rpm/proftpd
SHA256
1
0
Fork 0
forked from pool/proftpd
Code Pull Requests Activity

Accepting request 769275 from home:computersalat:devel:network

Browse Source 
remove deprecated NoCertRequest from TLSOptions

OBS-URL: https://build.opensuse.org/request/show/769275
OBS-URL: https://build.opensuse.org/package/show/network/proftpd?expand=0&rev=74
This commit is contained in:
Christian Wittmer 2020-02-01 17:28:05 +00:00 committed by Git OBS Bridge
parent 7539df5586
commit 6c0afd5635
3 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
proftpd-tls.template
View File

@ -7,19 +7,19 @@
</IfModule> </IfModule>
<IfModule mod_tls.c> <IfModule mod_tls.c>
TLSEngine on TLSEngine on
TLSLog /var/log/proftpd/tls.log TLSLog /var/log/proftpd/tls.log
# Support both SSLv3 and TLSv1, but they should not be used # Support both SSLv3 and TLSv1, but they should not be used
# (known to be weak) # (known to be weak)
TLSProtocol TLSv1.1 TLSv1.2 TLSProtocol TLSv1.1 TLSv1.2
# Are clients required to use FTP over TLS when talking to this server? # Are clients required to use FTP over TLS when talking to this server?
TLSRequired off TLSRequired off
# Server's RSA certificate # Server's RSA certificate
TLSRSACertificateFile /etc/proftpd/ssl/proftpd.cert.pem TLSRSACertificateFile /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile /etc/proftpd/ssl/proftpd.key.pem TLSRSACertificateKeyFile /etc/proftpd/ssl/proftpd.key.pem
# CA (or CA chain) to verify client certs # CA (or CA chain) to verify client certs
#TLSCACertificateFile /etc/proftpd/ssl/proftpd.cacert.pem #TLSCACertificateFile /etc/proftpd/ssl/proftpd.cacert.pem
@ -28,15 +28,15 @@
TLSCertificateChainFile /etc/proftpd/ssl/proftpd.cacert.pem TLSCertificateChainFile /etc/proftpd/ssl/proftpd.cacert.pem
# Authenticate clients that want to use FTP over TLS? # Authenticate clients that want to use FTP over TLS?
TLSVerifyClient off TLSVerifyClient off
# Allow SSL/TLS renegotiations when the client requests them, but # Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotations. Some clients do not support # do not force the renegotations. Some clients do not support
# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these # SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
# clients will close the data connection, or there will be a timeout # clients will close the data connection, or there will be a timeout
# on an idle data connection. # on an idle data connection.
TLSRenegotiate none TLSRenegotiate none
# Should Server request a Clients Certificate and send valid CA list ? # Should Server request a Clients Certificate and send valid CA list ?
TLSOptions NoCertRequest NoSessionReuseRequired TLSOptions NoSessionReuseRequired
</IfModule> </IfModule>

6
proftpd.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Sat Feb 1 17:25:05 UTC 2020 - chris@computersalat.de
- cleanup tls.template
* remove deprecated NoCertRequest from TLSOptions
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Dec 28 20:45:30 UTC 2019 - chris@computersalat.de Sat Dec 28 20:45:30 UTC 2019 - chris@computersalat.de

2
proftpd.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package proftpd # spec file for package proftpd
# #
# Copyright (c) 2019 SUSE LLC # Copyright (c) 2020 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed