- /var/lib/glusterd is used by client too, move to common subpackage

[packages/glusterfs.git] / ssl_paths.patch

diff --git a/ssl_paths.patch b/ssl_paths.patch
new file mode 100644 (file)
index 0000000..e66870b
--- /dev/null
+++ b/ssl_paths.patch
@@ -0,0 +1,28 @@
+diff -ur glusterfs-10.3.orig/rpc/rpc-transport/socket/src/socket.c glusterfs-10.3/rpc/rpc-transport/socket/src/socket.c
+--- glusterfs-10.3.orig/rpc/rpc-transport/socket/src/socket.c  2022-09-20 12:24:29.656820924 +0200
++++ glusterfs-10.3/rpc/rpc-transport/socket/src/socket.c       2023-02-15 16:02:26.665973455 +0100
+@@ -46,20 +46,12 @@
+ #define SSL_CRL_PATH_OPT "transport.socket.ssl-crl-path"
+ #define OWN_THREAD_OPT "transport.socket.own-thread"
+ 
+-#if !defined(DEFAULT_CERT_PATH)
+-#define DEFAULT_CERT_PATH SSL_CERT_PATH "/glusterfs.pem"
+-#endif
+-#if !defined(DEFAULT_KEY_PATH)
+-#define DEFAULT_KEY_PATH SSL_CERT_PATH "/glusterfs.key"
+-#endif
+-#if !defined(DEFAULT_CA_PATH)
+-#define DEFAULT_CA_PATH SSL_CERT_PATH "/glusterfs.ca"
+-#endif
+-#if !defined(DEFAULT_VERIFY_DEPTH)
++#define DEFAULT_CERT_PATH "/etc/glusterfs/glusterfs.pem"
++#define DEFAULT_KEY_PATH "/etc/glusterfs/glusterfs.key"
++#define DEFAULT_CA_PATH "/etc/glusterfs/glusterfs.ca"
+ #define DEFAULT_VERIFY_DEPTH 1
+-#endif
+ #define DEFAULT_CIPHER_LIST "EECDH:EDH:HIGH:!3DES:!RC4:!DES:!MD5:!aNULL:!eNULL"
+-#define DEFAULT_DH_PARAM SSL_CERT_PATH "/dhparam.pem"
++#define DEFAULT_DH_PARAM "/etc/glusterfs/dhparam.pem"
+ #define DEFAULT_EC_CURVE "prime256v1"
+ 
+ #define POLL_MASK_INPUT (POLLIN | POLLPRI)