pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/ucspi-ssl Previous attempt at sensible default cip...
details: https://anonhg.NetBSD.org/pkgsrc/rev/ec5f9da10083
branches: trunk
changeset: 328315:ec5f9da10083
user: schmonz <schmonz%pkgsrc.org@localhost>
date: Fri Jan 18 18:18:38 2019 +0000
description:
Previous attempt at sensible default ciphers was insufficiently
interoperable. Use Postfix's `tls_medium_cipherlist` instead. Bump
PKGREVISION.
diffstat:
net/ucspi-ssl/Makefile | 9 +++++----
1 files changed, 5 insertions(+), 4 deletions(-)
diffs (28 lines):
diff -r 1f9669f023aa -r ec5f9da10083 net/ucspi-ssl/Makefile
--- a/net/ucspi-ssl/Makefile Fri Jan 18 18:08:12 2019 +0000
+++ b/net/ucspi-ssl/Makefile Fri Jan 18 18:18:38 2019 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.27 2019/01/17 18:41:52 schmonz Exp $
+# $NetBSD: Makefile,v 1.28 2019/01/18 18:18:38 schmonz Exp $
#
DISTNAME= ucspi-ssl-0.10.7
PKGNAME= ${DISTNAME:S/-0./-0.999./}
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= net
MASTER_SITES= https://www.fehcom.de/ipnet/ucspi-ssl/
EXTRACT_SUFX= .tgz
@@ -51,9 +51,10 @@
${ECHO} > conf-ssl; \
${ECHO} ${SSLDIR}/certs > conf-cadir; \
${ECHO} ${PKG_SYSCONFDIR}/dh1024.pem > conf-dhfile; \
- ${ECHO} ${DEFAULT_CIPHERS} > conf-ciphers;
+ ${ECHO} ${DEFAULT_MEDIUM_CIPHERS} > conf-ciphers;
-DEFAULT_CIPHERS=
EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
+# from `postconf -d | grep tls_medium_cipherlist`
+DEFAULT_MEDIUM_CIPHERS= aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH
.include "../../mk/bsd.prefs.mk"
Home |
Main Index |
Thread Index |
Old Index