/[smeserver]/rpms/e-smith-proftpd/sme10/e-smith-proftpd-2.6.0-TLS.patch
ViewVC logotype

Contents of /rpms/e-smith-proftpd/sme10/e-smith-proftpd-2.6.0-TLS.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Fri Jun 17 14:39:29 2016 UTC (8 years, 4 months ago) by unnilennium
Branch: MAIN
CVS Tags: e-smith-proftpd-2_6_0-2_el7_sme 
* Fri Jun 17 2016 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-2.sme
- Adding TLS support to proftp configuration [SME: 6804]
- default is enabled but not required, only TLSv1.1 and v1.2
1 diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable
2 --- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable 1969-12-31 19:00:00.000000000 -0500
3 +++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable 2016-06-17 10:35:05.722000000 -0400
4 @@ -0,0 +1 @@
5 +on
6 diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired
7 --- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired 1969-12-31 19:00:00.000000000 -0500
8 +++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired 2016-06-17 10:35:19.834000000 -0400
9 @@ -0,0 +1 @@
10 +off
11 diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient
12 --- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient 1969-12-31 19:00:00.000000000 -0500
13 +++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient 2016-06-17 10:35:31.626000000 -0400
14 @@ -0,0 +1 @@
15 +off
16 diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS e-smith-proftpd-2.6.0/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS
17 --- e-smith-proftpd-2.6.0.old/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS 1969-12-31 19:00:00.000000000 -0500
18 +++ e-smith-proftpd-2.6.0/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS 2016-06-17 10:34:09.385000000 -0400
19 @@ -0,0 +1,32 @@
20 +{
21 + #check if TLS is enabled
22 + if (($ftp{TLSEnable} || 'yes') eq 'yes') {
23 +
24 + #check if TLS is required: values "on", "off"
25 + #if "on" normal ftp connections are dropped
26 + my $tlsrequired = $ftp{'TLSRequired'} || "off";
27 + my $tlsclient = $ftp{'TLSVerifyClient'} || "off";
28 + #use the same crt and key of httpd
29 + my $crt = $modSSL{'crt'} ||
30 + "/home/e-smith/ssl.crt/${SystemName}.${DomainName}.crt";
31 +
32 + my $key = $modSSL{'key'} ||
33 + "/home/e-smith/ssl.key/${SystemName}.${DomainName}.key";
34 +
35 + $OUT .= <<SSL_END;
36 +
37 +<IfModule mod_tls.c>
38 +TLSEngine on
39 +TLSLog /var/log/proftpd/tls.log
40 +TLSProtocol TLSv1.1 TLSv1.2
41 +TLSOptions NoCertRequest AllowClientRenegotiations
42 +TLSRSACertificateFile $crt
43 +TLSRSACertificateKeyFile $key
44 +TLSVerifyClient $tlsclient
45 +TLSRequired $tlsrequired
46 +</IfModule>
47 +SSL_END
48 +
49 + }
50 +}
51 +
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed