File neon-disable-tests-prebuilt-certs.patch of Package neon

From 0f2d07907722af1f18866b9a97c7b5debed1a3f2 Mon Sep 17 00:00:00 2001
From: Joe Orton <joe@manyfish.uk>
Date: Tue, 20 Oct 2020 19:17:46 +0100
Subject: [PATCH] * test/ssl.c (fail_nul_cn, fail_nul_san): Disable tests with
 prebuilt   certs using a SHA-1 digest, which now fail with current OpenSSL
 and   GnuTLS. (issue #38)

---
 test/ssl.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff -urp neon-0.30.2.orig/test/ssl.c neon-0.30.2/test/ssl.c
--- neon-0.30.2.orig/test/ssl.c	2023-12-04 16:42:00.516320352 -0600
+++ neon-0.30.2/test/ssl.c	2023-12-06 13:45:59.215278080 -0600
@@ -895,6 +895,7 @@ static int fail_wrongCN(void)
 
 #define SRCDIR(s) ne_concat(srcdir, "/" s, NULL)
 
+#if 0
 static int fail_nul_cn(void)
 {
     char *key = SRCDIR("nulsrv.key"), *ca = SRCDIR("nulca.pem");
@@ -922,6 +923,7 @@ static int fail_nul_san(void)
     ne_free(ca);
     return OK;
 }
+#endif
 
 /* Check that an expired certificate is flagged as such. */
 static int fail_expired(void)
@@ -1943,8 +1945,12 @@ ne_test tests[] = {
     T(fail_ca_expired),
 
     T(nulcn_identity),
+#if 0
+    /* These certs were created with a SHA#1 digest so are rejected by
+     * modern TLS libraries. */
     T(fail_nul_cn),
     T(fail_nul_san),
+#endif
     
     T(session_cache),