Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/apache2/patches/ssl.conf.patch
author Rich Burridge <rich.burridge@oracle.com>
Wed, 09 Sep 2015 11:58:35 -0700
changeset 4847 05ee227964f9
parent 4696 96b9957387bf
permissions -rw-r--r--
21810533 Improve various Python module download locations
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
2223
2bbd29293854 18764604 Apache should not enable pkcs11 engine by default on T4/T4+ platforms
Petr Sumbera <petr.sumbera@oracle.com>
parents: 714
diff changeset 
     1
 
Patch origin: in-house
2bbd29293854 18764604 Apache should not enable pkcs11 engine by default on T4/T4+ platforms
Petr Sumbera <petr.sumbera@oracle.com>
parents: 714
diff changeset 
     2
 
Patch status: Solaris-specific; not suitable for upstream
4696
96b9957387bf 21479636 Upgrade Apache Web Server to version 2.2.31
Petr Sumbera <petr.sumbera@oracle.com>
parents: 4052
diff changeset 
     3
 
Patch status: SSLProtocol part submitted to upstream
96b9957387bf 21479636 Upgrade Apache Web Server to version 2.2.31
Petr Sumbera <petr.sumbera@oracle.com>
parents: 4052
diff changeset 
     4
 












96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




     5


https://bz.apache.org/bugzilla/show_bug.cgi?id=57120








2223






2bbd29293854
18764604 Apache should not enable pkcs11 engine by default on T4/T4+ platforms



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
714

diff
changeset




     6









4052






dd17ecf751c3
20813188 problem in UTILITY/APACHE



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
2223

diff
changeset




     7


--- docs/conf/extra/httpd-ssl.conf.in













dd17ecf751c3
20813188 problem in UTILITY/APACHE



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
2223

diff
changeset




     8


+++ docs/conf/extra/httpd-ssl.conf.in








4696






96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




     9


@@ -22,9 +22,14 @@








278






77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    10


 # Manual for more details.













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    11


 #













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    12


 #SSLRandomSeed startup file:/dev/random  512













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    13


-#SSLRandomSeed startup file:/dev/urandom 512













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    14


+SSLRandomSeed startup file:/dev/urandom 512













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    15


 #SSLRandomSeed connect file:/dev/random  512













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    16


-#SSLRandomSeed connect file:/dev/urandom 512













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    17


+SSLRandomSeed connect file:/dev/urandom 512








4696






96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    18


+








714






b205ca9f0d84
7149111 Upgrade Apache Web Server to version 2.2.22



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
278

diff
changeset




    19


+#








2223






2bbd29293854
18764604 Apache should not enable pkcs11 engine by default on T4/T4+ platforms



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
714

diff
changeset




    20


+# Enable Solaris crypto framework (recommended for T1/T2/T3 based systems)








714






b205ca9f0d84
7149111 Upgrade Apache Web Server to version 2.2.22



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
278

diff
changeset




    21


+#








2223






2bbd29293854
18764604 Apache should not enable pkcs11 engine by default on T4/T4+ platforms



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
714

diff
changeset




    22


+#SSLCryptoDevice pkcs11








278






77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    23


 








4696






96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    24


 








278






77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    25


 #








4696






96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    26


@@ -80,11 +85,11 @@













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    27


 













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    28


 #   SSL Protocol support:













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    29


 #   List the protocol versions which clients are allowed to connect with.













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    30


-#   Disable SSLv2 and SSLv3 by default (cf. RFC 7525 3.1.1).  TLSv1 (1.0)













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    31


+#   SSLv2 and SSLv3 are disabled by default (cf. RFC 7525 3.1.1).  TLSv1 (1.0)













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    32


 #   should be disabled as quickly as practical.  By the end of 2016, only













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    33


 #   the TLSv1.2 protocol or later should remain in use.













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    34


-SSLProtocol all -SSLv2 -SSLv3













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    35


-SSLProxyProtocol all -SSLv2 -SSLv3













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    36


+SSLProtocol all













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    37


+SSLProxyProtocol all













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    38


 













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    39


 #   Pass Phrase Dialog:













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    40


 #   Configure the pass phrase gathering process.













96b9957387bf
21479636 Upgrade Apache Web Server to version 2.2.31



Petr Sumbera <petr.sumbera@oracle.com>


parents: 
4052

diff
changeset




    41


@@ -112,7 +117,7 @@








278






77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    42


 













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    43


 #   General setup for the virtual host













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    44


 DocumentRoot "@exp_htdocsdir@"













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    45


-ServerName www.example.com:@@SSLPort@@













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    46


+ServerName 127.0.0.1:@@SSLPort@@













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    47


 ServerAdmin [email protected]













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    48


 ErrorLog "@exp_logfiledir@/error_log"













77b380ba9d84
7045614 Move Apache Web server to userland



Petr Sumbera <petr.sumbera@oracle.com>


parents: 

diff
changeset




    49


 TransferLog "@exp_logfiledir@/access_log"















upstream/oracle/userland-gate