From f6a3f2f7744871e67d6b045c735b83b04224ee292ad3300b24d1167894c4ebb8 Mon Sep 17 00:00:00 2001
From: Dirk Mueller <dmueller@suse.com>
Date: Wed, 29 Nov 2017 22:39:09 +0000
Subject: [PATCH] Accepting request 546504 from
 home:msmeissn:branches:Base:System

- dd_rescue-openssl11.patch: ported to openssl 1.1 (bsc#1070369)

OBS-URL: https://build.opensuse.org/request/show/546504
OBS-URL: https://build.opensuse.org/package/show/Base:System/dd_rescue?expand=0&rev=38
---
 dd_rescue-openssl11.patch | 440 ++++++++++++++++++++++++++++++++++++++
 dd_rescue.changes         |   5 +
 dd_rescue.spec            |   8 +-
 3 files changed, 449 insertions(+), 4 deletions(-)
 create mode 100644 dd_rescue-openssl11.patch

diff --git a/dd_rescue-openssl11.patch b/dd_rescue-openssl11.patch
new file mode 100644
index 0000000..f74d50f
--- /dev/null
+++ b/dd_rescue-openssl11.patch
@@ -0,0 +1,440 @@
+Index: dd_rescue-1.99.7/aes_ossl.c
+===================================================================
+--- dd_rescue-1.99.7.orig/aes_ossl.c
++++ dd_rescue-1.99.7/aes_ossl.c
+@@ -17,15 +17,17 @@
+ 
+ void AES_OSSL_Bits_EKey_Expand(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx)
+ {
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
+-	EVP_CIPHER_CTX_init(evpctx);
+-	EVP_EncryptInit_ex(evpctx, cipher, NULL, userkey, NULL);
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
++	evpctx[0] = EVP_CIPHER_CTX_new();						\
++	EVP_CIPHER_CTX_init(evpctx[0]);
++	EVP_EncryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL);
+ }
+ void AES_OSSL_Bits_DKey_Expand(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx)
+ {
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
+-	EVP_CIPHER_CTX_init(evpctx);
+-	EVP_DecryptInit_ex(evpctx, cipher, NULL, userkey, NULL);
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
++	evpctx[0] = EVP_CIPHER_CTX_new();						\
++	EVP_CIPHER_CTX_init(evpctx[0]);
++	EVP_DecryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL);
+ }
+ 
+ 
+@@ -48,28 +50,27 @@ int AES_OSSL_##BITCHAIN##_Encrypt(const
+ 				ssize_t len, ssize_t *flen)			\
+ {								\
+ 	int olen, elen, ores;					\
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;		\
+-	EVP_EncryptInit(evpctx, NULL, NULL, NULL);		\
+-	EVP_CIPHER_CTX_set_padding(evpctx, DOPAD? pad: 0);	\
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;	\
++	EVP_CIPHER_CTX_set_padding(evpctx[0], DOPAD? pad: 0);	\
+ 	if (IV) {						\
+-		memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16);	\
++		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16);	\
+ 	}							\
+        	if (DOPAD && !pad && (len&15)) {			\
+-		ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len-(len&15));	\
++		ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len-(len&15));	\
+ 		assert(ores);					\
+ 		uchar ibf[16];					\
+ 		memcpy(ibf, in+olen, len&15);			\
+ 		memset(ibf+(len&15), 0, 16-(len&15));		\
+-		ores = EVP_EncryptUpdate(evpctx, out+olen, &elen, ibf, 16);	\
++		ores = EVP_EncryptUpdate(evpctx[0], out+olen, &elen, ibf, 16);	\
+ 		memset(ibf, 0, len&15);				\
+ 		asm("":::"memory");				\
+ 		assert(ores);					\
+ 	} else {								\
+ 		if (DOPAD && !(len%15) && pad == PAD_ASNEEDED)	\
+-			EVP_CIPHER_CTX_set_padding(evpctx, 0);	\
+-		ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len);		\
++			EVP_CIPHER_CTX_set_padding(evpctx[0], 0);	\
++		ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len);		\
+ 		assert(ores);					\
+-		ores = EVP_EncryptFinal(evpctx, out+olen, &elen);\
++		ores = EVP_EncryptFinal(evpctx[0], out+olen, &elen);\
+ 		assert(ores);					\
+ 		if (0 && elen && (len&15)) olen -= 16;		\
+ 	}							\
+@@ -80,7 +81,7 @@ int AES_OSSL_##BITCHAIN##_Encrypt(const
+ 		fprintf(stderr, "Encryption length mismatch %i+%i != %zi\n",	\
+ 			olen, elen, len);			\
+ 	if (IV)							\
+-		memcpy(iv, evpctx->iv, 16);			\
++		memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16);			\
+ 	return (DOPAD && (pad == PAD_ALWAYS || (len&15)))? 16-(len&15): 0;	\
+ };								\
+ int AES_OSSL_##BITCHAIN##_Decrypt(const unsigned char* ctx, unsigned int rounds,\
+@@ -90,49 +91,48 @@ int AES_OSSL_##BITCHAIN##_Decrypt(const
+ {								\
+ 	int olen, elen = 0, ores;				\
+ 	int ilen = (len&15)? len+15-(len&15): len;		\
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;		\
+-	EVP_DecryptInit(evpctx, NULL, NULL, NULL);		\
+-	EVP_CIPHER_CTX_set_padding(evpctx, DOPAD && pad != PAD_ASNEEDED?pad:0);	\
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;	\
++	EVP_CIPHER_CTX_set_padding(evpctx[0], DOPAD && pad != PAD_ASNEEDED?pad:0);	\
+ 	if (IV) {						\
+-		memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16);	\
++		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16);	\
+ 	}							\
+ 	if (DOPAD && pad == PAD_ASNEEDED) {			\
+ 		int olen1;					\
+ 		uchar buf[16];					\
+-		ores = EVP_DecryptUpdate(evpctx, out, &olen, in, ilen-16);	\
++		ores = EVP_DecryptUpdate(evpctx[0], out, &olen, in, ilen-16);	\
+ 		assert(ores);					\
+-		EVP_CIPHER_CTX ctx2;				\
+-		memcpy(&ctx2, evpctx, sizeof(ctx2));		\
++		EVP_CIPHER_CTX *ctx2 = EVP_CIPHER_CTX_new();	\
++		EVP_CIPHER_CTX_copy(ctx2, evpctx[0]);		\
+ 		/* Save piece that gets overwritten */		\
+ 		if (in == out)					\
+ 			memcpy(buf, out+olen, 16);		\
+-		EVP_CIPHER_CTX_set_padding(evpctx, 1);		\
+-		ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, in+ilen-16, 16);	\
++		EVP_CIPHER_CTX_set_padding(evpctx[0], 1);		\
++		ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, in+ilen-16, 16);	\
+ 		assert(ores); assert(!olen1);			\
+-		ores = EVP_DecryptFinal(evpctx, out+olen, &elen);		\
++		ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);		\
+ 		if (!ores) {					\
+-			memcpy(evpctx, &ctx2, sizeof(ctx2));	\
++			EVP_CIPHER_CTX_copy(evpctx[0], ctx2);	\
+ 			if (in == out)				\
+ 				memcpy(out+olen, buf, 16);	\
+-			ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, in+ilen-16, 16);	\
++			ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, in+ilen-16, 16);	\
+ 			assert(ores); assert(olen1 == 16);	\
+ 			olen += olen1;				\
+-			ores = EVP_DecryptFinal(evpctx, out+olen, &elen);	\
++			ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);	\
+ 			assert(ores);				\
+ 		}						\
+-		memset(&ctx2, 0, sizeof(ctx2));			\
++		EVP_CIPHER_CTX_free(ctx2);			\
+ 		asm("":::"memory");				\
+ 	} else {						\
+-		ores = EVP_DecryptUpdate(evpctx, out, &olen, in, ilen);	\
++		ores = EVP_DecryptUpdate(evpctx[0], out, &olen, in, ilen);	\
+ 		assert(ores);					\
+-		ores = EVP_DecryptFinal(evpctx, out+olen, &elen);	\
++		ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);	\
+ 	}							\
+ 	if (DOPAD && pad) {					\
+ 		*flen = olen + elen;				\
+ 	} else							\
+ 		*flen = len;					\
+ 	if (IV)							\
+-		memcpy(iv, evpctx->iv, 16);			\
++		memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16);	\
+ 	if (DOPAD && pad == PAD_ASNEEDED)			\
+ 		return (elen? 16-elen: 1);			\
+ 	return ores - 1;					\
+@@ -140,8 +140,8 @@ int AES_OSSL_##BITCHAIN##_Decrypt(const
+ 
+ void AES_OSSL_Release(unsigned char *ctx, unsigned int rounds)
+ {
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
+-	EVP_CIPHER_CTX_cleanup(evpctx);
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
++	EVP_CIPHER_CTX_cleanup(evpctx[0]);
+ }
+ 
+ AES_OSSL_KEY_EX(128, AES_128_ROUNDS, ecb);
+@@ -180,37 +180,41 @@ AES_OSSL_CRYPT(256_CTR, 1, 0);
+ 
+ void AES_OSSL_Bits_EKey_ExpandX2(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx, unsigned int bits)
+ {
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
+-	EVP_CIPHER_CTX_init(evpctx);
+-	EVP_EncryptInit_ex(evpctx, cipher, NULL, userkey, NULL);
+-	//EVP_CIPHER_CTX_set_padding(evpctx, 0);
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
++	evpctx[0] = EVP_CIPHER_CTX_new();						\
++	evpctx[1] = EVP_CIPHER_CTX_new();						\
++	EVP_CIPHER_CTX_init(evpctx[0]);
++	EVP_EncryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL);
++	//EVP_CIPHER_CTX_set_padding(evpctx[0], 0);
+ 	hash_t hv;
+ 	sha256_init(&hv);
+ 	sha256_calc(userkey, bits/8, bits/8, &hv);
+ 	uchar usrkey2[32];
+ 	sha256_beout(usrkey2, &hv);
+ 	sha256_init(&hv);
+-	EVP_CIPHER_CTX_init(evpctx+1);
+-	EVP_EncryptInit_ex(evpctx+1, cipher, NULL, usrkey2, NULL);
++	EVP_CIPHER_CTX_init(evpctx[1]);
++	EVP_EncryptInit_ex(evpctx[1], cipher, NULL, usrkey2, NULL);
+ 	//EVP_CIPHER_CTX_set_padding(evpctx+1, 0);
+ 	memset(usrkey2, 0, 32);
+ 	asm("":::"memory");
+ }
+ void AES_OSSL_Bits_DKey_ExpandX2(const EVP_CIPHER *cipher, const unsigned char* userkey, unsigned char *ctx, unsigned int bits)
+ {
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
+-	EVP_CIPHER_CTX_init(evpctx);
+-	EVP_DecryptInit_ex(evpctx, cipher, NULL, userkey, NULL);
+-	//EVP_CIPHER_CTX_set_padding(evpctx, 0);
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
++	evpctx[0] = EVP_CIPHER_CTX_new();						\
++	evpctx[1] = EVP_CIPHER_CTX_new();						\
++	EVP_CIPHER_CTX_init(evpctx[0]);
++	EVP_DecryptInit_ex(evpctx[0], cipher, NULL, userkey, NULL);
++	//EVP_CIPHER_CTX_set_padding(evpctx[0], 0);
+ 	hash_t hv;
+ 	sha256_init(&hv);
+ 	sha256_calc(userkey, bits/8, bits/8, &hv);
+ 	uchar usrkey2[32];
+ 	sha256_beout(usrkey2, &hv);
+ 	sha256_init(&hv);
+-	EVP_CIPHER_CTX_init(evpctx+1);
+-	EVP_DecryptInit_ex(evpctx+1, cipher, NULL, usrkey2, NULL);
+-	//EVP_CIPHER_CTX_set_padding(evpctx+1, 0);
++	EVP_CIPHER_CTX_init(evpctx[1]);
++	EVP_DecryptInit_ex(evpctx[1], cipher, NULL, usrkey2, NULL);
++	//EVP_CIPHER_CTX_set_padding(evpctx[1], 0);
+ 	memset(usrkey2, 0, 32);
+ 	asm("":::"memory");
+ }
+@@ -235,40 +239,40 @@ int  AES_OSSL_##BITCHAIN##_EncryptX2(con
+ 	       			ssize_t len, ssize_t *flen)				\
+ {								\
+ 	int olen, elen, ores;					\
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;		\
+-	EVP_EncryptInit(evpctx, NULL, NULL, NULL);		\
+-	EVP_EncryptInit(evpctx+1, NULL, NULL, NULL);		\
+-	EVP_CIPHER_CTX_set_padding(evpctx, pad);		\
+-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);		\
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;	\
++	EVP_EncryptInit(evpctx[0], NULL, NULL, NULL);		\
++	EVP_EncryptInit(evpctx[1], NULL, NULL, NULL);		\
++	EVP_CIPHER_CTX_set_padding(evpctx[0], pad);		\
++	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);		\
+ 	if (IV) {						\
+-		memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16);		\
+-		memcpy((evpctx+1)->oiv, iv, 16); memcpy((evpctx+1)->iv, iv, 16);	\
++		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16);		\
++		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[1]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[1]), iv, 16);	\
+ 	}							\
+        	if (!pad && (len&15)) {					\
+-		ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len-(len&15));		\
++		ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len-(len&15));		\
+ 		assert(ores);					\
+ 		uchar ibf[16];					\
+ 		memcpy(ibf, in+olen, len&15);			\
+ 		memset(ibf+(len&15), 0, 16-(len&15));		\
+-		ores = EVP_EncryptUpdate(evpctx, out+olen, &elen, ibf, 16);		\
++		ores = EVP_EncryptUpdate(evpctx[0], out+olen, &elen, ibf, 16);		\
+ 		memset(ibf, 0, len&15);				\
+ 		asm("":::"memory");				\
+ 		assert(ores);					\
+ 	} else {						\
+-		ores = EVP_EncryptUpdate(evpctx, out, &olen, in, len);	\
++		ores = EVP_EncryptUpdate(evpctx[0], out, &olen, in, len);	\
+ 		assert(ores);					\
+-		ores = EVP_EncryptFinal(evpctx, out+olen, &elen);	\
++		ores = EVP_EncryptFinal(evpctx[0], out+olen, &elen);	\
+ 		assert(ores);					\
+ 	}							\
+-	ores = EVP_EncryptUpdate(evpctx+1, out, &olen, out, olen+elen);	\
++	ores = EVP_EncryptUpdate(evpctx[1], out, &olen, out, olen+elen);	\
+ 	assert(ores);						\
+-	ores = EVP_EncryptFinal(evpctx+1, out+olen, &elen);	\
++	ores = EVP_EncryptFinal(evpctx[1], out+olen, &elen);	\
+ 	assert(ores);						\
+ 	*flen = olen+elen;					\
+ 	if (pad == PAD_ASNEEDED && !(len&15))			\
+ 		*flen -= 16;					\
+ 	if (IV)							\
+-		memcpy(iv, evpctx->iv, 16);			\
++		memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16);	\
+ 	return (pad == PAD_ALWAYS || (len&15))? 16-(len&15): 0;	\
+ };								\
+ int  AES_OSSL_##BITCHAIN##_DecryptX2(const unsigned char* ctx, unsigned int rounds,	\
+@@ -278,54 +282,52 @@ int  AES_OSSL_##BITCHAIN##_DecryptX2(con
+ {								\
+ 	int olen, elen, ores;					\
+ 	int rlen = (len&15)? len+16-(len&15): len;		\
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;		\
+-	EVP_DecryptInit(evpctx+1, NULL, NULL, NULL);		\
+-	EVP_DecryptInit(evpctx, NULL, NULL, NULL);		\
+-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);		\
+-	EVP_CIPHER_CTX_set_padding(evpctx, pad==PAD_ASNEEDED? 0: pad);	\
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;	\
++	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);		\
++	EVP_CIPHER_CTX_set_padding(evpctx[0], pad==PAD_ASNEEDED? 0: pad);	\
+ 	if (IV) {						\
+-		memcpy((evpctx+1)->oiv, iv, 16); memcpy((evpctx+1)->iv, iv, 16);	\
+-		memcpy(evpctx->oiv, iv, 16); memcpy(evpctx->iv, iv, 16);		\
++		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[1]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[1]), iv, 16);	\
++		memcpy(EVP_CIPHER_CTX_original_iv(evpctx[0]), iv, 16); memcpy(EVP_CIPHER_CTX_iv_noconst(evpctx[0]), iv, 16);	\
+ 	}							\
+-	ores = EVP_DecryptUpdate(evpctx+1, out, &olen, in, rlen);		\
++	ores = EVP_DecryptUpdate(evpctx[1], out, &olen, in, rlen);		\
+ 	assert(ores);						\
+-	ores = EVP_DecryptFinal(evpctx+1, out+olen, &elen);	\
++	ores = EVP_DecryptFinal(evpctx[1], out+olen, &elen);	\
+ 	assert(ores);						\
+ 	if (pad == PAD_ASNEEDED) {				\
+ 		int ilen = olen, olen1;				\
+ 		uchar buf[16];					\
+-		ores = EVP_DecryptUpdate(evpctx, out, &olen, out, ilen-16);	\
++		ores = EVP_DecryptUpdate(evpctx[0], out, &olen, out, ilen-16);	\
+ 		assert(ores); assert(olen == ilen-16);		\
+ 		/* Save piece that gets overwritten */		\
+ 		memcpy(buf, out+olen, 16);			\
+-		EVP_CIPHER_CTX ctx2;				\
+-		memcpy(&ctx2, evpctx, sizeof(ctx2));		\
+-		EVP_CIPHER_CTX_set_padding(evpctx, 1);		\
+-		ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, out+ilen-16, 16);	\
++		EVP_CIPHER_CTX *ctx2 = EVP_CIPHER_CTX_new();	\
++		EVP_CIPHER_CTX_copy(ctx2, evpctx[0]);		\
++		EVP_CIPHER_CTX_set_padding(evpctx[0], 1);	\
++		ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, out+ilen-16, 16);	\
+ 		assert(ores); assert(!olen1);			\
+-		ores = EVP_DecryptFinal(evpctx, out+olen, &elen);		\
++		ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);		\
+ 		if (!ores) {					\
+-			memcpy(evpctx, &ctx2, sizeof(ctx2));	\
++			EVP_CIPHER_CTX_copy(evpctx[0], ctx2);	\
+ 			memcpy(out+olen, buf, 16);		\
+-			ores = EVP_DecryptUpdate(evpctx, out+olen, &olen1, out+ilen-16, 16);	\
++			ores = EVP_DecryptUpdate(evpctx[0], out+olen, &olen1, out+ilen-16, 16);	\
+ 			assert(ores); assert(olen1 == 16);	\
+ 			olen += olen1;				\
+-			ores = EVP_DecryptFinal(evpctx, out+olen, &elen);	\
++			ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);	\
+ 			assert(ores);				\
+ 		}						\
+-		memset(&ctx2, 0, sizeof(ctx2));			\
++		EVP_CIPHER_CTX_free(ctx2);			\
+ 		asm("":::"memory");				\
+ 	} else {						\
+-		ores = EVP_DecryptUpdate(evpctx, out, &olen, out, olen+elen);	\
+-		assert(ores);						\
+-		ores = EVP_DecryptFinal(evpctx, out+olen, &elen);	\
++		ores = EVP_DecryptUpdate(evpctx[0], out, &olen, out, olen+elen);	\
++		assert(ores);					\
++		ores = EVP_DecryptFinal(evpctx[0], out+olen, &elen);	\
+ 	}							\
+ 	if (pad)						\
+ 		*flen = olen+elen;				\
+ 	else							\
+ 		*flen = len;					\
+ 	if (IV)							\
+-		memcpy(iv, evpctx->iv, 16);			\
++		memcpy(iv, EVP_CIPHER_CTX_iv(evpctx[0]), 16);	\
+ 	if (pad == PAD_ASNEEDED)				\
+ 		return (elen? 16-elen: 1);			\
+ 	return ores - 1;					\
+@@ -333,9 +335,10 @@ int  AES_OSSL_##BITCHAIN##_DecryptX2(con
+ 
+ void AES_OSSL_ReleaseX2(unsigned char *ctx, unsigned int rounds)
+ {
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
+-	EVP_CIPHER_CTX_cleanup(evpctx);
+-	EVP_CIPHER_CTX_cleanup(evpctx+1);
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
++	EVP_CIPHER_CTX_cleanup(evpctx[0]);
++	EVP_CIPHER_CTX_cleanup(evpctx[1]);
++	/* FIXME: free ? */
+ }
+ 
+ AES_OSSL_KEY_EX2(128, AES_128_ROUNDS, ecb);
+@@ -365,22 +368,22 @@ AES_OSSL_CRYPT2(256_ECB, 0);
+ void AES_OSSL_Blk_EncryptX2(const unsigned char *ctx, unsigned int rounds,
+ 			    const unsigned char *in, unsigned char *out)			
+ {
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
+ 	int olen;
+ 	uchar blk[16];
+-	EVP_EncryptUpdate(evpctx, blk, &olen, in, 16);
+-	EVP_EncryptUpdate(evpctx+1, out, &olen, blk, olen);
++	EVP_EncryptUpdate(evpctx[0], blk, &olen, in, 16);
++	EVP_EncryptUpdate(evpctx[1], out, &olen, blk, olen);
+ 	memset(blk, 0, 16);
+ 	asm("":::"memory");
+ }
+ void AES_OSSL_Blk_DecryptX2(const unsigned char *ctx, unsigned int rounds,
+ 			    const unsigned char *in, unsigned char *out)			
+ {
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;
+ 	int olen;
+ 	uchar blk[16];
+-	EVP_DecryptUpdate(evpctx+1, blk, &olen, in, 16);
+-	EVP_DecryptUpdate(evpctx, out, &olen, blk, olen);
++	EVP_DecryptUpdate(evpctx[1], blk, &olen, in, 16);
++	EVP_DecryptUpdate(evpctx[0], out, &olen, blk, olen);
+ 	memset(blk, 0, 16);
+ 	asm("":::"memory");
+ }
+@@ -392,11 +395,11 @@ int  AES_OSSL_##BITS##_CBC_EncryptX2(con
+ 				     const unsigned char* in, unsigned char *out,	\
+ 	       			     ssize_t len, ssize_t *olen)			\
+ {											\
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;					\
+-	EVP_EncryptInit(evpctx, NULL, NULL, NULL);					\
+-	EVP_EncryptInit(evpctx+1, NULL, NULL, NULL);					\
+-	EVP_CIPHER_CTX_set_padding(evpctx, 0);						\
+-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);					\
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;				\
++	EVP_EncryptInit(evpctx[0], NULL, NULL, NULL);					\
++	EVP_EncryptInit(evpctx[1], NULL, NULL, NULL);					\
++	EVP_CIPHER_CTX_set_padding(evpctx[0], 0);					\
++	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);					\
+ 	return AES_Gen_CBC_Enc(AES_OSSL_Blk_EncryptX2, ctx, rounds, iv, pad, in, out, len, olen);	\
+ };											\
+ int  AES_OSSL_##BITS##_CBC_DecryptX2(const unsigned char *ctx, unsigned int rounds,	\
+@@ -404,11 +407,9 @@ int  AES_OSSL_##BITS##_CBC_DecryptX2(con
+ 				     const unsigned char* in, unsigned char *out,	\
+ 	       			     ssize_t len, ssize_t *olen)			\
+ {											\
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;					\
+-	EVP_DecryptInit(evpctx+1, NULL, NULL, NULL);					\
+-	EVP_DecryptInit(evpctx, NULL, NULL, NULL);					\
+-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);					\
+-	EVP_CIPHER_CTX_set_padding(evpctx, 0);						\
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;				\
++	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);					\
++	EVP_CIPHER_CTX_set_padding(evpctx[0], 0);					\
+ 	return AES_Gen_CBC_Dec(AES_OSSL_Blk_DecryptX2, ctx, rounds, iv, pad, in, out, len, olen);	\
+ }
+ 
+@@ -424,11 +425,11 @@ int  AES_OSSL_##BITS##_CTR_CryptX2(const
+ 	       			     ssize_t len, ssize_t *olen)			\
+ {											\
+ 	*olen = len;									\
+-	EVP_CIPHER_CTX *evpctx = (EVP_CIPHER_CTX*)ctx;					\
+-	EVP_EncryptInit(evpctx, NULL, NULL, NULL);					\
+-	EVP_EncryptInit(evpctx+1, NULL, NULL, NULL);					\
+-	EVP_CIPHER_CTX_set_padding(evpctx, 0);						\
+-	EVP_CIPHER_CTX_set_padding(evpctx+1, 0);					\
++	EVP_CIPHER_CTX **evpctx = (EVP_CIPHER_CTX**)ctx;				\
++	EVP_EncryptInit(evpctx[0], NULL, NULL, NULL);					\
++	EVP_EncryptInit(evpctx[1], NULL, NULL, NULL);					\
++	EVP_CIPHER_CTX_set_padding(evpctx[0], 0);					\
++	EVP_CIPHER_CTX_set_padding(evpctx[1], 0);					\
+ 	return AES_Gen_CTR_Crypt(AES_OSSL_Blk_EncryptX2, ctx, rounds, iv, in, out, len);\
+ }
+ 
+@@ -437,8 +438,8 @@ AES_OSSL_DECL_CTR_X2(192);
+ AES_OSSL_DECL_CTR_X2(256);
+ 
+ 
+-#define EVP_CTX_SZ sizeof(EVP_CIPHER_CTX)
+-#define EVP_CTX_SZX2 2*sizeof(EVP_CIPHER_CTX)
++#define EVP_CTX_SZ sizeof(EVP_CIPHER_CTX*)
++#define EVP_CTX_SZX2 2*sizeof(EVP_CIPHER_CTX*)
+ 
+ ciph_desc_t AES_OSSL_Methods[] = {
+ 				 {"AES128-ECB"  , 128, 10, 16, EVP_CTX_SZ, &aes_stream_ecb,
diff --git a/dd_rescue.changes b/dd_rescue.changes
index 6f6a38f..dd78a82 100644
--- a/dd_rescue.changes
+++ b/dd_rescue.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Wed Nov 29 17:25:01 UTC 2017 - meissner@suse.com
+
+- dd_rescue-openssl11.patch: ported to openssl 1.1 (bsc#1070369)
+
 -------------------------------------------------------------------
 Fri Nov 10 15:08:21 CET 2017 - kurt@garloff.de
 
diff --git a/dd_rescue.spec b/dd_rescue.spec
index b082d39..b5a13bb 100644
--- a/dd_rescue.spec
+++ b/dd_rescue.spec
@@ -27,6 +27,7 @@ Source0:        http://garloff.de/kurt/linux/ddrescue/%{name}-%{version}.tar.bz2
 Source1:        http://garloff.de/kurt/linux/ddrescue/%{name}-%{version}.tar.bz2.asc
 Source2:        %{name}.keyring
 Source99:       %{name}.changes
+Patch0:         dd_rescue-openssl11.patch
 BuildRequires:  autoconf
 BuildRequires:  libattr-devel
 %if 0%{?is_opensuse}
@@ -45,11 +46,7 @@ Recommends:     libfallocate0
 Provides:       ddrescue = %{version}
 Obsoletes:      ddrescue < %{version}
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-%if 0%{?suse_version} >= 1330
-BuildRequires:  libopenssl-1_0_0-devel
-%else
 BuildRequires:  pkgconfig(libcrypto)
-%endif
 
 %description
 dd_rescue helps when nothing else can: your disk has crashed and you
@@ -114,6 +111,9 @@ data to the decompressor; the plugin is still young and might expose bugs.
 
 %prep
 %setup -q
+if pkg-config --atleast-version=1.1.0 libssl; then
+%patch0 -p1
+fi
 
 # Remove build time references so build-compare can do its work
 FAKE_BUILDTIME=$(LC_ALL=C date -u -r %{SOURCE99} '+%%H:%%M')