Bug#939120: buster-pu: package ircd-hybrid/1:8.2.24+dfsg.1-1+deb10u1

Sun, 01 Sep 2019 04:46:00 -0700 

Package: release.debian.org
Severity: normal
Tags: buster
User: [email protected]
Usertags: pu

Per #932774, in its default configuration, ircd-hybrid does not start
up due to a missing dhparam.pem. I've attached a proposed fix.

Thanks,
Dominic.

>From 1c6f00298ba86bc06f22efd7d3fbe9bf27a83a6a Mon Sep 17 00:00:00 2001
From: Dominic Hargreaves <[email protected]>
Date: Sun, 1 Sep 2019 11:57:41 +0100
Subject: [PATCH] Use dhparam.pem to avoid segfault on startup (Closes:
 #932774)

---
 debian/changelog            | 6 ++++++
 debian/ircd-hybrid.postinst | 5 +++++
 debian/ircd.conf            | 2 +-
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index fd4f1e8..77777d0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ircd-hybrid (1:8.2.24+dfsg.1-1+deb10u1) UNRELEASED; urgency=medium
+
+  * Use dhparam.pem to avoid segfault on startup (Closes: #932774)
+
+ -- Dominic Hargreaves <[email protected]>  Wed, 25 Apr 2018 21:01:41 +0100
+
 ircd-hybrid (1:8.2.24+dfsg.1-1) unstable; urgency=medium
 
   * New upstream release
diff --git a/debian/ircd-hybrid.postinst b/debian/ircd-hybrid.postinst
index ff853ce..b639a55 100644
--- a/debian/ircd-hybrid.postinst
+++ b/debian/ircd-hybrid.postinst
@@ -48,6 +48,11 @@ if [ ! -f /etc/ircd-hybrid/key/ircd.pem ]; then
        echo "See README.Debian about personalizing the data in ircd.pem."
 fi
 
+if [ ! -f /etc/ircd-hybrid/key/dhparam.pem ]; then
+       echo "Generating dhparam.pem ..."
+       openssl dhparam -out /etc/ircd-hybrid/key/dhparam.pem 2048
+fi
+
 # These directories may have been created before, but we need to make them
 # owned by irc. Or the initscript will get owned. If it's already this 
 # way, this operation makes no difference.
diff --git a/debian/ircd.conf b/debian/ircd.conf
index 791c07e..1022cd5 100644
--- a/debian/ircd.conf
+++ b/debian/ircd.conf
@@ -158,7 +158,7 @@ serverinfo {
         * GnuTLS:
         *    certtool --generate-dh-params --sec-param=medium --outfile 
dhparam.pem
         */
-#      ssl_dh_param_file = "/etc/ircd-hybrid/dhparam.pem";
+       ssl_dh_param_file = "/etc/ircd-hybrid/key/dhparam.pem";
 
        /*
         * ssl_dh_elliptic_curve: defines the curve to use for the
-- 
2.23.0

Reply via email to