rpms / ovn

Clone
Source Code
GIT

Files

f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main rawhide
  1.   f29
  2.   0001-fedora-Use-PROFILE-SYSTEM-in-SSL_CTX_set_cipher_list.patch
Blob Blame History Raw 
From e79bf75f49ba362b7d2033adde3fa7dd5f1e9f65 Mon Sep 17 00:00:00 2001
From: Numan Siddique <nusiddiq@redhat.com>
Date: Wed, 3 Apr 2019 21:02:59 +0530
Subject: [PATCH] fedora: Use PROFILE=SYSTEM in SSL_CTX_set_cipher_list

This is fedora only patch to address the fedora crypto policies
https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/

Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
---
 lib/stream-ssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c
index fed71801b..78e54c39e 100644
--- a/lib/stream-ssl.c
+++ b/lib/stream-ssl.c
@@ -1014,7 +1014,7 @@ do_ssl_init(void)
     SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
                        NULL);
     SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
-    SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!MD5");
+    SSL_CTX_set_cipher_list(ctx, "PROFILE=SYSTEM");
 
     return 0;
 }
-- 
2.20.1
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.