@@ -1107,6 +1107,7 @@ dist_patch_DATA = \
%D%/packages/patches/dvd+rw-tools-add-include.patch \
%D%/packages/patches/dynaconf-unvendor-deps.patch \
%D%/packages/patches/dyninst-fix-glibc-compatibility.patch \
+ %D%/packages/patches/ecryptfs-utils-openssl-1.1.patch \
%D%/packages/patches/efivar-211.patch \
%D%/packages/patches/eigen-fix-strict-aliasing-bug.patch \
%D%/packages/patches/einstein-build.patch \
@@ -7024,7 +7024,8 @@ (define-public ecryptfs-utils
version ".orig.tar.gz"))
(sha256
(base32
- "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i"))))
+ "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i"))
+ (patches (search-patches "ecryptfs-utils-openssl-1.1.patch"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags (list "--disable-pywrap")
@@ -7106,6 +7107,7 @@ (define-public ecryptfs-utils
linux-pam
lsof
lvm2
+ openssl-1.1
nss
rsync
sed
new file mode 100644
@@ -0,0 +1,52 @@
+diff --git a/src/key_mod/ecryptfs_key_mod_openssl.c b/src/key_mod/ecryptfs_key_mod_openssl.c
+index 56ebe2d..3959974 100644
+--- a/src/key_mod/ecryptfs_key_mod_openssl.c
++++ b/src/key_mod/ecryptfs_key_mod_openssl.c
+@@ -141,6 +141,7 @@ ecryptfs_openssl_destroy_subgraph_ctx(struct ecryptfs_subgraph_ctx *ctx)
+ static int ecryptfs_openssl_generate_signature(char *sig, RSA *key)
+ {
+ int len, nbits, ebits, i;
++ const BIGNUM *n, *e;
+ int nbytes, ebytes;
+ unsigned char *hash;
+ unsigned char *data = NULL;
+@@ -152,11 +153,14 @@ static int ecryptfs_openssl_generate_signature(char *sig, RSA *key)
+ rc = -ENOMEM;
+ goto out;
+ }
+- nbits = BN_num_bits(key->n);
++
++ RSA_get0_key(key, &n, &e, NULL);
++
++ nbits = BN_num_bits(n);
+ nbytes = nbits / 8;
+ if (nbits % 8)
+ nbytes++;
+- ebits = BN_num_bits(key->e);
++ ebits = BN_num_bits(e);
+ ebytes = ebits / 8;
+ if (ebits % 8)
+ ebytes++;
+@@ -179,11 +183,11 @@ static int ecryptfs_openssl_generate_signature(char *sig, RSA *key)
+ data[i++] = '\02';
+ data[i++] = (nbits >> 8);
+ data[i++] = nbits;
+- BN_bn2bin(key->n, &(data[i]));
++ BN_bn2bin(n, &(data[i]));
+ i += nbytes;
+ data[i++] = (ebits >> 8);
+ data[i++] = ebits;
+- BN_bn2bin(key->e, &(data[i]));
++ BN_bn2bin(e, &(data[i]));
+ i += ebytes;
+ SHA1(data, len + 3, hash);
+ to_hex(sig, (char *)hash, ECRYPTFS_SIG_SIZE);
+@@ -278,7 +282,7 @@ static int ecryptfs_openssl_read_key(RSA **rsa, unsigned char *blob)
+ BIO *in = NULL;
+ int rc;
+
+- CRYPTO_malloc_init();
++ OPENSSL_malloc_init();
+ ERR_load_crypto_strings();
+ OpenSSL_add_all_algorithms();
+ ENGINE_load_builtin_engines();