openssl-3/openssl-crypto-policies-support.patch

Add default section to load crypto-policies configuration for TLS.

It needs to be reverted before running tests.

---
 apps/openssl.cnf | 20 ++++++++++++++++++--
 2 files changed, 19 insertions(+), 3 deletions(-)

Index: openssl-3.2.0/apps/openssl.cnf
===================================================================
--- openssl-3.2.0.orig/apps/openssl.cnf
+++ openssl-3.2.0/apps/openssl.cnf
@@ -52,6 +52,8 @@ tsa_policy3 = 1.2.3.4.5.7
 
 [openssl_init]
 providers = provider_sect
+# Load default TLS policy configuration
+ssl_conf = ssl_module
 
 # List of providers to load
 [provider_sect]
@@ -71,6 +73,13 @@ default = default_sect
 [default_sect]
 # activate = 1
 
+[ ssl_module ]
+
+system_default = crypto_policy
+
+[ crypto_policy ]
+
+.include = /etc/crypto-policies/back-ends/opensslcnf.config
 
 ####################################################################
 [ ca ]