/[smeserver]/rpms/e-smith-base/sme7/e-smith-base-5.0.0-CipherSuite.patch
ViewVC logotype

Contents of /rpms/e-smith-base/sme7/e-smith-base-5.0.0-CipherSuite.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Thu Jul 19 05:20:52 2012 UTC (11 years, 10 months ago) by wellsi
Branch: MAIN
CVS Tags: e-smith-base-5_0_0-17_el4_sme, HEAD 
Make CipherSuite secure by default  [SME: 6141]
1 diff -ruN e-smith-base-5.0.0.old/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite e-smith-base-5.0.0/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite
2 --- e-smith-base-5.0.0.old/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite 2006-02-17 03:41:51.000000000 +0000
3 +++ e-smith-base-5.0.0/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite 2012-07-19 05:42:22.000000000 +0100
4 @@ -1 +1 @@
5 -ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
6 +HIGH:!SSLv2
7 diff -ruN e-smith-base-5.0.0.old/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate e-smith-base-5.0.0/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate
8 --- e-smith-base-5.0.0.old/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate 1970-01-01 01:00:00.000000000 +0100
9 +++ e-smith-base-5.0.0/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate 2012-07-19 05:58:14.000000000 +0100
10 @@ -0,0 +1,9 @@
11 +{
12 + # Migrate old CipherSuite value to new secure default
13 + # Will not change CipherSuite if it has been modified from the original default, or deleted.
14 + return unless defined $modSSL{CipherSuite};
15 + if($modSSL{CipherSuite} eq 'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM')
16 + {
17 + $DB->set_prop('modSSL', 'CipherSuite', 'HIGH:!SSLv2');
18 + }
19 +}
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed