libguestfs/0001-appliance-Copy-in-etc-crypto-policies-back-ends-file.patch

44 lines
1.4 KiB
Diff
Raw Normal View History

From d6ba398825bfdd67daf57bac0a4d8bcb281a62a8 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 11 Oct 2022 21:48:30 +0100
Subject: [PATCH] appliance: Copy in /etc/crypto-policies/back-ends/ files
Downstream patched openssl in Fedora 37+ broke unless
/etc/crypto-policies/back-ends/opensslcnf.conf is present. Files in
this directory are generated by %post rules that use scripting
languages so cannot easily be created by supermin.
Force a copy of the host files into the appliance. This is not ideal
and is hopefully a temporary fix until Fedora's openssl is fixed.
A symptom of this problem is the error:
Requested hash sha256 is not supported.
Failed to set pbkdf parameters.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2133884
---
appliance/hostfiles.in | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/appliance/hostfiles.in b/appliance/hostfiles.in
index e78c79bd34..2c42a858e8 100644
--- a/appliance/hostfiles.in
+++ b/appliance/hostfiles.in
@@ -14,6 +14,12 @@ dnl FRUGALWARE=1 For Frugalware.
dnl MAGEIA=1 For Mageia.
dnl OPENMANDRIVA=1 For OpenMandriva.
+# Work around broken openssl in Fedora 37+ by forcibly copying in
+# these host configuration files (RHBZ#2133884).
+ifelse(REDHAT,1,
+/etc/crypto-policies/back-ends/*.config
+)
+
/etc/ld.so.cache
/lib/lsb/*
/usr/share/augeas/lenses/*.aug
--
2.37.0.rc2