misc/57065: typo in src/crypto/external/bsd/openssl/dist/apps/openssl.cnf

[nervoso%k1.com.br@localhost]

>Number:         57065
>Category:       misc
>Synopsis:       typo in src/crypto/external/bsd/openssl/dist/apps/openssl.cnf
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    misc-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Oct 19 13:10:00 +0000 2022
>Originator:     sergio lenzi
>Release:        HEAD 9.99.100
>Organization:
k1 sistemas
>Environment:
NetBSD NETBSDVMS.lenzicasa 9.99.100 NetBSD 9.99.100 (LZT64HEAD) #0: Sat Oct  8 18:31:27 -03 2022  NetBSD@NETBSDVMS.lenzicasa:/home/NetBSD/BUILD/HEAD/amd64/OBJ/sys/arch/amd64/compile/GENERIC amd64
>Description:
there is a typo in src/crypto/external/bsd/openssl/dist/apps/openssl.cnf
line 55 =>  default_md              = sha2

should it be =>  sha256 ???

so using openssl using this default cnf file result in error
>How-To-Repeat:
use the /usr/share/examples/openssl/openssl.cnf  as openssl conf file
>Fix:
apply a diff....
diff -u -r1.8 openssl.cnf
--- src/crypto/external/bsd/openssl/dist/apps/openssl.cnf	12 Mar 2019 16:58:12 -0000	1.8
+++ src/crypto/external/bsd/openssl/dist/apps/openssl.cnf	19 Oct 2022 12:01:02 -0000
@@ -107,7 +107,7 @@
 [ req ]
 default_bits		= 2048
 default_keyfile 	= privkey.pem
-default_md		= sha2
+default_md		= sha256
 distinguished_name	= req_distinguished_name
 attributes		= req_attributes
 x509_extensions	= v3_ca	# The extensions to add to the self signed cert