Use system wide crypto policy
Resolves: rhbz#1483970
This commit is contained in:
Ondřej Lysoněk
parent
f200da9342
commit
071c1c3826
27
0040-Use-system-wide-crypto-policy.patch
Normal file
27
0040-Use-system-wide-crypto-policy.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From b83be8b4f86bf1a8a6de4802a9486d084c4a46cd Mon Sep 17 00:00:00 2001
|
||||
From: Martin Sehnoutka <msehnout@redhat.com>
|
||||
Date: Tue, 29 Aug 2017 10:32:16 +0200
|
||||
Subject: [PATCH 40/40] Use system wide crypto policy
|
||||
|
||||
Resolves: rhbz#1483970
|
||||
---
|
||||
tunables.c | 3 +--
|
||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||
|
||||
diff --git a/tunables.c b/tunables.c
|
||||
index 5440c00..354251c 100644
|
||||
--- a/tunables.c
|
||||
+++ b/tunables.c
|
||||
@@ -297,8 +297,7 @@ tunables_load_defaults()
|
||||
install_str_setting(0, &tunable_dsa_cert_file);
|
||||
install_str_setting(0, &tunable_dh_param_file);
|
||||
install_str_setting(0, &tunable_ecdh_param_file);
|
||||
- install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384",
|
||||
- &tunable_ssl_ciphers);
|
||||
+ install_str_setting("PROFILE=SYSTEM", &tunable_ssl_ciphers);
|
||||
install_str_setting(0, &tunable_rsa_private_key_file);
|
||||
install_str_setting(0, &tunable_dsa_private_key_file);
|
||||
install_str_setting(0, &tunable_ca_certs_file);
|
||||
--
|
||||
2.14.3
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
Name: vsftpd
|
||||
Version: 3.0.3
|
||||
Release: 11%{?dist}
|
||||
Release: 12%{?dist}
|
||||
Summary: Very Secure Ftp Daemon
|
||||
|
||||
Group: System Environment/Daemons
|
||||
@ -68,6 +68,7 @@ Patch36: 0036-Redefine-VSFTP_COMMAND_FD-to-1.patch
|
||||
Patch37: 0037-Document-the-relationship-of-text_userdb_names-and-c.patch
|
||||
Patch38: 0038-Document-allow_writeable_chroot-in-the-man-page.patch
|
||||
Patch39: 0039-Improve-documentation-of-ASCII-mode-in-the-man-page.patch
|
||||
Patch40: 0040-Use-system-wide-crypto-policy.patch
|
||||
|
||||
%description
|
||||
vsftpd is a Very Secure FTP daemon. It was written completely from
|
||||
@ -137,6 +138,10 @@ mkdir -p $RPM_BUILD_ROOT/%{_var}/ftp/pub
|
||||
%{_var}/ftp
|
||||
|
||||
%changelog
|
||||
* Thu Dec 21 2017 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-12
|
||||
- Use system wide crypto policy
|
||||
- Resolves: rhbz#1483970
|
||||
|
||||
* Fri Nov 24 2017 Ondřej Lysoněk <olysonek@redhat.com> - 3.0.3-11
|
||||
- Improve documentation of ASCII mode in the man page
|
||||
- Resolves: rhbz#1139409
|
||||
|
||||
Loading…
Reference in New Issue
Block a user