[rpms/openssl] rebase_40beta: Fix provider no_cache behaviour

[Dmitry Belyavskiy <dbelyavs@redhat.com>]

A new commit has been pushed.

Repo   : rpms/openssl
Branch : rebase_40beta
Commit : 3e4eea28e54d0550f621d087a90b82d7a4b57883
Author : Dmitry Belyavskiy <dbelyavs@redhat.com>
Date   : 2025-01-02T11:00:23+01:00
Stats  : +109/-1 in 2 file(s)
URL    : https://src.fedoraproject.org/rpms/openssl/c/3e4eea28e54d0550f621d087a90b82d7a4b57883?branch=rebase_40beta

Log:
Fix provider no_cache behaviour

---
diff --git a/0140-prov_no-cache.patch b/0140-prov_no-cache.patch
new file mode 100644
index 0000000..3dee746
--- /dev/null
+++ b/0140-prov_no-cache.patch
@@ -0,0 +1,103 @@
+diff --git a/crypto/core_fetch.c b/crypto/core_fetch.c
+index d311158d77589..70715e7d6a99c 100644
+--- a/crypto/core_fetch.c
++++ b/crypto/core_fetch.c
+@@ -120,7 +120,7 @@ static void ossl_method_construct_this(OSSL_PROVIDER *provider,
+      * It is *expected* that the put function increments the refcnt
+      * of the passed method.
+      */
+-    data->mcm->put(data->store, method, provider, algo->algorithm_names,
++    data->mcm->put(no_store ? data->store : NULL, method, provider, algo->algorithm_names,
+                    algo->property_definition, data->mcm_data);
+ 
+     /* refcnt-- because we're dropping the reference */
+diff --git a/test/nocache-and-default.cnf b/test/nocache-and-default.cnf
+new file mode 100644
+index 0000000000000..cf5ca8d114151
+--- /dev/null
++++ b/test/nocache-and-default.cnf
+@@ -0,0 +1,18 @@
++openssl_conf = openssl_init
++
++# Comment out the next line to ignore configuration errors
++config_diagnostics = 1
++
++[openssl_init]
++providers = provider_sect
++
++[provider_sect]
++test    = test_sect
++default = default_sect
++
++[test_sect]
++module = ../test/p_test.so
++activate = true
++
++[default_sect]
++activate = true
+diff --git a/test/p_test.c b/test/p_test.c
+index 2d20190d4d57b..05f71ec8347c0 100644
+--- a/test/p_test.c
++++ b/test/p_test.c
+@@ -230,12 +230,21 @@ static const OSSL_ITEM *p_get_reason_strings(void *_)
+     return reason_strings;
+ }
+ 
++static const OSSL_ALGORITHM *p_query(OSSL_PROVIDER *prov,
++                                     int operation_id,
++                                     int *no_cache)
++{
++    *no_cache = 1;
++    return NULL;
++}
++
+ static const OSSL_DISPATCH p_test_table[] = {
+     { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))p_gettable_params },
+     { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))p_get_params },
+     { OSSL_FUNC_PROVIDER_GET_REASON_STRINGS,
+         (void (*)(void))p_get_reason_strings},
+     { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))p_teardown },
++    { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))p_query },
+     OSSL_DISPATCH_END
+ };
+ 
+diff --git a/test/recipes/20-test_nocache.t b/test/recipes/20-test_nocache.t
+new file mode 100644
+index 0000000000000..734e44ec8c2e1
+--- /dev/null
++++ b/test/recipes/20-test_nocache.t
+@@ -0,0 +1,34 @@
++#! /usr/bin/env perl
++# Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
++#
++# Licensed under the Apache License 2.0 (the "License").  You may not use
++# this file except in compliance with the License.  You can obtain a copy
++# in the file LICENSE in the source distribution or at
++# https://www.openssl.org/source/license.html
++
++use strict;
++use warnings;
++
++use OpenSSL::Test qw/:DEFAULT bldtop_file srctop_file bldtop_dir with/;
++use OpenSSL::Test::Utils;
++
++setup("test_nocache");
++
++plan tests => 4;
++
++ok(run(app(["openssl", "list", "-mac-algorithms"],
++        stdout => "listout.txt")),
++"List mac algorithms - default configuration");
++open DATA, "listout.txt";
++my @match = grep /MAC/, <DATA>;
++close DATA;
++ok(scalar @match > 1 ? 1 : 0, "Several algorithms are listed - default configuration");
++
++$ENV{OPENSSL_CONF} = bldtop_file("test", "nocache-and-default.cnf");
++ok(run(app(["openssl", "list", "-mac-algorithms"],
++        stdout => "listout.txt")),
++"List mac algorithms");
++open DATA, "listout.txt";
++my @match = grep /MAC/, <DATA>;
++close DATA;
++ok(scalar @match > 1 ? 1 : 0, "Several algorithms are listed - nocache-and-default");

diff --git a/openssl.spec b/openssl.spec
index 7397a07..7dada25 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16))
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 3.2.2
-Release: 9%{?dist}
+Release: 10%{?dist}
 Epoch: 1
 Source: openssl-%{version}.tar.gz
 Source2: Makefile.certificate
@@ -178,6 +178,8 @@ Patch137: 0137-Add-explicit-testing-of-ALN-and-NPN-in-sslapitest.patch
 Patch138: 0138-Add-a-test-for-an-empty-NextProto-message.patch
 # https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f
 Patch139: 0139-CVE-2024-6119.patch
+# https://github.com/openssl/openssl/pull/26197
+Patch140: 0140-prov_no-cache.patch
 
 License: Apache-2.0
 URL: http://www.openssl.org/
@@ -547,6 +549,9 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco
 %ldconfig_scriptlets libs
 
 %changelog
+* Thu Jan 02 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.2.2-10
+- Fix provider no_cache behaviour
+
 * Wed Sep 25 2024 Lokesh Mandvekar <lsm5@fedoraproject.org> - 1:3.2.2-9
 - Add PQ container test via TMT