Bug#939120: buster-pu: package ircd-hybrid/1:8.2.24+dfsg.1-1+deb10u1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#939120: buster-pu: package ircd-hybrid/1:8.2.24+dfsg.1-1+deb10u1
From: Dominic Hargreaves <dom@earth.li>
Date: Sun, 01 Sep 2019 12:40:52 +0100
Message-id: <[🔎] 156733805297.22041.8530892962103220964.reportbug@urchin.earth.li>
Reply-to: Dominic Hargreaves <dom@earth.li>, 939120@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu

Per #932774, in its default configuration, ircd-hybrid does not start
up due to a missing dhparam.pem. I've attached a proposed fix.

Thanks,
Dominic.

>From 1c6f00298ba86bc06f22efd7d3fbe9bf27a83a6a Mon Sep 17 00:00:00 2001
From: Dominic Hargreaves <dom@earth.li>
Date: Sun, 1 Sep 2019 11:57:41 +0100
Subject: [PATCH] Use dhparam.pem to avoid segfault on startup (Closes:
 #932774)

---
 debian/changelog            | 6 ++++++
 debian/ircd-hybrid.postinst | 5 +++++
 debian/ircd.conf            | 2 +-
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index fd4f1e8..77777d0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ircd-hybrid (1:8.2.24+dfsg.1-1+deb10u1) UNRELEASED; urgency=medium
+
+  * Use dhparam.pem to avoid segfault on startup (Closes: #932774)
+
+ -- Dominic Hargreaves <dom@earth.li>  Wed, 25 Apr 2018 21:01:41 +0100
+
 ircd-hybrid (1:8.2.24+dfsg.1-1) unstable; urgency=medium
 
   * New upstream release
diff --git a/debian/ircd-hybrid.postinst b/debian/ircd-hybrid.postinst
index ff853ce..b639a55 100644
--- a/debian/ircd-hybrid.postinst
+++ b/debian/ircd-hybrid.postinst
@@ -48,6 +48,11 @@ if [ ! -f /etc/ircd-hybrid/key/ircd.pem ]; then
 	echo "See README.Debian about personalizing the data in ircd.pem."
 fi
 
+if [ ! -f /etc/ircd-hybrid/key/dhparam.pem ]; then
+	echo "Generating dhparam.pem ..."
+	openssl dhparam -out /etc/ircd-hybrid/key/dhparam.pem 2048
+fi
+
 # These directories may have been created before, but we need to make them
 # owned by irc. Or the initscript will get owned. If it's already this 
 # way, this operation makes no difference.
diff --git a/debian/ircd.conf b/debian/ircd.conf
index 791c07e..1022cd5 100644
--- a/debian/ircd.conf
+++ b/debian/ircd.conf
@@ -158,7 +158,7 @@ serverinfo {
 	 * GnuTLS:
 	 *    certtool --generate-dh-params --sec-param=medium --outfile dhparam.pem
 	 */
-#	ssl_dh_param_file = "/etc/ircd-hybrid/dhparam.pem";
+	ssl_dh_param_file = "/etc/ircd-hybrid/key/dhparam.pem";
 
 	/*
 	 * ssl_dh_elliptic_curve: defines the curve to use for the
-- 
2.23.0

Reply to:

Prev by Date: NEW changes in oldstable-new
Next by Date: Bug#935957: mapproxy 1.11.0-3+deb10u1 flagged for acceptance
Previous by thread: Processed: Re: Bug#935970: stretch-pu: package node-fstream/1.0.10-1+deb9u1
Next by thread: Bug#935957: mapproxy 1.11.0-3+deb10u1 flagged for acceptance
Index(es):
- Date
- Thread