node/deps/openssl/nodejs-openssl.cnf

 # Use this in order to automatically load providers.
nodejs_conf = openssl_init

# Optionally include a file that is generated by the OpenSSL fipsinstall
# application. This file contains configuration data required by the OpenSSL
# fips provider. It contains a named section e.g. [fips_sect] which is
# referenced from the [provider_sect] below.
# Refer to the OpenSSL security policy for more information.
# .include fipsmodule.cnf

[openssl_init]
providers = provider_sect

# List of providers to load
[provider_sect]
default = default_sect
# The fips section name should match the section name inside the
# included fipsmodule.cnf.
# fips = fips_sect

# If no providers are activated explicitly, the default one is activated implicitly.
# See man 7 OSSL_PROVIDER-default for more details.
#
# If you add a section explicitly activating any other provider(s), you most
# probably need to explicitly activate the default provider, otherwise it
# becomes unavailable in openssl.  As a consequence applications depending on
# OpenSSL may not work correctly which could lead to significant system
# problems including inability to remotely access the system.
[default_sect]
# activate = 1
src,deps,build,test: add OpenSSL config appname This commit adds the setting of an appname (configuration section name), 'nodejs_conf', to be used when reading OpenSSL configuration files. The motivation for this is that currently the default OpenSSL configuration, 'openssl_conf', element will be used which may be undesirable as it might configure OpenSSL in unwanted ways. With this commit it is still possible to use a default openssl.cnf file but the only section that Node.js will read from is a section named 'nodejs_conf'. PR-URL: https://github.com/nodejs/node/pull/43124 Refs: https://github.com/nodejs/node/issues/40366 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Beth Griggs <bgriggs@redhat.com> 2022-05-14 16:04:48 +08:00			`# Use this in order to automatically load providers.`
			`nodejs_conf = openssl_init`

			`# Optionally include a file that is generated by the OpenSSL fipsinstall`
			`# application. This file contains configuration data required by the OpenSSL`
			`# fips provider. It contains a named section e.g. [fips_sect] which is`
			`# referenced from the [provider_sect] below.`
			`# Refer to the OpenSSL security policy for more information.`
			`# .include fipsmodule.cnf`

			`[openssl_init]`
			`providers = provider_sect`

			`# List of providers to load`
			`[provider_sect]`
			`default = default_sect`
			`# The fips section name should match the section name inside the`
			`# included fipsmodule.cnf.`
			`# fips = fips_sect`

			`# If no providers are activated explicitly, the default one is activated implicitly.`
			`# See man 7 OSSL_PROVIDER-default for more details.`
			`#`
			`# If you add a section explicitly activating any other provider(s), you most`
			`# probably need to explicitly activate the default provider, otherwise it`
			`# becomes unavailable in openssl. As a consequence applications depending on`
			`# OpenSSL may not work correctly which could lead to significant system`
			`# problems including inability to remotely access the system.`
			`[default_sect]`
			`# activate = 1`