[lighttpd] Use system crypto policy.
Jon Ciesla
limb at fedoraproject.org
Mon Jul 7 15:32:11 UTC 2014
commit 4be79bd5a586f83d10321ef655e22702b5e2a8d2
Author: Jon Ciesla <limburgher at gmail.com>
Date: Mon Jul 7 10:28:31 2014 -0500
Use system crypto policy.
lighttpd-1.4.35-system-crypto-policy.patch | 11 +++++++++++
lighttpd.spec | 7 ++++++-
2 files changed, 17 insertions(+), 1 deletions(-)
---
diff --git a/lighttpd-1.4.35-system-crypto-policy.patch b/lighttpd-1.4.35-system-crypto-policy.patch
new file mode 100644
index 0000000..580d7ba
--- /dev/null
+++ b/lighttpd-1.4.35-system-crypto-policy.patch
@@ -0,0 +1,11 @@
+--- lighttpd-1.4.35/doc/config/lighttpd.conf~ 2014-03-12 11:40:36.000000000 -0500
++++ lighttpd-1.4.35/doc/config/lighttpd.conf 2014-07-07 08:22:46.934838985 -0500
+@@ -417,7 +417,7 @@
+ ## # Check your cipher list with: openssl ciphers -v '...' (use single quotes as your shell won't like ! in double quotes)
+ ## #
+ ## # If you know you have RSA keys (standard), you can use:
+-## ssl.cipher-list = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK"
++## ssl.cipher-list = "PROFILE=SYSTEM"
+ ## # The more generic version (without the restriction to RSA keys) is
+ ## # ssl.cipher-list = "HIGH !aNULL !3DES +kEDH +kRSA !kSRP !kPSK"
+ ## #
diff --git a/lighttpd.spec b/lighttpd.spec
index 671c19d..7dd6683 100644
--- a/lighttpd.spec
+++ b/lighttpd.spec
@@ -43,7 +43,7 @@
Summary: Lightning fast webserver with light system requirements
Name: lighttpd
Version: 1.4.35
-Release: 2%{?dist}
+Release: 3%{?dist}
License: BSD
Group: System Environment/Daemons
URL: http://www.lighttpd.net/
@@ -61,6 +61,7 @@ Source100: lighttpd-mod_geoip.c
Source101: lighttpd-mod_geoip.txt
Patch0: lighttpd-1.4.28-defaultconf.patch
Patch1: lighttpd-1.4.34-mod_geoip.patch
+Patch2: lighttpd-1.4.35-system-crypto-policy.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
# For the target poweredby.png image (skip requirement + provide image on EL5)
%if %{with systemlogos}
@@ -138,6 +139,7 @@ Virtual host module for lighttpd that uses a MySQL database.
%setup -q
%patch0 -p1 -b .defaultconf
%patch1 -p1 -b .mod_geoip
+%patch2 -p1 -b .crypto_policy
install -p -m 0644 %{SOURCE100} src/mod_geoip.c
install -p -m 0644 %{SOURCE101} mod_geoip.txt
@@ -315,6 +317,9 @@ fi
%changelog
+* Mon Jul 07 2014 Jon Ciesla <limburgher at gmail.com> - 1.4.35-3
+- Use system crypto policy, BZ 1109112.
+
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.35-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
More information about the scm-commits
mailing list