Add a directory for OpenSSL providers configuration

Resolves: RHEL-17193

0024-load-legacy-prov.patch

@@ -16,7 +16,7 @@ diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.c
  [openssl_init]
  providers = provider_sect
  # Load default TLS policy configuration
-@@ -42,23 +42,24 @@ [ evp_properties ]
+@@ -42,23 +42,27 @@ [ evp_properties ]
  #This section is intentionally added empty here
  #to be tuned on particular systems
  
@@ -54,6 +54,9 @@ diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.c
 +
 +##[legacy_sect]
 +##activate = 1
++
++#Place the third party provider configuration files into this folder
++.include /etc/pki/tls/include
  
  [ ssl_module ]
  

openssl.spec

@@ -415,6 +415,7 @@ done
 # Install a makefile for generating keys and self-signed certs, and a script
 # for generating them on the fly.
 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/certs
+mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/include
 install -m644 %{SOURCE2} $RPM_BUILD_ROOT%{_pkgdocdir}/Makefile.certificate
 install -m755 %{SOURCE6} $RPM_BUILD_ROOT%{_bindir}/make-dummy-cert
 install -m755 %{SOURCE7} $RPM_BUILD_ROOT%{_bindir}/renew-dummy-cert
@@ -497,6 +498,7 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco
 %dir %{_sysconfdir}/pki/tls/certs
 %dir %{_sysconfdir}/pki/tls/misc
 %dir %{_sysconfdir}/pki/tls/private
+%dir %{_sysconfdir}/pki/tls/include
 %config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf
 %config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf
 %config %{_sysconfdir}/pki/tls/fips_local.cnf
@@ -534,6 +536,8 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco
   Related: RHEL-1780
 - In FIPS mode, prevent any other operations when rsa_keygen_pairwise_test fails
   Resolves: RHEL-17104
+- Add a directory for OpenSSL providers configuration
+  Resolves: RHEL-17193
 
 * Mon Oct 16 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-25
 - Provide relevant diagnostics when FIPS checksum is corrupted