1 |
unnilennium |
1.1 |
diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable |
2 |
|
|
--- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable 1969-12-31 19:00:00.000000000 -0500 |
3 |
|
|
+++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable 2016-06-17 10:35:05.722000000 -0400 |
4 |
|
|
@@ -0,0 +1 @@ |
5 |
|
|
+on |
6 |
|
|
diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired |
7 |
|
|
--- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired 1969-12-31 19:00:00.000000000 -0500 |
8 |
|
|
+++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired 2016-06-17 10:35:19.834000000 -0400 |
9 |
|
|
@@ -0,0 +1 @@ |
10 |
|
|
+off |
11 |
|
|
diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient |
12 |
|
|
--- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient 1969-12-31 19:00:00.000000000 -0500 |
13 |
|
|
+++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient 2016-06-17 10:35:31.626000000 -0400 |
14 |
|
|
@@ -0,0 +1 @@ |
15 |
|
|
+off |
16 |
|
|
diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS e-smith-proftpd-2.6.0/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS |
17 |
|
|
--- e-smith-proftpd-2.6.0.old/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS 1969-12-31 19:00:00.000000000 -0500 |
18 |
|
|
+++ e-smith-proftpd-2.6.0/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS 2016-06-17 10:34:09.385000000 -0400 |
19 |
|
|
@@ -0,0 +1,32 @@ |
20 |
|
|
+{ |
21 |
|
|
+ #check if TLS is enabled |
22 |
|
|
+ if (($ftp{TLSEnable} || 'yes') eq 'yes') { |
23 |
|
|
+ |
24 |
|
|
+ #check if TLS is required: values "on", "off" |
25 |
|
|
+ #if "on" normal ftp connections are dropped |
26 |
|
|
+ my $tlsrequired = $ftp{'TLSRequired'} || "off"; |
27 |
|
|
+ my $tlsclient = $ftp{'TLSVerifyClient'} || "off"; |
28 |
|
|
+ #use the same crt and key of httpd |
29 |
|
|
+ my $crt = $modSSL{'crt'} || |
30 |
|
|
+ "/home/e-smith/ssl.crt/${SystemName}.${DomainName}.crt"; |
31 |
|
|
+ |
32 |
|
|
+ my $key = $modSSL{'key'} || |
33 |
|
|
+ "/home/e-smith/ssl.key/${SystemName}.${DomainName}.key"; |
34 |
|
|
+ |
35 |
|
|
+ $OUT .= <<SSL_END; |
36 |
|
|
+ |
37 |
|
|
+<IfModule mod_tls.c> |
38 |
|
|
+TLSEngine on |
39 |
|
|
+TLSLog /var/log/proftpd/tls.log |
40 |
|
|
+TLSProtocol TLSv1.1 TLSv1.2 |
41 |
|
|
+TLSOptions NoCertRequest AllowClientRenegotiations |
42 |
|
|
+TLSRSACertificateFile $crt |
43 |
|
|
+TLSRSACertificateKeyFile $key |
44 |
|
|
+TLSVerifyClient $tlsclient |
45 |
|
|
+TLSRequired $tlsrequired |
46 |
|
|
+</IfModule> |
47 |
|
|
+SSL_END |
48 |
|
|
+ |
49 |
|
|
+ } |
50 |
|
|
+} |
51 |
|
|
+ |