rpms/httpd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: RHEL-50031 - httpd default config changes

Browse Source
This commit is contained in:
Luboš Uhliarik 2024-08-12 14:14:08 +02:00
parent a7f0464790
commit 3f0c72457c
2 changed files with 5 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
httpd.spec
View File

@ -25,7 +25,7 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.4.62
Release: 3%{?dist}
Release: 4%{?dist}
URL: https://httpd.apache.org/
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
@ -831,6 +831,9 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd
%changelog
* Mon Aug 12 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-4
- Resolves: RHEL-50031 - httpd default config changes
* Thu Aug 08 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.62-3
- Resolves: RHEL-53632 - RFE: httpd, add IP_FREEBIND support for Listen
- Resolves: RHEL-53722 - [RFE] ProxyWebsocketIdleTimeout from

18
ssl.conf
View File

@ -23,22 +23,6 @@ SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the
# SSL library. The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
#
# Use "SSLCryptoDevice" to enable any supported hardware
# accelerators. Use "openssl engine -v" to list supported
@ -70,7 +54,7 @@ LogLevel warn
SSLEngine on
# List the protocol versions which clients are allowed to connect with.
# The OpenSSL system profile is configured by default. See
# The OpenSSL system profile is used by default. See
# update-crypto-policies(8) for more details.
#SSLProtocol all -SSLv3
#SSLProxyProtocol all -SSLv3