aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch
diff options
context:
space:
mode:
Diffstat (limited to 'package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch')
-rw-r--r--package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch34
1 files changed, 23 insertions, 11 deletions
diff --git a/package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch b/package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch
index b1ec0cae71..9fe9cdf590 100644
--- a/package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch
+++ b/package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch
@@ -10,20 +10,32 @@ Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
-@@ -30,6 +30,16 @@ oid_section = new_oids
- # (Alternatively, use a configuration file that has only
- # X.509v3 extensions in its main [= default] section.)
+@@ -52,10 +52,13 @@ tsa_policy3 = 1.2.3.4.5.7
-+openssl_conf=openssl_conf
+ [openssl_init]
+ providers = provider_sect
++engines = engines_sect
+
+ # List of providers to load
+ [provider_sect]
+ default = default_sect
++.include /var/etc/ssl/providers.cnf
+
-+[openssl_conf]
-+engines=engines
+ # The fips section name should match the section name inside the
+ # included fipsmodule.cnf.
+ # fips = fips_sect
+@@ -69,7 +72,13 @@ default = default_sect
+ # OpenSSL may not work correctly which could lead to significant system
+ # problems including inability to remotely access the system.
+ [default_sect]
+-# activate = 1
++activate = 1
+
-+[engines]
++[engines_sect]
+.include /var/etc/ssl/engines.cnf
+
-+.include /etc/ssl/engines.cnf.d
++.include /etc/ssl/modules.cnf.d
+
- [ new_oids ]
- # We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
- # Add a simple OID like this:
+
+
+ ####################################################################
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-27 15:12:08 +0000