Adding d/p/11_fallback_for_gnutls from upstream

2023-02-10 09:40:01 +00:00 · 2023-02-10 09:40:01 +00:00 · c1f3ca7ef3
parent 01c9312d4b
commit c1f3ca7ef3
2 changed files with 63 additions and 0 deletions
--- a/debian/patches/11_fallback_for_gnutls
+++ b/debian/patches/11_fallback_for_gnutls
@ -0,0 +1,62 @@
+From 6f0ce3804a396ce89c09f50123e5f31b5b525b31 Mon Sep 17 00:00:00 2001
+From: Andreas Baumann <mail@andreasbaumann.cc>
+Date: Sat, 4 Feb 2023 16:19:46 +0100
+Subject: [PATCH 1/2] fallback to SSL_CTX_use_certificate_file for gnutls
+
+---
+ plugins/sslutils.c | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/sslutils.c b/plugins/sslutils.c
+index 286273f61..d542c499f 100644
+--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
+@@ -134,7 +134,18 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
+ 		return STATE_CRITICAL;
+ 	}
+ 	if (cert && privkey) {
+-		SSL_CTX_use_certificate_chain_file(c, cert);
+#ifdef USE_OPENSSL
+		if (!SSL_CTX_use_certificate_chain_file(c, cert)) {
+#else
+#if USE_GNUTLS
+		if (!SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM)) {
+#else
+#error Unported for unknown SSL library
+#endif
+#endif
+			printf ("%s\n", _("CRITICAL - Unable to open certificate chain file!\n"));
+			return STATE_CRITICAL;
+		}
+ 		SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM);
+ #ifdef USE_OPENSSL
+ 		if (!SSL_CTX_check_private_key(c)) {
+
+From 28b5a1cc454774474b98037acd283a1da4c3f7ad Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Lorenz=20K=C3=A4stle?=
+ <12514511+RincewindsHat@users.noreply.github.com>
+Date: Thu, 9 Feb 2023 00:35:20 +0100
+Subject: [PATCH 2/2] Make preprocessor fallback for gnutls more readable
+
+---
+ plugins/sslutils.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/plugins/sslutils.c b/plugins/sslutils.c
+index d542c499f..a7d801963 100644
+--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
+@@ -136,12 +136,10 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
+ 	if (cert && privkey) {
+ #ifdef USE_OPENSSL
+ 		if (!SSL_CTX_use_certificate_chain_file(c, cert)) {
+-#else
+-#if USE_GNUTLS
+#elif  USE_GNUTLS
+ 		if (!SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM)) {
+ #else
+ #error Unported for unknown SSL library
+-#endif
+ #endif
+ 			printf ("%s\n", _("CRITICAL - Unable to open certificate chain file!\n"));
+ 			return STATE_CRITICAL;
--- a/debian/patches/series
+++ b/debian/patches/series
@ -2,3 +2,4 @@
 03_epn
 # commited upstream
 10_check_http_chunked_wo_actual_content
+11_fallback_for_gnutls