From 3efee178f23ef9bf78678369be48bcaa430456b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20H=C3=A1k?= <jan.hak@nic.cz>
Date: Thu, 26 Oct 2023 16:03:38 +0200
Subject: [PATCH] knot: patch enabling PKCS11 related code only if PKCS11 is
 available
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jan Hák <jan.hak@nic.cz>
---
 .../patches/03_libdnssec_pkcs11_support.patch   | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 net/knot/patches/03_libdnssec_pkcs11_support.patch

diff --git a/net/knot/patches/03_libdnssec_pkcs11_support.patch b/net/knot/patches/03_libdnssec_pkcs11_support.patch
new file mode 100644
index 000000000..4e7e30c09
--- /dev/null
+++ b/net/knot/patches/03_libdnssec_pkcs11_support.patch
@@ -0,0 +1,17 @@
+--- a/src/libdnssec/key/key.c
++++ b/src/libdnssec/key/key.c
+@@ -146,10 +146,14 @@ dnssec_key_t *dnssec_key_dup(const dnsse
+ 
+ 		gnutls_privkey_type_t type = gnutls_privkey_get_type(key->private_key);
+ 		if (type == GNUTLS_PRIVKEY_PKCS11) {
++#ifdef ENABLE_PKCS11
+ 			gnutls_pkcs11_privkey_t tmp;
+ 			gnutls_privkey_export_pkcs11(key->private_key, &tmp);
+ 			gnutls_privkey_import_pkcs11(dup->private_key, tmp,
+ 			                             GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
++#else
++			assert(0);
++#endif
+ 		} else {
+ 			assert(type == GNUTLS_PRIVKEY_X509);
+ 			gnutls_x509_privkey_t tmp;