[ruby/openssl] CI: Add OpenSSL FIPS mode case.

test/openssl/fixtures/ssl/openssl_fips.cnf.tmpl: I referred to the following document for the openssl config file for FIPS mode. <https://www.openssl.org/docs/manmaster/man7/fips_module.html> - Making all applications use the FIPS module by default It seems that the `.include` syntax only requires the absolute path. So, the placeholder OPENSSL_DIR in the template file is replaced with the actual OpenSSL directory. .github/workflows/test.yml: The `TEST_RUBY_OPENSSL_FIPS_ENABLED` environment variable is set in the FIPS mode CI case. It can be used in the unit tests. https://github.com/ruby/openssl/commit/18b017218c
author: Jun Aruga <jaruga@redhat.com> 2023-03-16 17:19:19 +0100
committer: Hiroshi SHIBATA <hsbt@ruby-lang.org> 2023-05-19 09:25:10 +0900
commit: 741a3bd5a547324be0d267bd77c3f5f2415c8c60 (patch)
tree: b64d4876db3f323699481ca2c7b606b9f948d3a0 /test
parent: 94a513b08f616e0289f2fb4688659143d85f56ad (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/test/openssl/fixtures/ssl/openssl_fips.cnf.tmpl b/test/openssl/fixtures/ssl/openssl_fips.cnf.tmpl
new file mode 100644
index 0000000000..be0768d523
--- /dev/null
+++ b/test/openssl/fixtures/ssl/openssl_fips.cnf.tmpl
@@ -0,0 +1,19 @@
+config_diagnostics = 1
+openssl_conf = openssl_init
+
+# It seems that the .include needs an absolute path.
+.include OPENSSL_DIR/ssl/fipsmodule.cnf
+
+[openssl_init]
+providers = provider_sect
+alg_section = algorithm_sect
+
+[provider_sect]
+fips = fips_sect
+base = base_sect
+
+[base_sect]
+activate = 1
+
+[algorithm_sect]
+default_properties = fips=yes
author	Jun Aruga <jaruga@redhat.com>	2023-03-16 17:19:19 +0100
committer	Hiroshi SHIBATA <hsbt@ruby-lang.org>	2023-05-19 09:25:10 +0900
commit	741a3bd5a547324be0d267bd77c3f5f2415c8c60 (patch)
tree	b64d4876db3f323699481ca2c7b606b9f948d3a0 /test
parent	94a513b08f616e0289f2fb4688659143d85f56ad (diff)