Author: glen Date: Mon Dec 19 14:40:55 2011 GMT Module: packages Tag: HEAD ---- Log message:
- mitigate against BEAST attacks, see https://redmine.lighttpd.net/issues/2364 ---- Files affected: packages/lighttpd: lighttpd-ssl.conf (1.3 -> 1.4) ---- Diffs: ================================================================ Index: packages/lighttpd/lighttpd-ssl.conf diff -u packages/lighttpd/lighttpd-ssl.conf:1.3 packages/lighttpd/lighttpd-ssl.conf:1.4 --- packages/lighttpd/lighttpd-ssl.conf:1.3 Fri Sep 18 11:05:10 2009 +++ packages/lighttpd/lighttpd-ssl.conf Mon Dec 19 15:40:50 2011 @@ -2,6 +2,10 @@ # # Documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:SSL +# mitigate against BEAST attacks +# http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html +#ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM" + $SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/server.pem" ================================================================ ---- CVS-web: http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/lighttpd/lighttpd-ssl.conf?r1=1.3&r2=1.4&f=u _______________________________________________ pld-cvs-commit mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
