/[smeserver]/rpms/e-smith-apache/sme10/e-smith-apache-2.6.0-bz8693-SNI.patch
ViewVC logotype

Contents of /rpms/e-smith-apache/sme10/e-smith-apache-2.6.0-bz8693-SNI.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.2 - (show annotations) (download)
Sat Jun 27 20:46:34 2020 UTC (3 years, 10 months ago) by jpp
Branch: MAIN
CVS Tags: e-smith-apache-2_6_0-20_el7_sme, e-smith-apache-2_6_0-23_el7_sme, e-smith-apache-2_6_0-21_el7_sme, e-smith-apache-2_6_0-13_el7_sme, e-smith-apache-2_6_0-22_el7_sme, e-smith-apache-2_6_0-19_el7_sme, e-smith-apache-2_6_0-14_el7_sme, e-smith-apache-2_6_0-18_el7_sme, e-smith-apache-2_6_0-11_el7_sme, e-smith-apache-2_6_0-17_el7_sme, e-smith-apache-2_6_0-12_el7_sme, e-smith-apache-2_6_0-15_el7_sme, e-smith-apache-2_6_0-16_el7_sme, HEAD
Changes since 1.1: +1 -1 lines 
* Sat Jun 27 2020 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-11.sme
- set default SSLStrictSNIVHostCheck to off [SME: 8693]
1 diff -Nur e-smith-apache-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL35StrictSNIVHostCheck e-smith-apache-2.6.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL35StrictSNIVHostCheck
2 --- e-smith-apache-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL35StrictSNIVHostCheck 1969-12-31 19:00:00.000000000 -0500
3 +++ e-smith-apache-2.6.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/35SSL35StrictSNIVHostCheck 2020-06-27 15:16:20.132000000 -0400
4 @@ -0,0 +1,7 @@
5 +{
6 + # Specify if SSLStrictSNIHostCheck should be turned off, this is required if each ibay has its own SSL certificates.
7 +
8 + my $check_SSLStrictSNIVHostCheck = (${'httpd-e-smith'}{'SSLStrictSNIVHostCheck'} || 'off');
9 + $OUT .= "SSLStrictSNIVHostCheck $check_SSLStrictSNIVHostCheck";
10 +}
11 +
12 diff -Nur e-smith-apache-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/10SSLCert e-smith-apache-2.6.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/10SSLCert
13 --- e-smith-apache-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/10SSLCert 1969-12-31 19:00:00.000000000 -0500
14 +++ e-smith-apache-2.6.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/10SSLCert 2020-06-27 15:22:24.573000000 -0400
15 @@ -0,0 +1,18 @@
16 +{
17 + return " # skipping SSL certificate\n" unless $port eq "$httpsPort";
18 +
19 + use esmith::DomainsDB;
20 + my $domains = esmith::DomainsDB->open_ro;
21 +
22 + $OUT = "";
23 +
24 + my $ssl_file_crt = $domains->get_prop($virtualHost, "DomainSSLCertificateFile") || "disabled";
25 + my $ssl_file_key = $domains->get_prop($virtualHost, "DomainSSLCertificateKeyFile") || "disabled";
26 + my $ssl_file_chain = $domains->get_prop($virtualHost, "DomainSSLCertificateChainFile") || "disabled";
27 +
28 + return unless ( $ssl_file_crt ne 'disabled' && $ssl_file_chain ne 'disabled' && -e $ssl_file_crt && -e $ssl_file_key );
29 + $OUT .= " SSLCertificateFile $ssl_file_crt\n" unless $ssl_file_crt eq 'disabled';
30 + $OUT .= " SSLCertificateChainFile $ssl_file_chain\n" unless $ssl_file_chain eq 'disabled';
31 + $OUT .= " SSLCertificateKeyFile $ssl_file_key\n" unless ( $ssl_file_key eq 'disabled' || ! -e $ssl_file_chain );
32 +}
33 +
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed