pool/nginx
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Recommend to use TLSv1.2 by default (boo#1086855)

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=105
This commit is contained in:
Artem Chernikov 2018-03-28 11:25:04 +00:00 committed by Git OBS Bridge
parent 175edd096e
commit 5cdde8b765
2 changed files with 24 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
nginx-1.6.1-default_config.patch
View File

@ -1,7 +1,5 @@
Index: conf/nginx.conf --- conf/nginx.conf.orig 2018-03-28 11:56:48.834012377 +0200
=================================================================== +++ conf/nginx.conf 2018-03-28 13:16:09.978372767 +0200
--- conf/nginx.conf.orig
+++ conf/nginx.conf
@@ -1,16 +1,28 @@ @@ -1,16 +1,28 @@
-#user nobody; -#user nobody;
@ -36,7 +34,7 @@ Index: conf/nginx.conf
} }
@@ -22,7 +34,7 @@ http { @@ -22,7 +34,7 @@
# '$status $body_bytes_sent "$http_referer" ' # '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"'; # '"$http_user_agent" "$http_x_forwarded_for"';
@ -45,7 +43,7 @@ Index: conf/nginx.conf
sendfile on; sendfile on;
#tcp_nopush on; #tcp_nopush on;
@@ -32,16 +44,18 @@ http { @@ -32,16 +44,18 @@
#gzip on; #gzip on;
@ -66,7 +64,7 @@ Index: conf/nginx.conf
index index.html index.htm; index index.html index.htm;
} }
@@ -51,7 +65,7 @@ http { @@ -51,7 +65,7 @@
# #
error_page 500 502 503 504 /50x.html; error_page 500 502 503 504 /50x.html;
location = /50x.html { location = /50x.html {
@ -75,7 +73,7 @@ Index: conf/nginx.conf
} }
# proxy the PHP scripts to Apache listening on 127.0.0.1:80 # proxy the PHP scripts to Apache listening on 127.0.0.1:80
@@ -63,7 +77,7 @@ http { @@ -63,7 +77,7 @@
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
# #
#location ~ \.php$ { #location ~ \.php$ {
@ -84,7 +82,7 @@ Index: conf/nginx.conf
# fastcgi_pass 127.0.0.1:9000; # fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php; # fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
@@ -87,7 +101,7 @@ http { @@ -87,7 +101,7 @@
# server_name somename alias another.alias; # server_name somename alias another.alias;
# location / { # location / {
@ -93,7 +91,18 @@ Index: conf/nginx.conf
# index index.html index.htm; # index index.html index.htm;
# } # }
#} #}
@@ -109,9 +123,11 @@ http { @@ -101,6 +115,10 @@
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
+
+ # Allow TLS version 1.2 only, which is a recommended default these days
+ # by international information security standards.
+ # ssl_protocols TLSv1.2;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
@@ -109,9 +127,11 @@
# ssl_prefer_server_ciphers on; # ssl_prefer_server_ciphers on;
# location / { # location / {

5
nginx.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Wed Mar 28 11:18:44 UTC 2018 - achernikov@suse.com
- Recommend to use TLSv1.2 by default (boo#1086855)
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Feb 21 13:32:25 UTC 2018 - mrueckert@suse.de Wed Feb 21 13:32:25 UTC 2018 - mrueckert@suse.de