[openssh-commits] [openssh] 01/09: Re-enable SHA1 sigs in OpenSSL on Cygwin for tests.
git+noreply at mindrot.org
git+noreply at mindrot.org
Mon Apr 27 22:20:17 AEST 2026
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit 1afbd7bd1fb71e8b1d06f99978d439aec59dddca
Author: Darren Tucker <dtucker at dtucker.net>
AuthorDate: Mon Apr 27 20:51:17 2026 +1000
Re-enable SHA1 sigs in OpenSSL on Cygwin for tests.
Recently Cygwin imported changes from Fedora which disable SHA1
signatures by default. This breaks the unit tests (and a couple of
regression tests), so set rh-allow-sha1-signatures=yes in the OpenSSL
config to re-enable them.
---
.github/setup_ci.sh | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh
index d3b3f2b0c..5d85aa054 100755
--- a/.github/setup_ci.sh
+++ b/.github/setup_ci.sh
@@ -30,6 +30,10 @@ case "$host" in
takeown /F regress
icacls regress
set +x
+ echo Enabling OpenSSL rh-allow-sha1-signatures for unit tests.
+ cp /etc/pki/tls/openssl.cnf /etc/pki/tls/openssl.cnf.bak
+ sed -i -e '/\[ default_modules \]/a alg_section = evp_properties\n[evp_properties]\nrh-allow-sha1-signatures = yes\n' /etc/pki/tls/openssl.cnf
+ diff -u /etc/pki/tls/openssl.cnf.bak /etc/pki/tls/openssl.cnf
PACKAGES="$PACKAGES,autoconf,automake,cygwin-devel,gcc-core"
PACKAGES="$PACKAGES,make,openssl,libssl-devel,zlib-devel"
;;
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list