From 447c21089ba055f151d49b362576e1cf12065948 Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Fri, 1 Mar 2019 22:33:46 +0100
Subject: [PATCH] tinc_pre: fix error after openssl upgrade

With the openssl upgrade to 1.0.2r / 1.1.1b the tinc pre-release version
stopped working due to a bug in tinc where an encryption function was
used during decryption. I submitted a patch upstream [1] but that wasn't
released yet.

[1] http://git.tinc-vpn.org/git/browse?p=tinc;a=commit;h=2b0aeec02d64bb4724da9ff1dbc19b7d35d7c904
---
 pkgs/tools/networking/tinc/pre.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/pkgs/tools/networking/tinc/pre.nix b/pkgs/tools/networking/tinc/pre.nix
index 4c3c428d3f01..df9eb9bdad25 100644
--- a/pkgs/tools/networking/tinc/pre.nix
+++ b/pkgs/tools/networking/tinc/pre.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchgit, autoreconfHook, texinfo, ncurses, readline, zlib, lzo, openssl }:
+{ stdenv, fetchgit, fetchpatch, autoreconfHook, texinfo, ncurses, readline, zlib, lzo, openssl }:
 
 stdenv.mkDerivation rec {
   name = "tinc-${version}";
@@ -12,6 +12,14 @@ stdenv.mkDerivation rec {
 
   outputs = [ "out" "man" "info" ];
 
+  patches = [
+    (fetchpatch {
+      name = "tinc-openssl-1.0.2r.patch";
+      url = "http://git.tinc-vpn.org/git/browse?p=tinc;a=patch;h=2b0aeec02d64bb4724da9ff1dbc19b7d35d7c904";
+      sha256 = "0kidzlmgl0cin4g54ygcxa0jbq9vwlk3dyq5f65nkjd8yvayfzi8";
+    })
+  ];
+
   nativeBuildInputs = [ autoreconfHook texinfo ];
   buildInputs = [ ncurses readline zlib lzo openssl ];