Always activate default provider via config

Related: rhbz#1985362
2021-11-23 14:45:25 +01:00 · 2021-11-23 14:45:25 +01:00 · 9422ae52de
commit 9422ae52de
parent 210c37e906
3 changed files with 25 additions and 4 deletions
--- a/0024-load-legacy-prov.patch
+++ b/0024-load-legacy-prov.patch
@ -44,12 +44,12 @@ diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.c
 -[default_sect]
 -# activate = 1
 +[provider_sect]
-+##default = default_sect
+default = default_sect
 +##legacy = legacy_sect
 +##
-+##[default_sect]
-+##activate = 1
-+##
+[default_sect]
+activate = 1
+
 +##[legacy_sect]
 +##activate = 1
 
--- a/0025-for-tests.patch
+++ b/0025-for-tests.patch
@ -0,0 +1,18 @@
+diff -up openssl-3.0.0/apps/openssl.cnf.xxx openssl-3.0.0/apps/openssl.cnf
+--- openssl-3.0.0/apps/openssl.cnf.xxx	2021-11-23 16:29:50.618691603 +0100
+++ openssl-3.0.0/apps/openssl.cnf	2021-11-23 16:28:16.872882099 +0100
+@@ -55,11 +55,11 @@ providers = provider_sect
+ # to side-channel attacks and as such have been deprecated.
+ 
+ [provider_sect]
+-default = default_sect
+##default = default_sect
+ ##legacy = legacy_sect
+ ##
+-[default_sect]
+-activate = 1
+##[default_sect]
+##activate = 1
+ 
+ ##[legacy_sect]
+ ##activate = 1
--- a/openssl.spec
+++ b/openssl.spec
@ -30,6 +30,7 @@ Source9: configuration-switch.h
 Source10: configuration-prefix.h
 Source12: ec_curve.c
 Source13: ectest.c
+Source14: 0025-for-tests.patch

 # Patches exported from source git
 # Aarch64 and ppc64le use lib64
@ -232,6 +233,8 @@ done

 # We must revert patch4 before tests otherwise they will fail
 patch -p1 -R < %{PATCH4}
+#We must disable default provider before tests otherwise they will fail
+patch -p1 < %{SOURCE14}

 OPENSSL_ENABLE_MD5_VERIFY=
 export OPENSSL_ENABLE_MD5_VERIFY