knot: patch enabling PKCS11 related code only if PKCS11 is available

[feed/packages.git] / net / knot / patches / 03_libdnssec_pkcs11_support.patch

diff --git a/net/knot/patches/03_libdnssec_pkcs11_support.patch b/net/knot/patches/03_libdnssec_pkcs11_support.patch
new file mode 100644 (file)
index 0000000..4e7e30c
--- /dev/null
+++ b/net/knot/patches/03_libdnssec_pkcs11_support.patch
@@ -0,0 +1,17 @@
+--- a/src/libdnssec/key/key.c
++++ b/src/libdnssec/key/key.c
+@@ -146,10 +146,14 @@ dnssec_key_t *dnssec_key_dup(const dnsse
+ 
+               gnutls_privkey_type_t type = gnutls_privkey_get_type(key->private_key);
+               if (type == GNUTLS_PRIVKEY_PKCS11) {
++#ifdef ENABLE_PKCS11
+                       gnutls_pkcs11_privkey_t tmp;
+                       gnutls_privkey_export_pkcs11(key->private_key, &tmp);
+                       gnutls_privkey_import_pkcs11(dup->private_key, tmp,
+                                                    GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
++#else
++                      assert(0);
++#endif
+               } else {
+                       assert(type == GNUTLS_PRIVKEY_X509);
+                       gnutls_x509_privkey_t tmp;