summaryrefslogtreecommitdiff
path: root/openssl-freefilesync/openssl-1.1.1-conf-paths.patch
diff options
context:
space:
mode:
authorB Stack <bgstack15@gmail.com>2019-07-15 23:54:24 -0400
committerB Stack <bgstack15@gmail.com>2019-07-15 23:54:24 -0400
commit91fad0b6c330c35129b069fab8bdf5c4ba479ddf (patch)
tree46587604ba44237161655b5b0aa946bf5ebf515d /openssl-freefilesync/openssl-1.1.1-conf-paths.patch
parentfreefilesync 10.14 rpm rc1 (diff)
downloadstackrpms-91fad0b6c330c35129b069fab8bdf5c4ba479ddf.tar.gz
stackrpms-91fad0b6c330c35129b069fab8bdf5c4ba479ddf.tar.bz2
stackrpms-91fad0b6c330c35129b069fab8bdf5c4ba479ddf.zip
add openssl-freefilesync
Diffstat (limited to 'openssl-freefilesync/openssl-1.1.1-conf-paths.patch')
-rw-r--r--openssl-freefilesync/openssl-1.1.1-conf-paths.patch56
1 files changed, 56 insertions, 0 deletions
diff --git a/openssl-freefilesync/openssl-1.1.1-conf-paths.patch b/openssl-freefilesync/openssl-1.1.1-conf-paths.patch
new file mode 100644
index 0000000..819007b
--- /dev/null
+++ b/openssl-freefilesync/openssl-1.1.1-conf-paths.patch
@@ -0,0 +1,56 @@
+diff -up openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths openssl-1.1.1-pre8/apps/CA.pl.in
+--- openssl-1.1.1-pre8/apps/CA.pl.in.conf-paths 2018-06-20 16:48:09.000000000 +0200
++++ openssl-1.1.1-pre8/apps/CA.pl.in 2018-07-25 17:26:58.388624296 +0200
+@@ -33,7 +33,7 @@ my $X509 = "$openssl x509";
+ my $PKCS12 = "$openssl pkcs12";
+
+ # default openssl.cnf file has setup as per the following
+-my $CATOP = "./demoCA";
++my $CATOP = "/etc/pki/CA";
+ my $CAKEY = "cakey.pem";
+ my $CAREQ = "careq.pem";
+ my $CACERT = "cacert.pem";
+diff -up openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths openssl-1.1.1-pre8/apps/openssl.cnf
+--- openssl-1.1.1-pre8/apps/openssl.cnf.conf-paths 2018-07-25 17:26:58.378624057 +0200
++++ openssl-1.1.1-pre8/apps/openssl.cnf 2018-07-27 13:20:08.198513471 +0200
+@@ -23,6 +23,22 @@ oid_section = new_oids
+ # (Alternatively, use a configuration file that has only
+ # X.509v3 extensions in its main [= default] section.)
+
++# Load default TLS policy configuration
++
++openssl_conf = default_modules
++
++[ default_modules ]
++
++ssl_conf = ssl_module
++
++[ ssl_module ]
++
++system_default = crypto_policy
++
++[ crypto_policy ]
++
++.include = /etc/crypto-policies/back-ends/opensslcnf.config
++
+ [ new_oids ]
+
+ # We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+@@ -43,7 +59,7 @@ default_ca = CA_default # The default c
+ ####################################################################
+ [ CA_default ]
+
+-dir = ./demoCA # Where everything is kept
++dir = /etc/pki/CA # Where everything is kept
+ certs = $dir/certs # Where the issued certs are kept
+ crl_dir = $dir/crl # Where the issued crl are kept
+ database = $dir/index.txt # database index file.
+@@ -329,7 +345,7 @@ default_tsa = tsa_config1 # the default
+ [ tsa_config1 ]
+
+ # These are used by the TSA reply generation only.
+-dir = ./demoCA # TSA root directory
++dir = /etc/pki/CA # TSA root directory
+ serial = $dir/tsaserial # The current serial number (mandatory)
+ crypto_device = builtin # OpenSSL engine to use for signing
+ signer_cert = $dir/tsacert.pem # The TSA signing certificate
bgstack15