From 19caa03adfe463393455f6fe69faededb17ff396 Mon Sep 17 00:00:00 2001 From: Athos Ribeiro <athos.ribeiro@canonical.com> Date: Fri, 11 Mar 2022 15:01:46 -0300 Subject: [PATCH] Enable OpenSSL legacy providers during tests This allows the package to build with OpenSSL 3. --- debian/NEWS | 9 +++++++++ debian/changelog | 10 ++++++++++ debian/rules | 4 +++- debian/tests/control | 2 +- debian/tests/openssl.conf | 16 ++++++++++++++++ 5 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 debian/NEWS create mode 100644 debian/tests/openssl.conf diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 0000000..1c9771c --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,9 @@ +php-dapphp-radius (2.5.8-1.1) UNRELEASED; urgency=medium + + * If using RADIUS auth with the MSCHAP protocol and OpenSSL 3, you will need + to enable the OpenSSL legacy provider. This happens because MSCHAP relies + on DES, which has been relegated to the legacy provider in OpenSSL 3. + See https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers for further + informarion. + + -- Athos Ribeiro <athos.ribeiro@canonical.com> Fri, 11 Mar 2022 11:47:19 -0300 diff --git a/debian/changelog b/debian/changelog index 09b7cc2..0daf68f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,13 @@ +php-dapphp-radius (2.5.8-1.1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Enable OpenSSL legacy providers during tests. (LP: #1964514) + - d/rules: enable legacy providers in dh_auto_test. + - d/t/control: enable legacy providers for dep8 tests. + - d/t/openssl.conf: add configuration to enable legacy providers. + + -- Athos Ribeiro <athos.ribeiro@canonical.com> Fri, 11 Mar 2022 11:46:15 -0300 + php-dapphp-radius (2.5.8-1) unstable; urgency=medium * Fixed upstream URL in d/rules. diff --git a/debian/rules b/debian/rules index 261234e..23a2de1 100755 --- a/debian/rules +++ b/debian/rules @@ -18,4 +18,6 @@ override_dh_auto_build: ln -s ../src Dapphp/Radius override_dh_auto_test: - phpunit --include-path lib + # Load OpenSSL legacy providers. The DES algorythm is needed in the MSCHAP tests + # https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers + OPENSSL_CONF=debian/tests/openssl.conf phpunit --include-path lib diff --git a/debian/tests/control b/debian/tests/control index 73cac94..3cc59b2 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -1,3 +1,3 @@ -Test-Command: mkdir -p vendor && cp debian/autoload.php vendor && phpunit +Test-Command: install -m 644 -D debian/autoload.php vendor && OPENSSL_CONF=debian/tests/openssl.conf phpunit Restrictions: rw-build-tree Depends: phpunit, @ diff --git a/debian/tests/openssl.conf b/debian/tests/openssl.conf new file mode 100644 index 0000000..c4a99ab --- /dev/null +++ b/debian/tests/openssl.conf @@ -0,0 +1,16 @@ +# Load OpenSSL legacy providers. The DES algorythm is needed in the MSCHAP tests +# https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers +openssl_conf = openssl_init + +[openssl_init] +providers = provider_sect + +[provider_sect] +default = default_sect +legacy = legacy_sect + +[default_sect] +activate = 1 + +[legacy_sect] +activate = 1 -- GitLab