Re-enable SHA1 sigs in OpenSSL on Cygwin for tests.

Recently Cygwin imported changes from Fedora which disable SHA1
signatures by default.  This breaks the unit tests (and a couple of
regression tests), so set rh-allow-sha1-signatures=yes in the OpenSSL
config to re-enable them.

diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh
index d3b3f2b0c0d3c6ff666bf131a7f56078212ea80d..5d85aa054d071cd29ad6a6a902065e0b59f4491b 100755 (executable)
--- a/.github/setup_ci.sh
+++ b/.github/setup_ci.sh
@@ -30,6 +30,10 @@ case "$host" in
        takeown /F regress
        icacls regress
        set +x
+       echo Enabling OpenSSL rh-allow-sha1-signatures for unit tests.
+       cp /etc/pki/tls/openssl.cnf /etc/pki/tls/openssl.cnf.bak
+       sed -i -e '/\[ default_modules \]/a alg_section = evp_properties\n[evp_properties]\nrh-allow-sha1-signatures = yes\n' /etc/pki/tls/openssl.cnf
+       diff -u /etc/pki/tls/openssl.cnf.bak /etc/pki/tls/openssl.cnf
        PACKAGES="$PACKAGES,autoconf,automake,cygwin-devel,gcc-core"
        PACKAGES="$PACKAGES,make,openssl,libssl-devel,zlib-devel"
        ;;