From fb0009cfdc203247f808f4dcd72c7baf272172ce Mon Sep 17 00:00:00 2001
From: normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Mon, 3 Dec 2018 04:51:13 +0000
Subject: drb: fix tests on Debian sid/unstable with OpenSSL 1.1.1a

OpenSSL complains abour our keys being small and weak :<
Make them big and strong with 2048-bit RSA keys and SHA256 digests

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66153 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 lib/drb/ssl.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lib/drb/ssl.rb')

diff --git a/lib/drb/ssl.rb b/lib/drb/ssl.rb
index adc85dbc9c..48ba35ace7 100644
--- a/lib/drb/ssl.rb
+++ b/lib/drb/ssl.rb
@@ -162,7 +162,7 @@ module DRb
           return
         end
 
-        rsa = OpenSSL::PKey::RSA.new(1024){|p, n|
+        rsa = OpenSSL::PKey::RSA.new(2048){|p, n|
           next unless self[:verbose]
           case p
           when 0; $stderr.putc "."  # BN_generate_prime
@@ -196,7 +196,7 @@ module DRb
         if comment = self[:SSLCertComment]
           cert.add_extension(ef.create_extension("nsComment", comment))
         end
-        cert.sign(rsa, OpenSSL::Digest::SHA1.new)
+        cert.sign(rsa, OpenSSL::Digest::SHA256.new)
 
         @cert = cert
         @pkey = rsa
-- 
cgit v1.2.3