package/libs/openssl/patches/150-openssl.cnf-add-engines-conf.patch - T108 - Gitiles

 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Eneas U de Queiroz <cotequeiroz@gmail.com>
 Date: Sat, 27 Mar 2021 17:43:25 -0300
 Subject: openssl.cnf: add engine configuration

 This adds configuration options for engines, loading all cnf files under
 /etc/ssl/engines.cnf.d/.

 Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>

 --- a/apps/openssl.cnf
 +++ b/apps/openssl.cnf
 @@ -52,10 +52,13 @@ tsa_policy3 = 1.2.3.4.5.7

  [openssl_init]
  providers = provider_sect
 +engines = engines_sect

  # List of providers to load
  [provider_sect]
  default = default_sect
 +.include /var/etc/ssl/providers.cnf
 +
  # The fips section name should match the section name inside the
  # included fipsmodule.cnf.
  # fips = fips_sect
 @@ -69,7 +72,13 @@ default = default_sect
  # OpenSSL may not work correctly which could lead to significant system
  # problems including inability to remotely access the system.
  [default_sect]
 -# activate = 1
 +activate = 1
 +
 +[engines_sect]
 +.include /var/etc/ssl/engines.cnf
 +
 +.include /etc/ssl/modules.cnf.d
 +


  ####################################################################
	From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
	From: Eneas U de Queiroz <cotequeiroz@gmail.com>
	Date: Sat, 27 Mar 2021 17:43:25 -0300
	Subject: openssl.cnf: add engine configuration

	This adds configuration options for engines, loading all cnf files under
	/etc/ssl/engines.cnf.d/.

	Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>

	--- a/apps/openssl.cnf
	+++ b/apps/openssl.cnf
	@@ -52,10 +52,13 @@ tsa_policy3 = 1.2.3.4.5.7

	[openssl_init]
	providers = provider_sect
	+engines = engines_sect

	# List of providers to load
	[provider_sect]
	default = default_sect
	+.include /var/etc/ssl/providers.cnf
	+
	# The fips section name should match the section name inside the
	# included fipsmodule.cnf.
	# fips = fips_sect
	@@ -69,7 +72,13 @@ default = default_sect
	# OpenSSL may not work correctly which could lead to significant system
	# problems including inability to remotely access the system.
	[default_sect]
	-# activate = 1
	+activate = 1
	+
	+[engines_sect]
	+.include /var/etc/ssl/engines.cnf
	+
	+.include /etc/ssl/modules.cnf.d
	+


	####################################################################