[SCM] libshout/master: Switch to OpenSSL 1.1

Sun Nov 26 16:50:28 UTC 2017

The following commit has been merged in the master branch:
commit 0bea819b802b4ff640d9b583a49e7d21b9782ddf
Author: James Cowgill <jcowgill at debian.org>
Date:   Sun Nov 26 16:18:26 2017 +0000

    Switch to OpenSSL 1.1
    
    Closes: #873647

diff --git a/debian/control b/debian/control
index 21a1a1a..956c86d 100644
--- a/debian/control
+++ b/debian/control
@@ -18,7 +18,7 @@ Build-Depends: cdbs,
  pkg-config,
  libtheora-dev,
  libspeex-dev,
- libssl1.0-dev,
+ libssl-dev,
  d-shlibs (>= 0.48),
  pkg-kde-tools
 Vcs-Git: https://anonscm.debian.org/git/pkg-multimedia/libshout.git
diff --git a/debian/patches/01-libshout-tls-compile-with-OpenSSL-1.1.0.patch b/debian/patches/01-libshout-tls-compile-with-OpenSSL-1.1.0.patch
new file mode 100644
index 0000000..befd16e
--- /dev/null
+++ b/debian/patches/01-libshout-tls-compile-with-OpenSSL-1.1.0.patch
@@ -0,0 +1,58 @@
+From 01fafc449f0de56743d08e7976933c49e2915bfa Mon Sep 17 00:00:00 2001
+From: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
+Date: Wed, 15 Nov 2017 12:46:25 +0000
+Subject: [PATCH] tls: compile with OpenSSL 1.1.0
+
+The init functions are not longer required in OpenSSL 1.1 so I dropped
+them.
+
+TLSv1_client_method() should not be used because it enables only the
+TLSv1.0 protocol. Better is to use SSLv23_client_method() which enable
+all the protocols including TLSv1.2. With this functions SSLv2 and SSLv3
+is theoretically possible but as of today those protocols are usually
+build-time disabled.
+To avoid all this OpenSSL 1.1 provides TLS_client_method() which is aim
+to provide to highest TLS protocol version (same as
+SSLv23_client_method() but it is deprecated in 1.1).
+
+Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
+---
+ src/tls.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/src/tls.c b/src/tls.c
+index 4562c7327077..e0e5c1a5f079 100644
+--- a/src/tls.c
++++ b/src/tls.c
+@@ -24,6 +24,7 @@
+ #endif
+ 
+ #include <shout/shout.h>
++#include <string.h>
+ #include "shout_private.h"
+ 
+ #ifndef XXX_HAVE_X509_check_host
+@@ -61,14 +62,17 @@ shout_tls_t *shout_tls_new(shout_t *self, sock_t socket)
+ 
+ static inline int tls_setup(shout_tls_t *tls)
+ {
+-	SSL_METHOD *meth;
+-
++	const SSL_METHOD *meth;
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+ 	SSL_library_init();
+ 	SSL_load_error_strings();
+ 	SSLeay_add_all_algorithms();
+- 	SSLeay_add_ssl_algorithms();
++	SSLeay_add_ssl_algorithms();
+ 
+-	meth = TLSv1_client_method();
++	meth = SSLv23_client_method();
++#else
++	meth = TLS_client_method();
++#endif
+ 	if (!meth)
+ 		goto error;
+ 
+-- 
+2.15.0
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..c706af2
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+01-libshout-tls-compile-with-OpenSSL-1.1.0.patch
diff --git a/debian/rules b/debian/rules
index e04d991..502de59 100755
--- a/debian/rules
+++ b/debian/rules
@@ -36,7 +36,7 @@ libpkg = lib$(stem)$(abi)
 devpkg = lib$(stem)$(abi)-dev
 
 # Needed by upstream build
-deps = libogg-dev, libvorbis-dev, pkg-config, libtheora-dev, libspeex-dev, libssl1.0-dev
+deps = libogg-dev, libvorbis-dev, pkg-config, libtheora-dev, libspeex-dev, libssl-dev
 
 # Needed for our packaging
 deps-pkg +=, d-shlibs (>= 0.48)

-- 
libshout packaging

