/[smeserver]/rpms/e-smith-base/sme9/e-smith-base-5.4.0-CipherSuiteUpdate.patch
ViewVC logotype

Contents of /rpms/e-smith-base/sme9/e-smith-base-5.4.0-CipherSuiteUpdate.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Wed Jan 29 07:27:55 2014 UTC (10 years, 9 months ago) by wellsi
Branch: MAIN
CVS Tags: e-smith-base-5_4_0-62_el6_sme, e-smith-base-5_4_0-56_el6_sme, e-smith-base-5_4_0-57_el6_sme, e-smith-base-5_4_0-61_el6_sme, e-smith-base-5_4_0-60_el6_sme, e-smith-base-5_4_0-58_el6_sme, e-smith-base-5_4_0-59_el6_sme
* Tue Jan 28 2014 Ian Wells <esmith@wellsi.com> 5.4.0-56.sme
- Remove insecure SSL ciphers [SME: 8138]

1 diff -ruN e-smith-base-5.2.0.old/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite e-smith-base-5.2.0/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite
2 --- e-smith-base-5.2.0.old/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite 2014-01-13 20:15:16.000000000 -0800
3 +++ e-smith-base-5.2.0/root/etc/e-smith/db/configuration/defaults/modSSL/CipherSuite 1969-12-31 16:00:00.000000000 -0800
4 @@ -1 +0,0 @@
5 -HIGH:!SSLv2
6 diff -ruN e-smith-base-5.2.0.old/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate e-smith-base-5.2.0/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate
7 --- e-smith-base-5.2.0.old/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate 2014-01-13 20:15:16.000000000 -0800
8 +++ e-smith-base-5.2.0/root/etc/e-smith/db/configuration/migrate/30CipherSuiteUpdate 2014-01-13 20:41:20.000000000 -0800
9 @@ -1,9 +1,9 @@
10 {
11 - # Migrate old CipherSuite value to new secure default
12 + # Remove CipherSuite if it is the last insecure value
13 # Will not change CipherSuite if it has been modified from the original default, or deleted.
14 return unless defined $modSSL{CipherSuite};
15 - if($modSSL{CipherSuite} eq 'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM')
16 + if($modSSL{CipherSuite} eq 'HIGH:!SSLv2')
17 {
18 - $DB->set_prop('modSSL', 'CipherSuite', 'HIGH:!SSLv2');
19 + $DB->get('modSSL')->delete_prop ('CipherSuite');
20 }
21 }

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed