/[smeserver]/rpms/e-smith-apache/sme10/e-smith-apache-2.6.0-bz10459-Ciphers-and-TLS.patch
ViewVC logotype

Diff of /rpms/e-smith-apache/sme10/e-smith-apache-2.6.0-bz10459-Ciphers-and-TLS.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.1 by jpp, Sat May 2 03:05:56 2020 UTC Revision 1.2 by jpp, Sat May 2 21:27:13 2020 UTC
# Line 6  diff -Nur e-smith-apache-2.6.0.old/root/ Line 6  diff -Nur e-smith-apache-2.6.0.old/root/
6       # When updating CipherSuite both e-smith-apache and smeserver-qpsmtpd templates should be updated.       # When updating CipherSuite both e-smith-apache and smeserver-qpsmtpd templates should be updated.
7       $OUT  = "SSLCipherSuite ";       $OUT  = "SSLCipherSuite ";
8  -    $OUT .= $modSSL{CipherSuite} || 'HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4';  -    $OUT .= $modSSL{CipherSuite} || 'HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4';
9  +    $OUT .= $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4';  +    $OUT .= $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4';
10   }   }
11  diff -Nur e-smith-apache-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL30SSLProtocol e-smith-apache-2.6.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL30SSLProtocol  diff -Nur e-smith-apache-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL30SSLProtocol e-smith-apache-2.6.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL30SSLProtocol
12  --- e-smith-apache-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL30SSLProtocol    2016-02-04 13:27:55.000000000 -0500  --- e-smith-apache-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL30SSLProtocol    2016-02-04 13:27:55.000000000 -0500
# Line 18  diff -Nur e-smith-apache-2.6.0.old/root/ Line 18  diff -Nur e-smith-apache-2.6.0.old/root/
18  -    $OUT .= " -TLSv1" unless (${'httpd-e-smith'}{'TLSv1'} || 'enabled') eq 'enabled';  -    $OUT .= " -TLSv1" unless (${'httpd-e-smith'}{'TLSv1'} || 'enabled') eq 'enabled';
19  -    $OUT .= " -TLSv1.1" unless (${'httpd-e-smith'}{'TLSv1.1'} || 'enabled') eq 'enabled';  -    $OUT .= " -TLSv1.1" unless (${'httpd-e-smith'}{'TLSv1.1'} || 'enabled') eq 'enabled';
20  +    $OUT .= " -TLSv1" unless (${'httpd-e-smith'}{'TLSv1'} || 'disabled') eq 'enabled';  +    $OUT .= " -TLSv1" unless (${'httpd-e-smith'}{'TLSv1'} || 'disabled') eq 'enabled';
21  +    $OUT .= " -TLSv1.1" unless (${'httpd-e-smith'}{'TLSv1.1'} || 'disabled') eq 'enabled';  +    $OUT .= " -TLSv1.1" unless (${'httpd-e-smith'}{'TLSv11'} || 'disabled') eq 'enabled';
22  +    $OUT .= " -TLSv1.2" unless (${'httpd-e-smith'}{'TLSv1.2'} || 'enabled') eq 'enabled';  +    $OUT .= " -TLSv1.2" unless (${'httpd-e-smith'}{'TLSv12'} || 'enabled') eq 'enabled';
23   }   }

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed