[Pkg-nagios-changes] [pkg-nrpe] 03/04: Fix 11_reproducible_dh.h.patch to not leave USE_SSL_DH undefined.

Bas Couwenberg sebastic at debian.org
Thu Jul 6 13:18:48 UTC 2017 

This is an automated email from the git hooks/post-receive script.

sebastic pushed a commit to branch stretch-backports
in repository pkg-nrpe.

commit 4f5b87ad30fa31bcca705b08435aa3167e20d8f6
Author: Bas Couwenberg <sebastic at xs4all.nl>
Date:   Thu Jul 6 14:31:04 2017 +0200

    Fix 11_reproducible_dh.h.patch to not leave USE_SSL_DH undefined.
    
    Thanks to Johan Carlquist for pointing out this issue.
---
 debian/changelog                          |  2 ++
 debian/patches/11_reproducible_dh.h.patch | 18 ++++++++++++++++++
 2 files changed, 20 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 12927e2..897453f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,8 @@ nagios-nrpe (3.1.1-1~bpo9+2) UNRELEASED; urgency=medium
 
   * Reinstate 11_reproducible_dh.h.patch for reproducible dh.h.
   * Regenerate dh.h with OpenSSL 1.1.0.
+  * Fix 11_reproducible_dh.h.patch to not leave USE_SSL_DH undefined.
+    Thanks to Johan Carlquist for pointing out this issue.
 
  -- Bas Couwenberg <sebastic at debian.org>  Wed, 05 Jul 2017 09:34:53 +0200
 
diff --git a/debian/patches/11_reproducible_dh.h.patch b/debian/patches/11_reproducible_dh.h.patch
index 733267c..605fb1a 100644
--- a/debian/patches/11_reproducible_dh.h.patch
+++ b/debian/patches/11_reproducible_dh.h.patch
@@ -59,3 +59,21 @@ Forwarded: not-needed
 +    }
 +    return dh;
 +}
+--- a/macros/ax_nagios_get_ssl
++++ b/macros/ax_nagios_get_ssl
+@@ -288,15 +288,7 @@ if test x$SSL_TYPE != xNONE; then
+ 		# Find the openssl program
+ 
+ 		if test x$need_dh = xyes; then
+-			AC_PATH_PROG(sslbin,openssl,value-if-not-found,$ssl_dir/sbin$PATH_SEPARATOR$ssl_dir/bin$PATH_SEPARATOR$PATH)
+ 			AC_DEFINE(USE_SSL_DH)
+-			# Generate DH parameters
+-			if test -f "$sslbin"; then
+-				echo ""
+-				echo "*** Generating DH Parameters for SSL/TLS ***"
+-				# awk to strip off meta data at bottom of dhparam output
+-				$sslbin dhparam -C 2048 | awk '/^-----/ {exit} {print}' > include/dh.h
+-			fi
+ 		fi
+ 	fi
+ fi

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-nagios/pkg-nrpe.git

More information about the Pkg-nagios-changes mailing list