knot: patch enabling PKCS11 related code only if PKCS11 is available

author Jan Hák <jan.hak@nic.cz>

Thu, 26 Oct 2023 14:03:38 +0000 (16:03 +0200)

committer Josef Schlehofer <pepe.schlehofer@gmail.com>

Mon, 30 Oct 2023 17:31:56 +0000 (18:31 +0100)
author Jan Hák <jan.hak@nic.cz>
Thu, 26 Oct 2023 14:03:38 +0000 (16:03 +0200)
committer Josef Schlehofer <pepe.schlehofer@gmail.com>
Mon, 30 Oct 2023 17:31:56 +0000 (18:31 +0100)
diff --git a/net/knot/patches/03_libdnssec_pkcs11_support.patch b/net/knot/patches/03_libdnssec_pkcs11_support.patch

new file mode 100644 (file)

index 0000000..4e7e30c
--- /dev/null
+++ b/net/knot/patches/03_libdnssec_pkcs11_support.patch
@@ -0,0 +1,17 @@
+--- a/src/libdnssec/key/key.c
++++ b/src/libdnssec/key/key.c
+@@ -146,10 +146,14 @@ dnssec_key_t *dnssec_key_dup(const dnsse
+ 
+               gnutls_privkey_type_t type = gnutls_privkey_get_type(key->private_key);
+               if (type == GNUTLS_PRIVKEY_PKCS11) {
++#ifdef ENABLE_PKCS11
+                       gnutls_pkcs11_privkey_t tmp;
+                       gnutls_privkey_export_pkcs11(key->private_key, &tmp);
+                       gnutls_privkey_import_pkcs11(dup->private_key, tmp,
+                                                    GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
++#else
++                      assert(0);
++#endif
+               } else {
+                       assert(type == GNUTLS_PRIVKEY_X509);
+                       gnutls_x509_privkey_t tmp;
author	Jan Hák <jan.hak@nic.cz>
	Thu, 26 Oct 2023 14:03:38 +0000 (16:03 +0200)
committer	Josef Schlehofer <pepe.schlehofer@gmail.com>
	Mon, 30 Oct 2023 17:31:56 +0000 (18:31 +0100)