FS#74015 - [nrpe] Is unreproducible as it includes dynamically generated DH params

Attached to Project: Community Packages
Opened by loqs (loqs) - Thursday, 03 March 2022, 01:08 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:07 GMT
Task Type Bug Report
Category Reproducible Builds
Status Closed
Assigned To Jonathan Steel (jsteel)
Architecture All
Severity Very Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
This means each build will be unique. Upstream issue [1]. PKGBUILD.diff.1 uses SSL_CTX_set_dh_auto to have openssl select DH parameters appropriate for the key size.
PKGBUILD.diff.2 uses DH parameters provided by Debian. Both options are compatible with both openssl 1.1 and 3.0. The current build is not 3.0 compatible as 3.0 removed dhparam -C which generates the C code to produce DH params.

Additional info:
* nrpe 4.0.3-2
[1] https://github.com/NagiosEnterprises/nrpe/issues/258
[2] PKGBUILD.diff.1
[3] PKGBUILD.diff.2
[4] https://github.com/openssl/openssl/commit/1696b8909bbe1485871ce68ed129bf91af5e17e2
This task depends upon

Closed by  Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:07 GMT
Reason for closing:  Moved
Additional comments about closing:  https://gitlab.archlinux.org/archlinux/p ackaging/packages/nrpe/issues/1
Comment by loqs (loqs) - Tuesday, 20 September 2022, 20:33 GMT
Updated patches for 4.1.0 which supports OpenSSL 3.0.

Loading...