tests: Enable legacy providers if using OpenSSL 3.0

Quite a few tests rely on outdated algorithms that have been relegated to the legacy provider in OpenSSL 3.0. `rake test` now loads a custom OpenSSL configuration file to enable said legacy provider, which is usually disabled by default.
author: Simon Chopin <simon.chopin@canonical.com> 2022-04-06 18:43:57 +0200
committer: Florian Wininger <fw.centrale@gmail.com> 2022-04-29 14:42:49 +0200
commit: e4ffdc07b1f0f01ebeab359c1001984912d87437 (patch)
tree: 016ec4988ac6936efe5bd109838ed8d3a99acb44 /test
parent: b07e284bd64750150d38bd207e9b7b37a1f15e83 (diff)
download: net-ssh-e4ffdc07b1f0f01ebeab359c1001984912d87437.tar.gz
1 files changed, 25 insertions, 0 deletions
diff --git a/test/openssl3.conf b/test/openssl3.conf
new file mode 100644
index 0000000..79bae9a
--- /dev/null
+++ b/test/openssl3.conf
@@ -0,0 +1,25 @@
+openssl_conf = openssl_init
+
+[openssl_init]
+ssl_conf = ssl_sect
+providers = provider_sect
+
+[provider_sect]
+default = default_sect
+legacy = legacy_sect
+
+[default_sect]
+activate = 1
+
+[legacy_sect]
+activate = 1
+
+[ssl_sect]
+system_default = system_default_sect
+
+[system_default_sect]
+CipherString = DEFAULT@SECLEVEL=0
+# system_default = system_default_sect
+# 
+# [system_default_sect]
+# Options = UnsafeLegacyRenegotiation
author	Simon Chopin <simon.chopin@canonical.com>	2022-04-06 18:43:57 +0200
committer	Florian Wininger <fw.centrale@gmail.com>	2022-04-29 14:42:49 +0200
commit	e4ffdc07b1f0f01ebeab359c1001984912d87437 (patch)
tree	016ec4988ac6936efe5bd109838ed8d3a99acb44 /test
parent	b07e284bd64750150d38bd207e9b7b37a1f15e83 (diff)
download	net-ssh-e4ffdc07b1f0f01ebeab359c1001984912d87437.tar.gz