diff -Nru transmission-3.00/debian/changelog transmission-3.00/debian/changelog --- transmission-3.00/debian/changelog 2022-03-25 09:52:54.000000000 +0000 +++ transmission-3.00/debian/changelog 2023-10-24 05:55:57.000000000 +0000 @@ -1,3 +1,13 @@ +transmission (3.00-2ubuntu2.1) jammy; urgency=medium + + [ Andrey Kudinov ] + * Replace openssl 3 compatibility patch to fix memory leak (LP: #1973084): + - d/p/openssl3-compat.patch: dropped + - d/p/transmission-3.00-openssl-3.patch: patch from Gentoo that enabled the + legacy provider in OpenSSL3, which restores RC4 + + -- Marius Gedminas Tue, 24 Oct 2023 08:55:57 +0300 + transmission (3.00-2ubuntu2) jammy; urgency=high * No change rebuild for ppc64el baseline bump. diff -Nru transmission-3.00/debian/patches/openssl3-compat.patch transmission-3.00/debian/patches/openssl3-compat.patch --- transmission-3.00/debian/patches/openssl3-compat.patch 2021-12-13 22:47:31.000000000 +0000 +++ transmission-3.00/debian/patches/openssl3-compat.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,130 +0,0 @@ -Description: Compatibility with OpenSSL 3 - We rely on RC4 because of the torrent protocol we're implementing, but this - is no longer available in the default provider. -Author: Steve Langasek -Bug-Ubuntu: https://bugs.launchpad.net/bugs/1946215 -Last-Update: 2021-12-13 -Forwarded: no - -Index: transmission-3.00/libtransmission/crypto-utils-openssl.c -=================================================================== ---- transmission-3.00.orig/libtransmission/crypto-utils-openssl.c -+++ transmission-3.00/libtransmission/crypto-utils-openssl.c -@@ -20,6 +20,9 @@ - #include - #include - #include -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L -+#include -+#endif - - #include "transmission.h" - #include "crypto-utils.h" -@@ -182,46 +185,86 @@ - - #endif - -+typedef struct tr_rc4_ctx { -+ EVP_CIPHER_CTX *cipher_ctx; -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L -+ OSSL_LIB_CTX *lib_ctx; -+#endif -+} tr_rc4_ctx; -+ - tr_rc4_ctx_t tr_rc4_new(void) - { -- EVP_CIPHER_CTX* handle = EVP_CIPHER_CTX_new(); -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L -+ OSSL_PROVIDER *legacy_provider = NULL; -+ OSSL_PROVIDER *default_provider = NULL; -+#endif -+ const EVP_CIPHER *cipher; - -- if (check_result(EVP_CipherInit_ex(handle, EVP_rc4(), NULL, NULL, NULL, -1))) -+ tr_rc4_ctx *handle = malloc(sizeof(tr_rc4_ctx)); -+ -+ handle->cipher_ctx = EVP_CIPHER_CTX_new(); -+ -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L -+ handle->lib_ctx = OSSL_LIB_CTX_new(); -+ TR_ASSERT(handle->lib_ctx); -+ legacy_provider = OSSL_PROVIDER_load(handle->lib_ctx, "legacy"); -+ TR_ASSERT(legacy_provider); -+ default_provider = OSSL_PROVIDER_load(handle->lib_ctx, "default"); -+ TR_ASSERT(default_provider); -+ -+ cipher = EVP_CIPHER_fetch(handle->lib_ctx, "RC4", NULL); -+#else -+ cipher = EVP_rc4(); -+#endif -+ -+ if (check_result(EVP_CipherInit_ex(handle->cipher_ctx, cipher, NULL, NULL, -+ NULL, -1))) - { - return handle; - } - -- EVP_CIPHER_CTX_free(handle); -+ EVP_CIPHER_CTX_free(handle->cipher_ctx); -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L -+ OSSL_LIB_CTX_free(handle->lib_ctx); -+#endif - return NULL; - } - --void tr_rc4_free(tr_rc4_ctx_t handle) -+void tr_rc4_free(tr_rc4_ctx_t h) - { -- if (handle == NULL) -+ if (h == NULL) - { - return; - } - -- EVP_CIPHER_CTX_free(handle); -+ tr_rc4_ctx *handle = (tr_rc4_ctx *)h; -+ -+ EVP_CIPHER_CTX_free(handle->cipher_ctx); -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L -+ OSSL_LIB_CTX_free(handle->lib_ctx); -+#endif -+ free(handle); - } - --void tr_rc4_set_key(tr_rc4_ctx_t handle, uint8_t const* key, size_t key_length) -+void tr_rc4_set_key(tr_rc4_ctx_t h, uint8_t const* key, size_t key_length) - { -- TR_ASSERT(handle != NULL); -+ TR_ASSERT(h != NULL); - TR_ASSERT(key != NULL); - -- if (!check_result(EVP_CIPHER_CTX_set_key_length(handle, key_length))) -+ tr_rc4_ctx *handle = (tr_rc4_ctx *)h; -+ if (!check_result(EVP_CIPHER_CTX_set_key_length(handle->cipher_ctx, key_length))) - { - return; - } - -- check_result(EVP_CipherInit_ex(handle, NULL, NULL, key, NULL, -1)); -+ check_result(EVP_CipherInit_ex(handle->cipher_ctx, NULL, NULL, key, NULL, -1)); - } - --void tr_rc4_process(tr_rc4_ctx_t handle, void const* input, void* output, size_t length) -+void tr_rc4_process(tr_rc4_ctx_t h, void const* input, void* output, size_t length) - { -- TR_ASSERT(handle != NULL); -+ TR_ASSERT(h != NULL); - -+ tr_rc4_ctx *handle = (tr_rc4_ctx *)h; - if (length == 0) - { - return; -@@ -232,7 +275,7 @@ - - int output_length; - -- check_result(EVP_CipherUpdate(handle, output, &output_length, input, length)); -+ check_result(EVP_CipherUpdate(handle->cipher_ctx, output, &output_length, input, length)); - } - - /*** diff -Nru transmission-3.00/debian/patches/series transmission-3.00/debian/patches/series --- transmission-3.00/debian/patches/series 2021-12-30 00:48:19.000000000 +0000 +++ transmission-3.00/debian/patches/series 2023-10-24 05:55:57.000000000 +0000 @@ -4,4 +4,4 @@ ayatana-indicators.patch patch-vendored-libdht.patch build_new_autoconf.patch -openssl3-compat.patch +transmission-3.00-openssl-3.patch diff -Nru transmission-3.00/debian/patches/transmission-3.00-openssl-3.patch transmission-3.00/debian/patches/transmission-3.00-openssl-3.patch --- transmission-3.00/debian/patches/transmission-3.00-openssl-3.patch 1970-01-01 00:00:00.000000000 +0000 +++ transmission-3.00/debian/patches/transmission-3.00-openssl-3.patch 2023-10-24 05:55:57.000000000 +0000 @@ -0,0 +1,43 @@ +From 6ee128b95bacaff20746538dc97c2b8e2b9fcc29 Mon Sep 17 00:00:00 2001 +From: Mike Gilbert +Date: Sun, 15 May 2022 10:54:38 -0400 +Subject: [PATCH] openssl: load "legacy" provider for RC4 + +--- + libtransmission/crypto-utils-openssl.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +Origin: other, https://gitweb.gentoo.org/repo/gentoo.git/tree/net-p2p/transmission/files/transmission-3.00-openssl-3.patch +Bug: https://github.com/transmission/transmission/issues/3077 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/transmission/+bug/1973084 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051056 +Last-Updated: 2023-10-27 + +diff --git a/libtransmission/crypto-utils-openssl.c b/libtransmission/crypto-utils-openssl.c +index 45fd71913..14d680654 100644 +--- a/libtransmission/crypto-utils-openssl.c ++++ b/libtransmission/crypto-utils-openssl.c +@@ -20,6 +20,9 @@ + #include + #include + #include ++#if OPENSSL_VERSION_MAJOR >= 3 ++#include ++#endif + + #include "transmission.h" + #include "crypto-utils.h" +@@ -184,6 +187,10 @@ static void openssl_evp_cipher_context_free(EVP_CIPHER_CTX* handle) + + tr_rc4_ctx_t tr_rc4_new(void) + { ++#if OPENSSL_VERSION_MAJOR >= 3 ++ OSSL_PROVIDER_load(NULL, "default"); ++ OSSL_PROVIDER_load(NULL, "legacy"); ++#endif + EVP_CIPHER_CTX* handle = EVP_CIPHER_CTX_new(); + + if (check_result(EVP_CipherInit_ex(handle, EVP_rc4(), NULL, NULL, NULL, -1))) +-- +2.35.1 +