diff options
Diffstat (limited to 'bind-9.14-config-pkcs11.patch')
| -rw-r--r-- | bind-9.14-config-pkcs11.patch | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/bind-9.14-config-pkcs11.patch b/bind-9.14-config-pkcs11.patch new file mode 100644 index 0000000..0d62df6 --- /dev/null +++ b/bind-9.14-config-pkcs11.patch @@ -0,0 +1,83 @@ +From e6ab9c67f0a14adc23c1067e03a106da1b1651b7 Mon Sep 17 00:00:00 2001 +From: Petr Mensik <pemensik@redhat.com> +Date: Fri, 18 Oct 2019 21:30:52 +0200 +Subject: [PATCH] Move USE_PKCS11 and USE_OPENSSL out of config.h + +Building two variants with the same common code requires to unset +USE_PKCS11 on part of build. That is not possible with config.h value. +Move it as normal define to CDEFINES. +--- + bin/confgen/Makefile.in | 2 +- + configure.ac | 8 ++++++-- + lib/dns/dst_internal.h | 12 +++++++++--- + 3 files changed, 16 insertions(+), 6 deletions(-) + +diff --git a/bin/confgen/Makefile.in b/bin/confgen/Makefile.in +index 1b7512d..c126bf3 100644 +--- a/bin/confgen/Makefile.in ++++ b/bin/confgen/Makefile.in +@@ -22,7 +22,7 @@ VERSION=@BIND9_VERSION@ + CINCLUDES = -I${srcdir}/include ${ISC_INCLUDES} ${ISCCC_INCLUDES} \ + ${ISCCFG_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} + +-CDEFINES = ++CDEFINES = @USE_PKCS11@ + CWARNINGS = + + ISCCFGLIBS = ../../lib/isccfg/libisccfg.@A@ +diff --git a/configure.ac b/configure.ac +index f5483fe..08a7d8a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -935,10 +935,14 @@ AC_SUBST([PKCS11_TEST]) + AC_SUBST([PKCS11_TOOLS]) + AC_SUBST([PKCS11_MANS]) + ++USE_PKCS11='-DUSE_PKCS11=0' ++USE_OPENSSL='-DUSE_OPENSSL=0' + AC_SUBST([CRYPTO]) + AS_CASE([$CRYPTO], +- [pkcs11],[AC_DEFINE([USE_PKCS11], [1], [define if PKCS11 is used for Public-Key Cryptography])], +- [AC_DEFINE([USE_OPENSSL], [1], [define if OpenSSL is used for Public-Key Cryptography])]) ++ [pkcs11],[USE_PKCS11='-DUSE_PKCS11=1'], ++ [USE_OPENSSL='-DUSE_OPENSSL=1']) ++AC_SUBST(USE_PKCS11) ++AC_SUBST(USE_OPENSSL) + + # preparation for automake + # AM_CONDITIONAL([PKCS11_TOOLS], [test "$with_native_pkcs11" = "yes"]) +diff --git a/lib/dns/dst_internal.h b/lib/dns/dst_internal.h +index 2c3b4a3..55e9dc4 100644 +--- a/lib/dns/dst_internal.h ++++ b/lib/dns/dst_internal.h +@@ -38,6 +38,13 @@ + #include <isc/stdtime.h> + #include <isc/types.h> + ++#ifndef USE_PKCS11 ++#define USE_PKCS11 0 ++#endif ++#ifndef USE_OPENSSL ++#define USE_OPENSSL (! USE_PKCS11) ++#endif ++ + #if USE_PKCS11 + #include <pk11/pk11.h> + #include <pk11/site.h> +@@ -116,11 +123,10 @@ struct dst_key { + void *generic; + dns_gss_ctx_id_t gssctx; + DH *dh; +-#if USE_OPENSSL +- EVP_PKEY *pkey; +-#endif /* if USE_OPENSSL */ + #if USE_PKCS11 + pk11_object_t *pkey; ++#else ++ EVP_PKEY *pkey; + #endif /* if USE_PKCS11 */ + dst_hmac_key_t *hmac_key; + } keydata; /*%< pointer to key in crypto pkg fmt */ +-- +2.26.2 + |