commit apache2-mod_nss for openSUSE:Factory

h_root Mon, 25 Aug 2014 02:08:50 -0700

Hello community,

here is the log from the commit of package apache2-mod_nss for openSUSE:Factory 
checked in at 2014-08-25 11:03:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apache2-mod_nss (Old)
 and      /work/SRC/openSUSE:Factory/.apache2-mod_nss.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "apache2-mod_nss"

Changes:
--------
--- /work/SRC/openSUSE:Factory/apache2-mod_nss/apache2-mod_nss.changes  
2014-07-27 18:47:32.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.apache2-mod_nss.new/apache2-mod_nss.changes     
2014-08-25 11:05:02.000000000 +0200
@@ -1,0 +2,7 @@
+Thu Aug 21 07:50:57 UTC 2014 - [email protected]
+
+- mod_nss-cipherlist_update_for_tls12-doc.diff,
+  mod_nss-cipherlist_update_for_tls12.diff,
+  mod_nss.conf.in: Added more TLS 1.2 ciphers, the CBC with SHA256.
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ mod_nss-cipherlist_update_for_tls12-doc.diff ++++++
--- /var/tmp/diff_new_pack.B2WRIL/_old  2014-08-25 11:05:04.000000000 +0200
+++ /var/tmp/diff_new_pack.B2WRIL/_new  2014-08-25 11:05:04.000000000 +0200
@@ -1,7 +1,7 @@
 diff -rNU 50 ../mod_nss-1.0.8-o/docs/mod_nss.html ./docs/mod_nss.html
 --- ../mod_nss-1.0.8-o/docs/mod_nss.html       2014-02-18 16:30:19.000000000 
+0100
 +++ ./docs/mod_nss.html        2014-02-18 16:48:18.000000000 +0100
-@@ -632,100 +632,121 @@
+@@ -632,100 +632,135 @@
        </td>
        <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td>
      </tr>
@@ -53,11 +53,18 @@
        <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td>
      </tr>
 +    <tr>
++      <td style="vertical-align: top;">rsa_aes_128_sha256<br>
++      </td>
++      <td style="vertical-align: top;">TLS_RSA_WITH_AES_128_CBC_SHA256<br>
++      </td>
++      <td style="vertical-align: top;">TLSv1.2</td>
++    </tr>
++    <tr>
 +      <td style="vertical-align: top;">rsa_aes_128_gcm_sha<br>
 +      </td>
 +      <td style="vertical-align: top;">TLS_RSA_WITH_AES_128_GCM_SHA256<br>
 +      </td>
-+      <td style="vertical-align: top;">TLSv1.0/TLSv1.1/TLSv1.2</td>
++      <td style="vertical-align: top;">TLSv1.2</td>
 +    </tr>
 +    <tr>
 +      <td style="vertical-align: top;">rsa_camellia_128_sha<br>
@@ -73,6 +80,13 @@
 +      </td>
 +      <td style="vertical-align: top;">TLSv1.0/TLSv1.1/TLSv1.2</td>
 +    </tr>
++    <tr>
++      <td style="vertical-align: top;">rsa_aes_256_sha256<br>
++      </td>
++      <td style="vertical-align: top;">TLS_RSA_WITH_AES_256_CBC_SHA256<br>
++      </td>
++      <td style="vertical-align: top;">TLSv1.2</td>
++    </tr>
    </tbody>
  </table>
  <br>
@@ -123,7 +137,7 @@
        <td>ecdhe_ecdsa_rc4_128_sha</td>
        <td>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</td>
        <td>TLSv1.0/TLSv1.1/TLSv1.2</td>
-@@ -773,100 +794,120 @@
+@@ -773,100 +794,130 @@
      <tr>
        <td>echde_rsa_null</td>
        <td>TLS_ECDHE_RSA_WITH_NULL_SHA</td>
@@ -175,6 +189,16 @@
        <td>TLSv1.0/TLSv1.1/TLSv1.2</td>
      </tr>
 +    <tr>
++      <td>ecdh_ecdsa_aes_128_sha256</td>
++      <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256</td>
++      <td>TLSv1.2</td>
++    </tr>
++    <tr>
++      <td>ecdh_rsa_aes_128_sha256</td>
++      <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256</td>
++      <td>TLSv1.2</td>
++    </tr>
++    <tr>
 +      <td>ecdh_ecdsa_aes_128_gcm_sha</td>
 +      <td>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</td>
 +      <td>TLSv1.0/TLSv1.1/TLSv1.2</td>

++++++ mod_nss-cipherlist_update_for_tls12.diff ++++++
--- /var/tmp/diff_new_pack.B2WRIL/_old  2014-08-25 11:05:04.000000000 +0200
+++ /var/tmp/diff_new_pack.B2WRIL/_new  2014-08-25 11:05:04.000000000 +0200
@@ -53,10 +53,10 @@
  /* the table itself is defined in nss_engine_init.c */
  #ifdef NSS_ENABLE_ECC
 -#define ciphernum 48
-+#define ciphernum 55
++#define ciphernum 59
  #else
 -#define ciphernum 23
-+#define ciphernum 26
++#define ciphernum 28
  #endif
  
  /*
@@ -110,7 +110,7 @@
 diff -rNU 50 ../mod_nss-1.0.8-o/nss_engine_init.c ./nss_engine_init.c
 --- ../mod_nss-1.0.8-o/nss_engine_init.c       2014-02-18 16:30:19.000000000 
+0100
 +++ ./nss_engine_init.c        2014-02-18 16:30:51.000000000 +0100
-@@ -15,122 +15,130 @@
+@@ -15,122 +15,134 @@
  
  #include "mod_nss.h"
  #include "apr_thread_proc.h"
@@ -161,9 +161,11 @@
      {"rsa_rc4_56_sha", TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, 0, SSL3 | TLS},
      /* AES ciphers.*/
      {"rsa_aes_128_sha", TLS_RSA_WITH_AES_128_CBC_SHA, 0, SSL3 | TLS},
++    {"rsa_aes_128_sha256", TLS_RSA_WITH_AES_128_CBC_SHA256, 0, TLS},
 +    {"rsa_aes_128_gcm_sha", TLS_RSA_WITH_AES_128_GCM_SHA256, 0, TLS},
 +    {"rsa_camellia_128_sha", TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, 0, TLS},
      {"rsa_aes_256_sha", TLS_RSA_WITH_AES_256_CBC_SHA, 0, SSL3 | TLS},
++    {"rsa_aes_256_sha256", TLS_RSA_WITH_AES_256_CBC_SHA256, 0, TLS},
 +    {"rsa_camellia_256_sha", TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, 0, TLS},
 +
  #ifdef NSS_ENABLE_ECC
@@ -178,6 +180,7 @@
      {"ecdhe_ecdsa_rc4_128_sha", TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 0, TLS},
      {"ecdhe_ecdsa_3des_sha", TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, 0, TLS},
      {"ecdhe_ecdsa_aes_128_sha", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 0, TLS},
++    {"ecdhe_ecdsa_aes_128_sha256", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 
0, TLS},
 +    {"ecdhe_ecdsa_aes_128_gcm_sha", TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 
0, TLS},
      {"ecdhe_ecdsa_aes_256_sha", TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 0, TLS},
      {"ecdh_rsa_null_sha", TLS_ECDH_RSA_WITH_NULL_SHA, 0, TLS},
@@ -190,6 +193,7 @@
      {"ecdhe_rsa_rc4_128_sha", TLS_ECDHE_RSA_WITH_RC4_128_SHA, 0, TLS},
      {"ecdhe_rsa_3des_sha", TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 0, TLS},
      {"ecdhe_rsa_aes_128_sha", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 0, TLS},
++    {"ecdhe_rsa_aes_128_sha256", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 0, 
TLS},
 +    {"ecdhe_rsa_aes_128_gcm_sha", TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0, 
TLS},
      {"ecdhe_rsa_aes_256_sha", TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 0, TLS},
      {"ecdh_anon_null_sha", TLS_ECDH_anon_WITH_NULL_SHA, 0, TLS},

++++++ mod_nss.conf.in ++++++
--- /var/tmp/diff_new_pack.B2WRIL/_old  2014-08-25 11:05:04.000000000 +0200
+++ /var/tmp/diff_new_pack.B2WRIL/_new  2014-08-25 11:05:04.000000000 +0200
@@ -216,7 +216,7 @@
 # * no rc4, no 3des, no des
 # * ephemeral is what you want (PFS).
 # * EC has precedence over RSA
-NSSCipherSuite 
+ecdhe_ecdsa_aes_128_gcm_sha,+ecdh_ecdsa_aes_128_gcm_sha,+ecdhe_rsa_aes_256_sha,+ecdh_rsa_aes_256_sha,+ecdhe_rsa_aes_128_gcm_sha,+ecdh_rsa_aes_128_gcm_sha,+ecdhe_rsa_aes_128_sha,+ecdh_rsa_aes_128_sha,+rsa_aes_128_gcm_sha,+rsa_aes_256_sha,+rsa_aes_128_sha
+NSSCipherSuite 
+ecdhe_ecdsa_aes_128_gcm_sha,+ecdh_ecdsa_aes_128_gcm_sha,+ecdhe_rsa_aes_256_sha,+ecdh_rsa_aes_256_sha,+ecdhe_rsa_aes_128_gcm_sha,+ecdh_rsa_aes_128_gcm_sha,+ecdhe_rsa_aes_128_sha,+ecdh_rsa_aes_128_sha,+rsa_aes_128_gcm_sha,+rsa_aes_256_sha,+rsa_aes_128_sha,+rsa_aes_128_sha256,+ecdhe_rsa_aes_256_sha256,+rsa_aes_256_sha256,+ecdhe_rsa_aes_256_sha256
 
 #   SSL Protocol:
 #   Cryptographic protocols that provide communication security.

-- 
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

commit apache2-mod_nss for openSUSE:Factory

Reply via email to