Pedro Monreal Gonzalez
aa970d108e
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Build with enabled sm2 and sm4 support [bsc#1222899] OBS-URL: https://build.opensuse.org/request/show/1188975 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=106
36 lines
1.2 KiB
Diff
36 lines
1.2 KiB
Diff
---
|
|
apps/openssl.cnf | 13 +++++++++++++
|
|
1 file changed, 13 insertions(+)
|
|
|
|
Index: openssl-3.1.4/apps/openssl.cnf
|
|
===================================================================
|
|
--- openssl-3.1.4.orig/apps/openssl.cnf
|
|
+++ openssl-3.1.4/apps/openssl.cnf
|
|
@@ -19,6 +19,7 @@ openssl_conf = openssl_init
|
|
# Comment out the next line to ignore configuration errors
|
|
config_diagnostics = 1
|
|
|
|
+[ oid_section ]
|
|
# Extra OBJECT IDENTIFIER info:
|
|
# oid_file = $ENV::HOME/.oid
|
|
oid_section = new_oids
|
|
@@ -47,6 +48,18 @@ providers = provider_sect
|
|
# Load default TLS policy configuration
|
|
ssl_conf = ssl_module
|
|
|
|
+engines = engine_section
|
|
+
|
|
+[ engine_section ]
|
|
+
|
|
+# This include will look through the directory that will contain the
|
|
+# engine declarations for any engines provided by other packages.
|
|
+.include /etc/ssl/engines3.d
|
|
+
|
|
+# This include will look through the directory that will contain the
|
|
+# definitions of the engines declared in the engine section.
|
|
+.include /etc/ssl/engdef3.d
|
|
+
|
|
# Uncomment the sections that start with ## below to enable the legacy provider.
|
|
# Loading the legacy provider enables support for the following algorithms:
|
|
# Hashing Algorithms / Message Digests: MD2, MD4, MDC2, WHIRLPOOL, RIPEMD160
|