From 2d8623e85d9711caa5363de5f216993116577f8b Mon Sep 17 00:00:00 2001
From: Dan Fandrich <dan@coneharvesters.com>
Date: Sat, 8 Feb 2014 11:51:28 +0100
Subject: secureserver: Disable FIPS mode for stunnel

It's unnecessary for curl testing, and it can otherwise cause
stunnel to fail to start if OpenSSL doesn't support FIPS mode.
---
 tests/secureserver.pl | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tests/secureserver.pl b/tests/secureserver.pl
index 863b6d78a..b25b9acf0 100755
--- a/tests/secureserver.pl
+++ b/tests/secureserver.pl
@@ -206,7 +206,7 @@ if((!$ver_major) || (!$ver_minor)) {
 $stunnel_version = (100*$ver_major) + $ver_minor;
 
 #***************************************************************************
-# Verify minimmum stunnel required version
+# Verify minimum stunnel required version
 #
 if($stunnel_version < 310) {
     print "$ssltext Unsupported stunnel version $ver_major.$ver_minor\n";
@@ -252,6 +252,7 @@ if($stunnel_version >= 400) {
             CApath = $path
             cert = $certfile
             debug = $loglevel
+            fips = no
             socket = $socketopt";
         if($stunnel !~ /tstunnel(\.exe)?"?$/) {
             print STUNCONF "
@@ -279,8 +280,9 @@ if($stunnel_version >= 400) {
         print "cert = $certfile\n";
         print "pid = $pidfile\n";
         print "debug = $loglevel\n";
-        print "output = $logfile\n";
+        print "fips = no\n";
         print "socket = $socketopt\n";
+        print "output = $logfile\n";
         print "foreground = yes\n";
         print "\n";
         print "[curltest]\n";
-- 
cgit v1.2.3