[gentoo-commits] gentoo-x86 commit in app-admin/webmin/files: gentoo-setup

Sun, 04 Jan 2015 19:23:28 -0800 

dlan        15/01/05 03:23:01

  Modified:             gentoo-setup
  Log:
  drop old due to security issue, bug 511624; bump new, bug 534092, thanks 
PhobosK
  
  (Portage version: 2.2.15/cvs/Linux x86_64, signed Manifest commit with key 
0xAABEFD55)

Revision  Changes    Path
1.4                  app-admin/webmin/files/gentoo-setup

file : 
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/webmin/files/gentoo-setup?rev=1.4&view=markup
plain: 
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/webmin/files/gentoo-setup?rev=1.4&content-type=text/plain
diff : 
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/webmin/files/gentoo-setup?r1=1.3&r2=1.4

Index: gentoo-setup
===================================================================
RCS file: /var/cvsroot/gentoo-x86/app-admin/webmin/files/gentoo-setup,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- gentoo-setup        7 Jun 2014 11:29:32 -0000       1.3
+++ gentoo-setup        5 Jan 2015 03:23:01 -0000       1.4
@@ -94,9 +94,11 @@
        real_os_type=`grep "^real_os_type=" $config_dir/config | sed -e 
's/real_os_type=//g'`
        real_os_version=`grep "^real_os_version=" $config_dir/config | sed -e 
's/real_os_version=//g'`
 
-       # Get port, ssl, ssl_redirect, no_sslcompression and keyfile
+       # Get port, ssl, no_ssl2, no_ssl3, ssl_redirect, no_sslcompression and 
keyfile
        port=`grep "^port=" $config_dir/miniserv.conf | sed -e 's/port=//g'`
        ssl=`grep "^ssl=" $config_dir/miniserv.conf | sed -e 's/ssl=//g'`
+       no_ssl2=`grep "^no_ssl2=" $config_dir/miniserv.conf | sed -e 
's/no_ssl2=//g'`
+       no_ssl3=`grep "^no_ssl3=" $config_dir/miniserv.conf | sed -e 
's/no_ssl3=//g'`
        ssl_redirect=`grep "^ssl_redirect=" $config_dir/miniserv.conf | sed -e 
's/ssl_redirect=//g'`
        no_sslcompression=`grep "^no_sslcompression=" $config_dir/miniserv.conf 
| sed -e 's/no_sslcompression=//g'`
        keyfile=`grep "^keyfile=" $config_dir/miniserv.conf | sed -e 
's/keyfile=//g'`
@@ -139,6 +141,8 @@
        echo "logtime=168" >> $cfile
        echo "ppath=$ppath" >> $cfile
        echo "ssl=$ssl" >> $cfile
+       echo "no_ssl2=$no_ssl2" >> $cfile
+       echo "no_ssl3=$no_ssl3" >> $cfile
        echo "ssl_redirect=$ssl_redirect" >> $cfile
        echo "no_sslcompression=$no_sslcompression" >> $cfile
        echo "keyfile=$keyfile" >> $cfile
@@ -206,7 +210,7 @@
                systemctl start webmin.service
        else
                rc-service --ifexists -- webmin start
-       fi      
+       fi
 fi
 END
 
@@ -305,9 +309,22 @@
        echo no_sslcompression=1 >> $config_dir/miniserv.conf
 fi
 
-# Make Perl crypt MD5 the default
-echo md5pass=1 >> $config_dir/config
+# Tighten SSL security
+grep no_ssl2= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+       echo no_ssl2=1 >> $config_dir/miniserv.conf
+fi
+
+grep no_ssl3= $config_dir/miniserv.conf >/dev/null
+if [ "$?" != "0" ]; then
+       echo no_ssl3=1 >> $config_dir/miniserv.conf
+fi
 
+# Make Perl crypt MD5 the default
+grep md5pass= $config_dir/config >/dev/null
+if [ "$?" != "0" ]; then
+       echo md5pass=1 >> $config_dir/config
+fi
 
 # Set a special theme if none was set before
 if [ "$theme" = "" ]; then
@@ -333,6 +350,13 @@
        echo "preroot=$themelist" >> $config_dir/miniserv.conf
 fi
 
+# If the old blue-theme is still in use, change it (new in 1.730)
+oldtheme=`grep "^theme=" $config_dir/config | sed -e 's/theme=//g'`
+if [ "$oldtheme" = "blue-theme" ]; then
+   sed -i -e 's/theme=blue-theme/theme=gray-theme/g' $config_dir/config
+   sed -i -e 's/preroot=blue-theme/preroot=gray-theme/g' 
$config_dir/miniserv.conf
+fi
+
 # Set the product field in the global config
 grep product= $config_dir/config >/dev/null
 if [ "$?" != "0" ]; then

Reply via email to