| 1 |
unnilennium |
1.1 |
diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable |
| 2 |
|
|
--- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable 1969-12-31 19:00:00.000000000 -0500 |
| 3 |
unnilennium |
1.2 |
+++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSEnable 2016-06-17 11:01:16.668000000 -0400 |
| 4 |
unnilennium |
1.1 |
@@ -0,0 +1 @@ |
| 5 |
|
|
+on |
| 6 |
|
|
diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired |
| 7 |
|
|
--- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired 1969-12-31 19:00:00.000000000 -0500 |
| 8 |
unnilennium |
1.2 |
+++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSRequired 2016-06-17 11:01:16.668000000 -0400 |
| 9 |
unnilennium |
1.1 |
@@ -0,0 +1 @@ |
| 10 |
unnilennium |
1.3 |
+on |
| 11 |
unnilennium |
1.1 |
diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient |
| 12 |
|
|
--- e-smith-proftpd-2.6.0.old/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient 1969-12-31 19:00:00.000000000 -0500 |
| 13 |
unnilennium |
1.2 |
+++ e-smith-proftpd-2.6.0/root/etc/e-smith/db/configuration/defaults/ftp/TLSVerifyClient 2016-06-17 11:01:16.668000000 -0400 |
| 14 |
unnilennium |
1.1 |
@@ -0,0 +1 @@ |
| 15 |
|
|
+off |
| 16 |
|
|
diff -Nur e-smith-proftpd-2.6.0.old/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS e-smith-proftpd-2.6.0/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS |
| 17 |
|
|
--- e-smith-proftpd-2.6.0.old/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS 1969-12-31 19:00:00.000000000 -0500 |
| 18 |
unnilennium |
1.2 |
+++ e-smith-proftpd-2.6.0/root/etc/e-smith/templates/etc/proftpd.conf/06ModTLS 2016-06-17 10:56:56.000000000 -0400 |
| 19 |
|
|
@@ -0,0 +1,37 @@ |
| 20 |
unnilennium |
1.1 |
+{ |
| 21 |
|
|
+ #check if TLS is enabled |
| 22 |
unnilennium |
1.3 |
+ if (($ftp{TLSEnable} || 'on') eq 'on') { |
| 23 |
unnilennium |
1.1 |
+ |
| 24 |
|
|
+ #check if TLS is required: values "on", "off" |
| 25 |
|
|
+ #if "on" normal ftp connections are dropped |
| 26 |
unnilennium |
1.3 |
+ my $tlsrequired = $ftp{'TLSRequired'} || "on"; |
| 27 |
unnilennium |
1.1 |
+ my $tlsclient = $ftp{'TLSVerifyClient'} || "off"; |
| 28 |
|
|
+ #use the same crt and key of httpd |
| 29 |
|
|
+ my $crt = $modSSL{'crt'} || |
| 30 |
|
|
+ "/home/e-smith/ssl.crt/${SystemName}.${DomainName}.crt"; |
| 31 |
|
|
+ |
| 32 |
|
|
+ my $key = $modSSL{'key'} || |
| 33 |
|
|
+ "/home/e-smith/ssl.key/${SystemName}.${DomainName}.key"; |
| 34 |
unnilennium |
1.2 |
+ my $chain_file = $modSSL{CertificateChainFile} || |
| 35 |
|
|
+ "# no chain cert"; |
| 36 |
|
|
+ |
| 37 |
unnilennium |
1.3 |
+ $chain_file = ( $chain_file eq "# no chain cert" )? $chain_file : "TLSCertificateChainFile $chain_file"; |
| 38 |
unnilennium |
1.1 |
+ |
| 39 |
|
|
+ $OUT .= <<SSL_END; |
| 40 |
|
|
+ |
| 41 |
|
|
+<IfModule mod_tls.c> |
| 42 |
|
|
+TLSEngine on |
| 43 |
|
|
+TLSLog /var/log/proftpd/tls.log |
| 44 |
|
|
+TLSProtocol TLSv1.1 TLSv1.2 |
| 45 |
|
|
+TLSOptions NoCertRequest AllowClientRenegotiations |
| 46 |
|
|
+TLSRSACertificateFile $crt |
| 47 |
|
|
+TLSRSACertificateKeyFile $key |
| 48 |
unnilennium |
1.2 |
+$chain_file |
| 49 |
unnilennium |
1.1 |
+TLSVerifyClient $tlsclient |
| 50 |
|
|
+TLSRequired $tlsrequired |
| 51 |
|
|
+</IfModule> |
| 52 |
|
|
+SSL_END |
| 53 |
|
|
+ |
| 54 |
|
|
+ } |
| 55 |
|
|
+} |
| 56 |
|
|
+ |
Parent Directory
| 
Revision Log
| 
Revision Graph
