/[smeserver]/rpms/e-smith-base/sme7/e-smith-base-5.0.0-CipherSuite.patch
ViewVC logotype

Annotation of /rpms/e-smith-base/sme7/e-smith-base-5.0.0-CipherSuite.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (hide annotations) (download)
Thu Jul 19 05:20:52 2012 UTC (11 years, 10 months ago) by wellsi
Branch: MAIN
CVS Tags: e-smith-base-5_0_0-17_el4_sme, HEAD 
Make CipherSuite secure by default  [SME: 6141]
1 wellsi 1.1 diff -ruN e-smith-base-5.0.0.old/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite e-smith-base-5.0.0/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite
2     --- e-smith-base-5.0.0.old/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite 2006-02-17 03:41:51.000000000 +0000
3     +++ e-smith-base-5.0.0/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite 2012-07-19 05:42:22.000000000 +0100
4     @@ -1 +1 @@
5     -ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
6     +HIGH:!SSLv2
7     diff -ruN e-smith-base-5.0.0.old/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate e-smith-base-5.0.0/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate
8     --- e-smith-base-5.0.0.old/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate 1970-01-01 01:00:00.000000000 +0100
9     +++ e-smith-base-5.0.0/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate 2012-07-19 05:58:14.000000000 +0100
10     @@ -0,0 +1,9 @@
11     +{
12     + # Migrate old CipherSuite value to new secure default
13     + # Will not change CipherSuite if it has been modified from the original default, or deleted.
14     + return unless defined $modSSL{CipherSuite};
15     + if($modSSL{CipherSuite} eq 'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM')
16     + {
17     + $DB->set_prop('modSSL', 'CipherSuite', 'HIGH:!SSLv2');
18     + }
19     +}
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed