From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Fri, 23 Sep 2022 20:39:50 +0000 (+0200)
Subject: [PATCH] Add a CipherString for nodejs
X-Git-Tag: archive/raspbian/20.14.0+dfsg-1+rpi1^2^2~28
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=f70978ead27759aebbf2b133c3462e935eb56e91;p=nodejs.git

[PATCH] Add a CipherString for nodejs

If the default security level is overwritten at build time of openssl
then it is needed to lower it again for nodejs in order to pass the
testsuite because it is using smoil keys.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Gbp-Pq: Topic build
Gbp-Pq: Name openssl_config_explicit_lower.patch
---

diff --git a/deps/openssl/openssl/apps/openssl.cnf b/deps/openssl/openssl/apps/openssl.cnf
index 12bc40896..e9b04958f 100644
--- a/deps/openssl/openssl/apps/openssl.cnf
+++ b/deps/openssl/openssl/apps/openssl.cnf
@@ -15,6 +15,7 @@ HOME			= .
 
  # Use this in order to automatically load providers.
 openssl_conf = openssl_init
+nodejs_conf = nodejs_init
 
 # Comment out the next line to ignore configuration errors
 config_diagnostics = 1
@@ -388,3 +389,12 @@ oldcert = $insta::certout # insta.cert.pem
 # Certificate revocation
 cmd = rr
 oldcert = $insta::certout # insta.cert.pem
+
+[nodejs_init]
+ssl_conf = ssl_sect
+
+[ssl_sect]
+system_default = system_default_sect
+
+[system_default_sect]
+CipherString = DEFAULT:@SECLEVEL=1