vsftpd/0042-When-handling-FEAT-command-check-ssl_tlsv1_1-and-ssl.patch
Ondřej Lysoněk adb9788c89 Fix docs for ssl_ciphers, fix FEAT handling, disable TLSv1, TLSv1.1
Document the new default for ssl_ciphers in the man page
Related: rhbz#1483970

When handling the FEAT command, check ssl_tlsv1_1 and ssl_tlsv1_2
Patch was written by Martin Sehnoutka
Resolves: rhbz#1432054

Disable TLSv1 and TLSv1.1 - enable only TLSv1.2 by default.
2017-12-21 16:43:11 +01:00

33 lines
907 B
Diff

From 1c280a0b04e58ec63ce9ab5eb8d0ffe5ebbae115 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
Date: Thu, 21 Dec 2017 14:29:25 +0100
Subject: [PATCH 42/42] When handling FEAT command, check ssl_tlsv1_1 and
ssl_tlsv1_2
Send 'AUTH SSL' in reply to the FEAT command when the ssl_tlsv1_1
or ssl_tlsv1_2 configuration option is enabled.
The patch was written by Martin Sehnoutka.
Resolves: rhbz#1432054
---
features.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/features.c b/features.c
index 1212980..d024366 100644
--- a/features.c
+++ b/features.c
@@ -22,7 +22,7 @@ handle_feat(struct vsf_session* p_sess)
{
vsf_cmdio_write_raw(p_sess, " AUTH SSL\r\n");
}
- if (tunable_tlsv1)
+ if (tunable_tlsv1 || tunable_tlsv1_1 || tunable_tlsv1_2)
{
vsf_cmdio_write_raw(p_sess, " AUTH TLS\r\n");
}
--
2.14.3