pick patch to restore CMS support in GOST

0001-gost-restore-CMS-support.patch

@@ -0,0 +1,65 @@
+From 6baa93be806961444d000337366b8ede5deb1c8d Mon Sep 17 00:00:00 2001
+From: Dmitry Baryshkov <dbaryshkov@gmail.com>
+Date: Thu, 19 Mar 2020 18:13:42 +0300
+Subject: [PATCH] gost: restore CMS support
+
+Restore CMS support dropped few years ago when CMS support was removed
+from LibreSSL.
+
+Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
+---
+ src/lib/libcrypto/gost/gostr341001_ameth.c | 14 ++++++++++++++
+ src/lib/libcrypto/gost/gostr341001_pmeth.c |  5 +++++
+ 2 files changed, 19 insertions(+)
+
+diff --git a/src/lib/libcrypto/gost/gostr341001_ameth.c b/src/lib/libcrypto/gost/gostr341001_ameth.c
+index 6886859fa..087042f0a 100644
+--- a/src/lib/libcrypto/gost/gostr341001_ameth.c
++++ b/src/lib/libcrypto/gost/gostr341001_ameth.c
+@@ -59,6 +59,9 @@
+ #include <openssl/ec.h>
+ #include <openssl/err.h>
+ #include <openssl/x509.h>
++#ifndef OPENSSL_NO_CMS
++#include <openssl/cms.h>
++#endif
+ #include <openssl/gost.h>
+ 
+ 
+@@ -749,6 +752,17 @@ pkey_ctrl_gost01(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+ 			PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
+ 		break;
+ 
++#ifndef OPENSSL_NO_CMS
++	case ASN1_PKEY_CTRL_CMS_SIGN:
++		if (arg1 == 0)
++			CMS_SignerInfo_get0_algs(arg2, NULL, NULL,
++					&alg1, &alg2);
++		return 1;
++	case ASN1_PKEY_CTRL_CMS_ENVELOPE:
++		if (arg1 == 0)
++			CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg3);
++		break;
++#endif
+ 	case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
+ 		if (arg1 == 0)
+ 			PKCS7_RECIP_INFO_get0_alg(arg2, &alg3);
+diff --git a/src/lib/libcrypto/gost/gostr341001_pmeth.c b/src/lib/libcrypto/gost/gostr341001_pmeth.c
+index 0e0cae99e..cacbf3de9 100644
+--- a/src/lib/libcrypto/gost/gostr341001_pmeth.c
++++ b/src/lib/libcrypto/gost/gostr341001_pmeth.c
+@@ -587,6 +587,11 @@ pkey_gost01_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+ 	case EVP_PKEY_CTRL_PKCS7_DECRYPT:
+ 	case EVP_PKEY_CTRL_PKCS7_SIGN:
+ 	case EVP_PKEY_CTRL_DIGESTINIT:
++#ifndef OPENSSL_NO_CMS
++	case EVP_PKEY_CTRL_CMS_ENCRYPT:
++	case EVP_PKEY_CTRL_CMS_DECRYPT:
++	case EVP_PKEY_CTRL_CMS_SIGN:
++#endif
+ 		return 1;
+ 
+ 	case EVP_PKEY_CTRL_GOST_PARAMSET:
+-- 
+2.20.1
+

libressl.spec

@@ -63,7 +63,7 @@
 Summary:		LibreSSL utils and libs coexisting with OpenSSL
 Name:			libressl
 Version:		%{base_version}.git%{git_date}
-Release:		24
+Release:		25
 # The code is distributed under ISC license except of original OpenSSL code
 License:		ISC and BSD-like
 Group:			System/Base
@@ -81,12 +81,14 @@ Url:			http://libressl.org
 # - libressl-portable/openbsd  commit 1203000a
 #Source0:		http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-%{version}.tar.gz
 Source0:		libressl-%{version}.tar.gz
-# TODO: add printing config location to `openssl version`
-Source1:		0001-Allow-custom-config-location.patch
 Source10:		libressl.rpmlintrc
+# TODO: add printing config location to `openssl version`
+Patch1:			0001-Allow-custom-config-location.patch
 # If both openssl and libressl libraries are loaded into one runtime,
 # versioning their symbols will or may allow them to coexist
 Patch2:			SUSE-extra-symver.patch
+# https://github.com/GostCrypt/libressl-openbsd/tree/gost-new
+Patch3:			0001-gost-restore-CMS-support.patch
 # From https://www.mitchr.me/SS/exampleCode/openssl.html 
 Source20:		test.c
 Source22:		test2.c
@@ -206,7 +208,6 @@ pkg-config sets -I%{_libdir} in CFLAGS.
 %package -n ocspcheck
 Summary:		Utility to validate certificates
 Group:			System/Base
-Autoreq: 1
 
 %description -n ocspcheck
 Utility to validate a certificate against its OCSP responder and
@@ -259,11 +260,15 @@ capabilities.
 %patch2 -p1
 # Patch is against gits https://github.com/libressl-portable/
 # Release tarball is packaged in a tricky way
-cat %{SOURCE1} | sed \
+cat %{PATCH1} | sed \
 	-e 's,src/lib/libcrypto/,crypto/,g' \
 	-e 's,src/usr.bin/openssl/,apps/openssl/,g' \
 	> 1.patch
 patch -p1 < 1.patch
+cat %{PATCH3} | sed \
+	-e 's,src/lib/libcrypto/,crypto/,g' \
+	> 3.patch
+patch -p1 < 3.patch
 
 %build
 %setup_compile_flags