mirror of
https://git.libssh.org/projects/libssh.git
synced 2026-02-09 09:54:25 +09:00
tests: Provide minimal openssl configuration file
When we use empty configuration file, some stuff go south in c10s and for example fips mode detection does not work anymore. Providing minimal configuration file avoids the issues of loading the provider too early, while keeping fips mode activation working and tests happy. It also configures the pkcs11-provider to assume the token provides FIPS approved crypto so the tests can work. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Pavol Žáčik <pzacik@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
11
tests/etc/openssl.cnf
Normal file
11
tests/etc/openssl.cnf
Normal file
@@ -0,0 +1,11 @@
|
||||
openssl_conf = openssl_init
|
||||
[openssl_init]
|
||||
providers = provider_sect
|
||||
[provider_sect]
|
||||
default = default_sect
|
||||
pkcs11 = pkcs11_sect
|
||||
[default_sect]
|
||||
activate = 1
|
||||
[pkcs11_sect]
|
||||
activate = 1
|
||||
pkcs11-module-assume-fips = true
|
||||
Reference in New Issue
Block a user