From 2c6136acb052e81925ca3afb276c0ae1c63eeded Mon Sep 17 00:00:00 2001
From: Gert Wollny <gw.fossdev@gmail.com>
Date: Sat, 12 Nov 2016 18:58:31 +0100
Subject: [PATCH] Remove d/p/09 patch

Upstream will provide this functionality with the next snapshot
---
 debian/patches/09_openssl-1.1.patch | 198 ----------------------------
 debian/patches/series               |   2 +-
 2 files changed, 1 insertion(+), 199 deletions(-)
 delete mode 100644 debian/patches/09_openssl-1.1.patch

diff --git a/debian/patches/09_openssl-1.1.patch b/debian/patches/09_openssl-1.1.patch
deleted file mode 100644
index ba9851d5..00000000
--- a/debian/patches/09_openssl-1.1.patch
+++ /dev/null
@@ -1,198 +0,0 @@
-Description: Compile with openssl-1.1
-Author: Gert Wollny <gw.fossdev@gmail.com>
-Bug-Debian: http://bugs.debian.org/828281
-
---- a/dcmtls/libsrc/tlslayer.cc
-+++ b/dcmtls/libsrc/tlslayer.cc
-@@ -48,6 +48,11 @@
- #define DCMTK_SSL_CTX_get0_param(A) A->param;
- #endif
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#define SSL_CTX_get_cert_store(ctx) ctx->cert_store
-+#define EVP_PKEY_base_id(key) EVP_PKEY_type(key->type)
-+#endif
-+
- extern "C" int DcmTLSTransportLayer_certificateValidationCallback(int ok, X509_STORE_CTX *storeContext);
- 
- OFLogger DCM_dcmtlsLogger = OFLog::getLogger("dcmtk.dcmtls");
-@@ -114,18 +119,21 @@
-     {"TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA",   SSL3_TXT_ADH_DES_40_CBC_SHA},
-     {"TLS_DH_anon_WITH_DES_CBC_SHA",            SSL3_TXT_ADH_DES_64_CBC_SHA},
-     {"TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",       SSL3_TXT_ADH_DES_192_CBC_SHA},
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-     {"TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA",     TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA},
-     {"TLS_RSA_EXPORT1024_WITH_RC4_56_SHA",      TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA},
-     {"TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA},
-     {"TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA",  TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA},
-+#endif
-     {"TLS_DHE_DSS_WITH_RC4_128_SHA",            TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA}
- 
- #if OPENSSL_VERSION_NUMBER >= 0x0090700fL
--    // cipersuites added in OpenSSL 0.9.7
-     ,
-+    // cipersuites added in OpenSSL 0.9.7
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-     {"TLS_RSA_EXPORT_WITH_RC4_56_MD5",          TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5},
-     {"TLS_RSA_EXPORT_WITH_RC2_CBC_56_MD5",      TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5},
--
-+#endif
-     /* AES ciphersuites from RFC3268 */
-     {"TLS_RSA_WITH_AES_128_CBC_SHA",            TLS1_TXT_RSA_WITH_AES_128_SHA},
-     {"TLS_DH_DSS_WITH_AES_128_CBC_SHA",         TLS1_TXT_DH_DSS_WITH_AES_128_SHA},
-@@ -184,7 +192,9 @@
-      // but the API has been available at least since 0.9.5.
-      SSL_library_init();
-      SSL_load_error_strings();
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-      SSLeay_add_all_algorithms();
-+#endif
-      seedPRNG(randFile);
-    }
- 
-@@ -330,7 +340,7 @@
-   /* fileType should be SSL_FILETYPE_ASN1 or SSL_FILETYPE_PEM */
-   if (transportLayerContext)
-   {
--    X509_LOOKUP *x509_lookup = X509_STORE_add_lookup(transportLayerContext->cert_store, X509_LOOKUP_file());
-+    X509_LOOKUP *x509_lookup = X509_STORE_add_lookup(SSL_CTX_get_cert_store(transportLayerContext), X509_LOOKUP_file());
-     if (x509_lookup == NULL) return TCS_tlsError;
-     if (! X509_LOOKUP_load_file(x509_lookup, fileName, fileType)) return TCS_tlsError;
-   } else return TCS_illegalCall;
-@@ -342,7 +352,7 @@
-   /* fileType should be SSL_FILETYPE_ASN1 or SSL_FILETYPE_PEM */
-   if (transportLayerContext)
-   {
--    X509_LOOKUP *x509_lookup = X509_STORE_add_lookup(transportLayerContext->cert_store, X509_LOOKUP_hash_dir());
-+    X509_LOOKUP *x509_lookup = X509_STORE_add_lookup(SSL_CTX_get_cert_store(transportLayerContext), X509_LOOKUP_hash_dir());
-     if (x509_lookup == NULL) return TCS_tlsError;
-     if (! X509_LOOKUP_add_dir(x509_lookup, pathName, fileType)) return TCS_tlsError;
-   } else return TCS_illegalCall;
-@@ -464,7 +474,7 @@
-     EVP_PKEY *pubkey = X509_get_pubkey(peerCertificate); // creates copy of public key
-     if (pubkey)
-     {
--      switch (EVP_PKEY_type(pubkey->type))
-+      switch (EVP_PKEY_base_id(pubkey))
-       {
-         case EVP_PKEY_RSA:
-           certPubKeyType = "RSA";
---- a/dcmsign/libsrc/sicert.cc
-+++ b/dcmsign/libsrc/sicert.cc
-@@ -39,6 +39,10 @@
- #include <openssl/pem.h>
- END_EXTERN_C
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#define EVP_PKEY_id(key) key->type
-+#endif
-+
- SiCertificate::SiCertificate()
- : x509(NULL)
- {
-@@ -57,7 +61,7 @@
-     EVP_PKEY *pkey = X509_extract_key(x509);
-     if (pkey)
-     {
--      switch(pkey->type)
-+      switch(EVP_PKEY_id(pkey))
-       {
-         case EVP_PKEY_RSA:
-           result = EKT_RSA;
-@@ -85,7 +89,7 @@
-     EVP_PKEY *pkey = X509_extract_key(x509);
-     if (pkey)
-     {
--      switch(pkey->type)
-+      switch(EVP_PKEY_id(pkey))
-       {
-         case EVP_PKEY_RSA:
-           return new SiRSA(EVP_PKEY_get1_RSA(pkey));
-@@ -111,7 +115,7 @@
-   x509 = NULL;
-   if (filename)
-   {
--    BIO *in = BIO_new(BIO_s_file_internal());
-+    BIO *in = BIO_new(BIO_s_file());
-     if (in)
-     {
-       if (BIO_read_filename(in, filename) > 0)
---- a/dcmsign/libsrc/sicertvf.cc
-+++ b/dcmsign/libsrc/sicertvf.cc
-@@ -72,7 +72,7 @@
-   X509_CRL *x509crl = NULL;
-   if (fileName)
-   {
--    BIO *in = BIO_new(BIO_s_file_internal());
-+    BIO *in = BIO_new(BIO_s_file());
-     if (in)
-     {
-       if (BIO_read_filename(in, fileName) > 0)
-@@ -107,11 +107,12 @@
-   X509 *rawcert = certificate.getRawCertificate();
-   if (rawcert == NULL) return SI_EC_VerificationFailed_NoCertificate;
- 
--  X509_STORE_CTX ctx;
--  X509_STORE_CTX_init(&ctx, x509store, rawcert, NULL);
--  int ok = X509_verify_cert(&ctx); /* returns nonzero if successful */
--  errorCode = X509_STORE_CTX_get_error(&ctx);
--  X509_STORE_CTX_cleanup(&ctx);
-+  X509_STORE_CTX *ctx = NULL;
-+  ctx = X509_STORE_CTX_new();
-+  int ok = X509_STORE_CTX_init(ctx, x509store, rawcert, NULL);
-+  errorCode = X509_STORE_CTX_get_error(ctx);
-+  X509_STORE_CTX_cleanup(ctx);
-+  X509_STORE_CTX_free(ctx);
-   if (ok) return EC_Normal; else return SI_EC_VerificationFailed_NoTrust;
- }
- 
---- a/dcmsign/libsrc/siprivat.cc
-+++ b/dcmsign/libsrc/siprivat.cc
-@@ -38,6 +38,9 @@
- #include <openssl/pem.h>
- END_EXTERN_C
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#define EVP_PKEY_id(key) key->type
-+#endif
- 
- /* buf     : buffer to write password into
-  * size    : length of buffer in bytes
-@@ -96,7 +99,7 @@
-   pkey = NULL;
-   if (filename)
-   {
--    BIO *in = BIO_new(BIO_s_file_internal());
-+    BIO *in = BIO_new(BIO_s_file());
-     if (in)
-     {
-       if (BIO_read_filename(in, filename) > 0)
-@@ -125,7 +128,7 @@
-   E_KeyType result = EKT_none;
-   if (pkey)
-   {
--    switch(pkey->type)
-+    switch(EVP_PKEY_id(pkey))
-     {
-       case EVP_PKEY_RSA:
-         result = EKT_RSA;
-@@ -149,7 +152,7 @@
- {
-   if (pkey)
-   {
--    switch(pkey->type)
-+    switch(EVP_PKEY_id(pkey))
-     {
-       case EVP_PKEY_RSA:
-         return new SiRSA(EVP_PKEY_get1_RSA(pkey));
---- a/dcmpstat/libsrc/dviface.cc
-+++ b/dcmpstat/libsrc/dviface.cc
-@@ -4080,7 +4080,7 @@
- 
-     /* attempt to load the private key with the given password*/
-     EVP_PKEY *pkey = NULL;
--    BIO *in = BIO_new(BIO_s_file_internal());
-+    BIO *in = BIO_new(BIO_s_file());
-     if (in)
-     {
-       if (BIO_read_filename(in, filename.c_str()) > 0)
diff --git a/debian/patches/series b/debian/patches/series
index cda77023..ab7e6efe 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,4 +6,4 @@
 06_soversion_abi.patch
 07_dont_export_all_executables.patch
 08_remove_system_processor.patch
-#09_openssl-1.1.patch
+
-- 
2.30.2