/[smeserver]/rpms/e-smith-proftpd/sme10/e-smith-proftpd-2.6.0-TLS.patch
ViewVC logotype

Annotation of /rpms/e-smith-proftpd/sme10/e-smith-proftpd-2.6.0-TLS.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (hide annotations) (download)
Fri Jun 17 14:39:29 2016 UTC (7 years, 11 months ago) by unnilennium
Branch: MAIN
CVS Tags: e-smith-proftpd-2_6_0-2_el7_sme 
* Fri Jun 17 2016 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-2.sme
- Adding TLS support to proftp configuration [SME: 6804]
- default is enabled but not required, only TLSv1.1 and v1.2
1 unnilennium 1.1 diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable
2     --- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable 1969-12-31 19:00:00.000000000 -0500
3     +++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable 2016-06-17 10:35:05.722000000 -0400
4     @@ -0,0 +1 @@
5     +on
6     diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired
7     --- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired 1969-12-31 19:00:00.000000000 -0500
8     +++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired 2016-06-17 10:35:19.834000000 -0400
9     @@ -0,0 +1 @@
10     +off
11     diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient
12     --- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient 1969-12-31 19:00:00.000000000 -0500
13     +++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient 2016-06-17 10:35:31.626000000 -0400
14     @@ -0,0 +1 @@
15     +off
16     diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS e-smith-proftpd-2.6.0/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS
17     --- e-smith-proftpd-2.6.0.old/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS 1969-12-31 19:00:00.000000000 -0500
18     +++ e-smith-proftpd-2.6.0/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS 2016-06-17 10:34:09.385000000 -0400
19     @@ -0,0 +1,32 @@
20     +{
21     + #check if TLS is enabled
22     + if (($ftp{TLSEnable} || 'yes') eq 'yes') {
23     +
24     + #check if TLS is required: values "on", "off"
25     + #if "on" normal ftp connections are dropped
26     + my $tlsrequired = $ftp{'TLSRequired'} || "off";
27     + my $tlsclient = $ftp{'TLSVerifyClient'} || "off";
28     + #use the same crt and key of httpd
29     + my $crt = $modSSL{'crt'} ||
30     + "/home/e-smith/ssl.crt/${SystemName}.${DomainName}.crt";
31     +
32     + my $key = $modSSL{'key'} ||
33     + "/home/e-smith/ssl.key/${SystemName}.${DomainName}.key";
34     +
35     + $OUT .= <<SSL_END;
36     +
37     +<IfModule mod_tls.c>
38     +TLSEngine on
39     +TLSLog /var/log/proftpd/tls.log
40     +TLSProtocol TLSv1.1 TLSv1.2
41     +TLSOptions NoCertRequest AllowClientRenegotiations
42     +TLSRSACertificateFile $crt
43     +TLSRSACertificateKeyFile $key
44     +TLSVerifyClient $tlsclient
45     +TLSRequired $tlsrequired
46     +</IfModule>
47     +SSL_END
48     +
49     + }
50     +}
51     +
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed