rpms/httpd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: #2005416 - httpd default configuration changes

Browse Source
This commit is contained in:
Luboš Uhliarik 2021-11-08 16:26:13 +01:00
parent 7f280ee9bc
commit 71a047ad15
3 changed files with 9 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
httpd.conf
View File

@ -38,8 +38,10 @@ ServerRoot "/etc/httpd"
# ports, instead of the default. See also the <VirtualHost> # ports, instead of the default. See also the <VirtualHost>
# directive. # directive.
# #
# Change this to Listen on specific IP addresses as shown below to # Change this to Listen on a specific IP address, but note that if
# prevent Apache from glomming onto all bound IP addresses. # httpd.service is enabled to run at boot time, the address may not be
# available when the service starts. See the httpd.service(8) man
# page for more information.
# #
#Listen 12.34.56.78:80 #Listen 12.34.56.78:80
Listen 80 Listen 80

5
httpd.spec
View File

@ -13,7 +13,7 @@
Summary: Apache HTTP Server Summary: Apache HTTP Server
Name: httpd Name: httpd
Version: 2.4.51 Version: 2.4.51
Release: 1%{?dist} Release: 2%{?dist}
URL: https://httpd.apache.org/ URL: https://httpd.apache.org/
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
@ -807,6 +807,9 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd %{_rpmconfigdir}/macros.d/macros.httpd
%changelog %changelog
* Mon Nov 08 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.51-2
- Resolves: #2005416 - httpd default configuration changes
* Tue Oct 19 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.51-1 * Tue Oct 19 2021 Luboš Uhliarik <luhliari@redhat.com> - 2.4.51-1
- new version 2.4.51 (#2011090) - new version 2.4.51 (#2011090)

18
ssl.conf
View File

@ -23,22 +23,6 @@ SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000) SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300 SSLSessionCacheTimeout 300
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the
# SSL library. The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
# #
# Use "SSLCryptoDevice" to enable any supported hardware # Use "SSLCryptoDevice" to enable any supported hardware
# accelerators. Use "openssl engine -v" to list supported # accelerators. Use "openssl engine -v" to list supported
@ -70,7 +54,7 @@ LogLevel warn
SSLEngine on SSLEngine on
# List the protocol versions which clients are allowed to connect with. # List the protocol versions which clients are allowed to connect with.
# The OpenSSL system profile is configured by default. See # The OpenSSL system profile is used by default. See
# update-crypto-policies(8) for more details. # update-crypto-policies(8) for more details.
#SSLProtocol all -SSLv3 #SSLProtocol all -SSLv3
#SSLProxyProtocol all -SSLv3 #SSLProxyProtocol all -SSLv3