From c5fceb0331ca08cbfae1a05914cc16a4a4fa2ed9 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= <arekm@maven.pl>
Date: Tue, 18 Sep 2018 12:44:59 +0200
Subject: [PATCH] - rel 3; fix gpgme and openssl 1.1.1 build

---
 mutt-gpgme.patch |  53 ++++++++++++++++++++++
 mutt.spec        |   6 ++-
 openssl.patch    | 112 +++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 170 insertions(+), 1 deletion(-)
 create mode 100644 mutt-gpgme.patch
 create mode 100644 openssl.patch

diff --git a/mutt-gpgme.patch b/mutt-gpgme.patch
new file mode 100644
index 0000000..9635c1f
--- /dev/null
+++ b/mutt-gpgme.patch
@@ -0,0 +1,53 @@
+From 7d69f2a2822621ca3018ed7296bdb165a356c71a Mon Sep 17 00:00:00 2001
+From: Vincent Lefevre <vincent@vinc17.net>
+Date: Sat, 26 Nov 2016 00:57:42 +0100
+Subject: [PATCH] Fix build failure with GPGME 1.8: do not steal the gpgme_
+ prefix.
+
+Upstream commit.
+
+Fixes: #257
+---
+ crypt-gpgme.c         | 2 +-
+ crypt-gpgme.h         | 2 +-
+ crypt-mod-pgp-gpgme.c | 2 +-
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/crypt-gpgme.c b/crypt-gpgme.c
+index b5a0990d5..2a325e6d7 100644
+--- a/crypt-gpgme.c
++++ b/crypt-gpgme.c
+@@ -4959,7 +4959,7 @@ int smime_gpgme_verify_sender (HEADER *h)
+   return verify_sender (h, GPGME_PROTOCOL_CMS);
+ }
+ 
+-void gpgme_set_sender (const char *sender)
++void mutt_gpgme_set_sender (const char *sender)
+ {
+   mutt_error ("[setting sender] mailbox: %s\n", sender);
+   FREE (&current_sender);
+diff --git a/crypt-gpgme.h b/crypt-gpgme.h
+index 11ca6a60f..7f5ecda37 100644
+--- a/crypt-gpgme.h
++++ b/crypt-gpgme.h
+@@ -53,6 +53,6 @@ int smime_gpgme_send_menu (HEADER *msg, int *redraw);
+ 
+ int smime_gpgme_verify_sender (HEADER *h);
+ 
+-void gpgme_set_sender (const char *sender);
++void mutt_gpgme_set_sender (const char *sender);
+ 
+ #endif
+diff --git a/crypt-mod-pgp-gpgme.c b/crypt-mod-pgp-gpgme.c
+index 948585c45..183f4eeec 100644
+--- a/crypt-mod-pgp-gpgme.c
++++ b/crypt-mod-pgp-gpgme.c
+@@ -104,7 +104,7 @@ static BODY *crypt_mod_pgp_make_key_attachment (char *tempf)
+ 
+ static void crypt_mod_pgp_set_sender (const char *sender)
+ {
+-  gpgme_set_sender (sender);
++  mutt_gpgme_set_sender (sender);
+ }
+ 
+ struct crypt_module_specs crypt_mod_pgp_gpgme =
diff --git a/mutt.spec b/mutt.spec
index fba9105..8405af8 100644
--- a/mutt.spec
+++ b/mutt.spec
@@ -29,7 +29,7 @@ Summary(tr.UTF-8):	Mutt elektronik posta programı
 Summary(uk.UTF-8):	Поштова клієнтська програма Mutt
 Name:		mutt
 Version:	1.6.2
-Release:	2
+Release:	3
 Epoch:		6
 License:	GPL v2+
 Group:		Applications/Mail
@@ -69,6 +69,8 @@ Patch23:	%{name}-db.patch
 Patch24:	%{name}-vvv.nntp.patch
 Patch25:	format-security.patch
 Patch26:	%{name}-keep_to.patch
+Patch27:	mutt-gpgme.patch
+Patch28:	openssl.patch
 URL:		http://www.mutt.org/
 BuildRequires:	autoconf >= 2.54
 BuildRequires:	automake >= 1.6
@@ -179,6 +181,8 @@ Mutt - це невеликий, але потужний повноекранни
 %{?with_nntp:%patch24 -p1}
 %patch25 -p1
 %patch26 -p1
+%patch27 -p1
+%patch28 -p1
 
 # force regeneration (manual.sgml is modified by some patches)
 %{__rm} doc/{manual*.html,manual.txt}
diff --git a/openssl.patch b/openssl.patch
new file mode 100644
index 0000000..d267bd8
--- /dev/null
+++ b/openssl.patch
@@ -0,0 +1,112 @@
+From 6ce3be71ed60e4fe41ea255b74119ded47bd4ca2 Mon Sep 17 00:00:00 2001
+From: TAKAHASHI Tamotsu <ttakah@lapis.plala.or.jp>
+Date: Wed, 7 Sep 2016 20:00:04 -0700
+Subject: [PATCH] Fix openssl 1.1 compilation issues. (closes #3870)
+
+With these changes, Mutt will no longer compile for versions less than
+0.9.6.
+---
+ configure.ac |  7 +++++--
+ mutt_ssl.c   | 24 ++++++++----------------
+ 2 files changed, 13 insertions(+), 18 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index aff9479c7..b84b531cb 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -689,13 +689,16 @@ AC_ARG_WITH(ssl, AS_HELP_STRING([--with-ssl@<:@=PFX@:>@],[Enable TLS support usi
+ 
+             crypto_libs=""
+             AC_CHECK_LIB(z, deflate, [crypto_libs=-lz])
+-            AC_CHECK_LIB(crypto, X509_new,
+-              [crypto_libs="-lcrypto $crypto_libs"],, [$crypto_libs])
++            AC_CHECK_LIB(crypto, X509_STORE_CTX_new,
++              [crypto_libs="-lcrypto $crypto_libs"],
++              AC_MSG_ERROR([Unable to find SSL library]), [$crypto_libs])
+             AC_CHECK_LIB(ssl, SSL_new,,
+               AC_MSG_ERROR([Unable to find SSL library]), [$crypto_libs])
+ 
+             LIBS="$LIBS $crypto_libs"
+             AC_CHECK_FUNCS(RAND_status RAND_egd)
++            AC_CHECK_DECLS([SSL_set_mode, SSL_MODE_AUTO_RETRY],,
++              AC_MSG_ERROR([Unable to find decent SSL header]), [[#include <openssl/ssl.h>]])
+ 
+             AC_DEFINE(USE_SSL,1,[ Define if you want support for SSL. ])
+             AC_DEFINE(USE_SSL_OPENSSL,1,[ Define if you want support for SSL via OpenSSL. ])
+diff --git a/mutt_ssl.c b/mutt_ssl.c
+index 35cb5135c..791b1c631 100644
+--- a/mutt_ssl.c
++++ b/mutt_ssl.c
+@@ -37,12 +37,6 @@
+ #include "mutt_ssl.h"
+ #include "mutt_idna.h"
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x00904000L
+-#define READ_X509_KEY(fp, key)	PEM_read_X509(fp, key, NULL, NULL)
+-#else
+-#define READ_X509_KEY(fp, key)	PEM_read_X509(fp, key, NULL)
+-#endif
+-
+ /* Just in case OpenSSL doesn't define DEVRANDOM */
+ #ifndef DEVRANDOM
+ #define DEVRANDOM "/dev/urandom"
+@@ -406,11 +400,7 @@ static int ssl_negotiate (CONNECTION *conn, sslsockdata* ssldata)
+   int err;
+   const char* errmsg;
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x00906000L
+-  /* This only exists in 0.9.6 and above. Without it we may get interrupted
+-   *   reads or writes. Bummer. */
+   SSL_set_mode (ssldata->ssl, SSL_MODE_AUTO_RETRY);
+-#endif
+ 
+   if ((err = SSL_connect (ssldata->ssl)) != 1)
+   {
+@@ -631,7 +621,7 @@ static char *asn1time_to_string (ASN1_UTCTIME *tm)
+ 
+ static int check_certificate_by_signer (X509 *peercert)
+ {
+-  X509_STORE_CTX xsc;
++  X509_STORE_CTX *xsc;
+   X509_STORE *ctx;
+   int pass = 0, i;
+ 
+@@ -661,23 +651,25 @@ static int check_certificate_by_signer (X509 *peercert)
+     return 0;
+   }
+ 
+-  X509_STORE_CTX_init (&xsc, ctx, peercert, SslSessionCerts);
++  xsc = X509_STORE_CTX_new();
++  if (xsc == NULL) return 0;
++  X509_STORE_CTX_init (xsc, ctx, peercert, SslSessionCerts);
+ 
+-  pass = (X509_verify_cert (&xsc) > 0);
++  pass = (X509_verify_cert (xsc) > 0);
+ #ifdef DEBUG
+   if (! pass)
+   {
+     char buf[SHORT_STRING];
+     int err;
+ 
+-    err = X509_STORE_CTX_get_error (&xsc);
++    err = X509_STORE_CTX_get_error (xsc);
+     snprintf (buf, sizeof (buf), "%s (%d)",
+ 	X509_verify_cert_error_string(err), err);
+     dprint (2, (debugfile, "X509_verify_cert: %s\n", buf));
+     dprint (2, (debugfile, " [%s]\n", peercert->name));
+   }
+ #endif
+-  X509_STORE_CTX_cleanup (&xsc);
++  X509_STORE_CTX_free (xsc);
+   X509_STORE_free (ctx);
+ 
+   return pass;
+@@ -766,7 +758,7 @@ static int check_certificate_by_digest (X509 *peercert)
+     return 0;
+   }
+ 
+-  while ((cert = READ_X509_KEY (fp, &cert)) != NULL)
++  while ((cert = PEM_read_X509 (fp, &cert, NULL, NULL)) != NULL)
+   {
+     pass = compare_certificates (cert, peercert, peermd, peermdlen) ? 0 : 1;
+ 
-- 
2.43.0