From c1f3ca7ef3f1e4971b496a94d69846c7741e9ead Mon Sep 17 00:00:00 2001
From: Jan Wagner <waja@cyconet.org>
Date: Fri, 10 Feb 2023 09:40:01 +0000
Subject: [PATCH] Adding d/p/11_fallback_for_gnutls from upstream

---
 debian/patches/11_fallback_for_gnutls | 62 +++++++++++++++++++++++++++
 debian/patches/series                 |  1 +
 2 files changed, 63 insertions(+)
 create mode 100644 debian/patches/11_fallback_for_gnutls

diff --git a/debian/patches/11_fallback_for_gnutls b/debian/patches/11_fallback_for_gnutls
new file mode 100644
index 0000000..0b1970f
--- /dev/null
+++ b/debian/patches/11_fallback_for_gnutls
@@ -0,0 +1,62 @@
+From 6f0ce3804a396ce89c09f50123e5f31b5b525b31 Mon Sep 17 00:00:00 2001
+From: Andreas Baumann <mail@andreasbaumann.cc>
+Date: Sat, 4 Feb 2023 16:19:46 +0100
+Subject: [PATCH 1/2] fallback to SSL_CTX_use_certificate_file for gnutls
+
+---
+ plugins/sslutils.c | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/sslutils.c b/plugins/sslutils.c
+index 286273f61..d542c499f 100644
+--- a/plugins/sslutils.c
++++ b/plugins/sslutils.c
+@@ -134,7 +134,18 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
+ 		return STATE_CRITICAL;
+ 	}
+ 	if (cert && privkey) {
+-		SSL_CTX_use_certificate_chain_file(c, cert);
++#ifdef USE_OPENSSL
++		if (!SSL_CTX_use_certificate_chain_file(c, cert)) {
++#else
++#if USE_GNUTLS
++		if (!SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM)) {
++#else
++#error Unported for unknown SSL library
++#endif
++#endif
++			printf ("%s\n", _("CRITICAL - Unable to open certificate chain file!\n"));
++			return STATE_CRITICAL;
++		}
+ 		SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM);
+ #ifdef USE_OPENSSL
+ 		if (!SSL_CTX_check_private_key(c)) {
+
+From 28b5a1cc454774474b98037acd283a1da4c3f7ad Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Lorenz=20K=C3=A4stle?=
+ <12514511+RincewindsHat@users.noreply.github.com>
+Date: Thu, 9 Feb 2023 00:35:20 +0100
+Subject: [PATCH 2/2] Make preprocessor fallback for gnutls more readable
+
+---
+ plugins/sslutils.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/plugins/sslutils.c b/plugins/sslutils.c
+index d542c499f..a7d801963 100644
+--- a/plugins/sslutils.c
++++ b/plugins/sslutils.c
+@@ -136,12 +136,10 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
+ 	if (cert && privkey) {
+ #ifdef USE_OPENSSL
+ 		if (!SSL_CTX_use_certificate_chain_file(c, cert)) {
+-#else
+-#if USE_GNUTLS
++#elif  USE_GNUTLS
+ 		if (!SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM)) {
+ #else
+ #error Unported for unknown SSL library
+-#endif
+ #endif
+ 			printf ("%s\n", _("CRITICAL - Unable to open certificate chain file!\n"));
+ 			return STATE_CRITICAL;
diff --git a/debian/patches/series b/debian/patches/series
index 94787c1..1e4256a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@
 03_epn
 # commited upstream
 10_check_http_chunked_wo_actual_content
+11_fallback_for_gnutls