[Pkg-nagios-changes] [pkg-nrpe] 02/02: Fix 11_reproducible_dh.h.patch to not leave USE_SSL_DH undefined.

Bas Couwenberg sebastic at debian.org
Thu Jul 6 13:27:12 UTC 2017 

This is an automated email from the git hooks/post-receive script.

sebastic pushed a commit to branch stretch
in repository pkg-nrpe.

commit 2b82acf0ff3a93db939bb327046e010c7f360c43
Author: Bas Couwenberg <sebastic at xs4all.nl>
Date:   Thu Jul 6 15:21:55 2017 +0200

    Fix 11_reproducible_dh.h.patch to not leave USE_SSL_DH undefined.
    
    Thanks to Johan Carlquist for pointing out this issue.
---
 debian/changelog                          |  2 ++
 debian/patches/11_reproducible_dh.h.patch | 27 +++++++++++++++++----------
 2 files changed, 19 insertions(+), 10 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 138b8d0..941f831 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,8 @@
 nagios-nrpe (3.0.1-3+deb9u1) UNRELEASED; urgency=medium
 
   * Update branch in gbp.conf & Vcs-Git URL.
+  * Fix 11_reproducible_dh.h.patch to not leave USE_SSL_DH undefined.
+    Thanks to Johan Carlquist for pointing out this issue.
 
  -- Bas Couwenberg <sebastic at debian.org>  Thu, 06 Jul 2017 15:19:51 +0200
 
diff --git a/debian/patches/11_reproducible_dh.h.patch b/debian/patches/11_reproducible_dh.h.patch
index 6faa005..3177473 100644
--- a/debian/patches/11_reproducible_dh.h.patch
+++ b/debian/patches/11_reproducible_dh.h.patch
@@ -47,14 +47,21 @@ Forwarded: not-needed
 +		{ DH_free(dh); return(NULL); }
 +	return(dh);
 +	}
---- a/configure.ac
-+++ b/configure.ac
-@@ -307,7 +307,7 @@ AC_ARG_ENABLE([ssl],
- dnl Optional SSL library and include paths
- if test x$check_for_ssl = xyes; then
- 	# need_dh should only be set for NRPE
--	need_dh=yes
-+	need_dh=no
- 	AC_NAGIOS_GET_SSL
- fi
+--- a/macros/ax_nagios_get_ssl
++++ b/macros/ax_nagios_get_ssl
+@@ -287,15 +287,7 @@ if test x$SSL_TYPE != xNONE; then
+ 		# Find the openssl program
  
+ 		if test x$need_dh = xyes; then
+-			AC_PATH_PROG(sslbin,openssl,value-if-not-found,$ssl_dir/sbin$PATH_SEPARATOR$ssl_dir/bin$PATH_SEPARATOR$PATH)
+ 			AC_DEFINE(USE_SSL_DH)
+-			# Generate DH parameters
+-			if test -f "$sslbin"; then
+-				echo ""
+-				echo "*** Generating DH Parameters for SSL/TLS ***"
+-				# awk to strip off meta data at bottom of dhparam output
+-				$sslbin dhparam -C 2048 | awk '/^-----/ {exit} {print}' > include/dh.h
+-			fi
+ 		fi
+ 	fi
+ fi

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-nagios/pkg-nrpe.git

More information about the Pkg-nagios-changes mailing list