[lighttpd] Use system crypto policy.

Jon Ciesla limb at fedoraproject.org
Mon Jul 7 15:32:11 UTC 2014 

commit 4be79bd5a586f83d10321ef655e22702b5e2a8d2
Author: Jon Ciesla <limburgher at gmail.com>
Date:   Mon Jul 7 10:28:31 2014 -0500

    Use system crypto policy.

 lighttpd-1.4.35-system-crypto-policy.patch |   11 +++++++++++
 lighttpd.spec                              |    7 ++++++-
 2 files changed, 17 insertions(+), 1 deletions(-)
---
diff --git a/lighttpd-1.4.35-system-crypto-policy.patch b/lighttpd-1.4.35-system-crypto-policy.patch
new file mode 100644
index 0000000..580d7ba
--- /dev/null
+++ b/lighttpd-1.4.35-system-crypto-policy.patch
@@ -0,0 +1,11 @@
+--- lighttpd-1.4.35/doc/config/lighttpd.conf~	2014-03-12 11:40:36.000000000 -0500
++++ lighttpd-1.4.35/doc/config/lighttpd.conf	2014-07-07 08:22:46.934838985 -0500
+@@ -417,7 +417,7 @@
+ ##     # Check your cipher list with: openssl ciphers -v '...' (use single quotes as your shell won't like ! in double quotes)
+ ##     #
+ ##     # If you know you have RSA keys (standard), you can use:
+-##     ssl.cipher-list             = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK"
++##     ssl.cipher-list             = "PROFILE=SYSTEM"
+ ##     # The more generic version (without the restriction to RSA keys) is
+ ##     # ssl.cipher-list           = "HIGH !aNULL !3DES +kEDH +kRSA !kSRP !kPSK"
+ ##     #
diff --git a/lighttpd.spec b/lighttpd.spec
index 671c19d..7dd6683 100644
--- a/lighttpd.spec
+++ b/lighttpd.spec
@@ -43,7 +43,7 @@
 Summary: Lightning fast webserver with light system requirements
 Name: lighttpd
 Version: 1.4.35
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: BSD
 Group: System Environment/Daemons
 URL: http://www.lighttpd.net/
@@ -61,6 +61,7 @@ Source100: lighttpd-mod_geoip.c
 Source101: lighttpd-mod_geoip.txt
 Patch0: lighttpd-1.4.28-defaultconf.patch
 Patch1: lighttpd-1.4.34-mod_geoip.patch
+Patch2: lighttpd-1.4.35-system-crypto-policy.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 # For the target poweredby.png image (skip requirement + provide image on EL5)
 %if %{with systemlogos}
@@ -138,6 +139,7 @@ Virtual host module for lighttpd that uses a MySQL database.
 %setup -q
 %patch0 -p1 -b .defaultconf
 %patch1 -p1 -b .mod_geoip
+%patch2 -p1 -b .crypto_policy
 install -p -m 0644 %{SOURCE100} src/mod_geoip.c
 install -p -m 0644 %{SOURCE101} mod_geoip.txt
 
@@ -315,6 +317,9 @@ fi
 
 
 %changelog
+* Mon Jul 07 2014 Jon Ciesla <limburgher at gmail.com> - 1.4.35-3
+- Use system crypto policy, BZ 1109112.
+
 * Sat Jun 07 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.35-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

More information about the scm-commits mailing list