FS#74015 - [nrpe] Is unreproducible as it includes dynamically generated DH params
Attached to Project:
Community Packages
Opened by loqs (loqs) - Thursday, 03 March 2022, 01:08 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:07 GMT
Opened by loqs (loqs) - Thursday, 03 March 2022, 01:08 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:07 GMT
|
Details
Description:
This means each build will be unique. Upstream issue [1]. PKGBUILD.diff.1 uses SSL_CTX_set_dh_auto to have openssl select DH parameters appropriate for the key size. PKGBUILD.diff.2 uses DH parameters provided by Debian. Both options are compatible with both openssl 1.1 and 3.0. The current build is not 3.0 compatible as 3.0 removed dhparam -C which generates the C code to produce DH params. Additional info: * nrpe 4.0.3-2 [1] https://github.com/NagiosEnterprises/nrpe/issues/258 [2] PKGBUILD.diff.1 [3] PKGBUILD.diff.2 [4] https://github.com/openssl/openssl/commit/1696b8909bbe1485871ce68ed129bf91af5e17e2 |
This task depends upon
Closed by Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:07 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/nrpe/issues/1
Saturday, 25 November 2023, 20:07 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/nrpe/issues/1
PKGBUILD.diff.2 (1.1 KiB)