +
+ gnupg-pkcs11-scd/keyutil.c | 30 +++++++++++++++++++++++++++---
+ 2 files changed, 28 insertions(+), 3 deletions(-)
+
+diff --git a/gnupg-pkcs11-scd/keyutil.c b/gnupg-pkcs11-scd/keyutil.c
+index 443c629..5f9b20f 100644
+--- a/gnupg-pkcs11-scd/keyutil.c
++++ b/gnupg-pkcs11-scd/keyutil.c
+@@ -44,6 +44,21 @@ typedef unsigned char *my_openssl_d2i_t;
+ #else
+ typedef const unsigned char *my_openssl_d2i_t;
+ #endif
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) {
++	if (n != NULL) {
++		*n = r->n;
++	}
++	if (e != NULL) {
++		*e = r->e;
++	}
++	if (d != NULL) {
++		*d = r->d;
++	}
++}
++#endif
++
+ #endif
+ 
+ gpg_err_code_t
+@@ -63,6 +78,8 @@ keyutil_get_cert_mpi (
+ #elif defined(ENABLE_OPENSSL)
+ 	X509 *x509 = NULL;
+ 	EVP_PKEY *pubkey = NULL;
++	RSA *rsa = NULL;
++	const BIGNUM *n, *e;
+ 	char *n_hex = NULL, *e_hex = NULL;
+ #endif
+ 
+@@ -106,13 +123,15 @@ keyutil_get_cert_mpi (
+ 		goto cleanup;
+ 	}
+  
+-	if (pubkey->type != EVP_PKEY_RSA) {
++	if ((rsa = EVP_PKEY_get1_RSA(pubkey)) == NULL) {
+ 		error = GPG_ERR_WRONG_PUBKEY_ALGO;
+ 		goto cleanup;
+ 	}
+ 
+-	n_hex = BN_bn2hex (pubkey->pkey.rsa->n);
+-	e_hex = BN_bn2hex (pubkey->pkey.rsa->e);
++	RSA_get0_key(rsa, &n, &e, NULL);
++
++	n_hex = BN_bn2hex (n);
++	e_hex = BN_bn2hex (e);
+ 
+ 	if(n_hex == NULL || e_hex == NULL) {
+ 		error = GPG_ERR_BAD_KEY;
+@@ -177,6 +196,11 @@ keyutil_get_cert_mpi (
+ 		pubkey = NULL;
+ 	}
+ 
++	if (rsa != NULL) {
++		RSA_free(rsa);
++		rsa = NULL;
++	}
++
+ 	if (n_hex != NULL) {
+ 		OPENSSL_free (n_hex);
+ 		n_hex = NULL;