File nrpe-static_dh_parameters.patch of Package nrpe
Index: nrpe-4.1.0/macros/ax_nagios_get_ssl
===================================================================
--- nrpe-4.1.0.orig/macros/ax_nagios_get_ssl
+++ nrpe-4.1.0/macros/ax_nagios_get_ssl
@@ -292,22 +292,27 @@ if test x$SSL_TYPE != xNONE; then
AC_DEFINE(USE_SSL_DH)
# Generate DH parameters
if test -f "$sslbin"; then
- echo ""
- echo "*** Generating DH Parameters for SSL/TLS ***"
- # OpenSSL 3 removes dhparam -C
- # check version and use our own parser if needed
- nagios_ssl_major_version=`$sslbin version | cut -d' ' -f2 | cut -d. -f1`
+ if test -f include/dh.h ; then
+ echo ""
+ echo "*** Skipping generation of DH Parameters for SSL/TLS: include/dh.h already exists ***"
+ else
+ echo ""
+ echo "*** Generating DH Parameters for SSL/TLS ***"
+ # OpenSSL 3 removes dhparam -C
+ # check version and use our own parser if needed
+ nagios_ssl_major_version=`$sslbin version | cut -d' ' -f2 | cut -d. -f1`
- test -d include || mkdir include
- if test "x$nagios_ssl_major_version" = "x3"; then
- AC_DEFINE_UNQUOTED(OPENSSL_V3,[1],[Have OpenSSL v3])
- test -d src || mkdir src
- $CC ${srcdir}/src/print_c_code.c -o src/print_c_code
- $sslbin dhparam -text 2048 | ./src/print_c_code > include/dh.h
- else
- # awk to strip off meta data at bottom of dhparam output
- $sslbin dhparam -C 2048 | awk '/^-----/ {exit} {print}' > include/dh.h
- fi
+ test -d include || mkdir include
+ if test "x$nagios_ssl_major_version" = "x3"; then
+ AC_DEFINE_UNQUOTED(OPENSSL_V3,[1],[Have OpenSSL v3])
+ test -d src || mkdir src
+ $CC ${srcdir}/src/print_c_code.c -o src/print_c_code
+ $sslbin dhparam -text 2048 | ./src/print_c_code > include/dh.h
+ else
+ # awk to strip off meta data at bottom of dhparam output
+ $sslbin dhparam -C 2048 | awk '/^-----/ {exit} {print}' > include/dh.h
+ fi
+ fi
fi
fi
fi
Index: nrpe-4.1.0/configure
===================================================================
--- nrpe-4.1.0.orig/configure
+++ nrpe-4.1.0/configure
@@ -7747,28 +7747,32 @@ fi
$as_echo "#define USE_SSL_DH 1" >>confdefs.h
-
- # Generate DH parameters
- if test -f "$sslbin"; then
- echo ""
- echo "*** Generating DH Parameters for SSL/TLS ***"
- # OpenSSL 3 removes dhparam -C
- # check version and use our own parser if needed
- nagios_ssl_major_version=`$sslbin version | cut -d' ' -f2 | cut -d. -f1`
-
- test -d include || mkdir include
- if test "x$nagios_ssl_major_version" = "x3"; then
-
+ if test -f include/dh.h ; then
+ echo ""
+ echo "*** Skipping generation of DH Parameters for SSL/TLS: include/dh.h already exists ***"
+ else
+ # Generate DH parameters
+ if test -f "$sslbin"; then
+ echo ""
+ echo "*** Generating DH Parameters for SSL/TLS ***"
+ # OpenSSL 3 removes dhparam -C
+ # check version and use our own parser if needed
+ nagios_ssl_major_version=`$sslbin version | cut -d' ' -f2 | cut -d. -f1`
+
+ test -d include || mkdir include
+ if test "x$nagios_ssl_major_version" = "x3"; then
+
cat >>confdefs.h <<_ACEOF
#define OPENSSL_V3 1
_ACEOF
-
- test -d src || mkdir src
- $CC ${srcdir}/src/print_c_code.c -o src/print_c_code
- $sslbin dhparam -text 2048 | ./src/print_c_code > include/dh.h
- else
- # awk to strip off meta data at bottom of dhparam output
- $sslbin dhparam -C 2048 | awk '/^-----/ {exit} {print}' > include/dh.h
+
+ test -d src || mkdir src
+ $CC ${srcdir}/src/print_c_code.c -o src/print_c_code
+ $sslbin dhparam -text 2048 | ./src/print_c_code > include/dh.h
+ else
+ # awk to strip off meta data at bottom of dhparam output
+ $sslbin dhparam -C 2048 | awk '/^-----/ {exit} {print}' > include/dh.h
+ fi
fi
fi
fi