openSUSE Build Service

Petr Gajdos (pgajdos) accepted request 353204 from

Petr Gajdos (pgajdos) over 8 years ago (revision 20)

- %check: access syntax depends on %{apache_branch}

buildservice-autocommit accepted request 349345 from

Kristyna Streitova (kstreitova) over 8 years ago (revision 19)

auto commit by copy to link target

Kristyna Streitova (kstreitova) accepted request 348386 from

Petr Gajdos (pgajdos) over 8 years ago (revision 18)

- %{apache_branch} converted to number

buildservice-autocommit accepted request 339934 from

Vítězslav Čížek (vitezslav_cizek) over 8 years ago (revision 17)

auto commit by copy to link target

Vítězslav Čížek (vitezslav_cizek) accepted request 338807 from

Petr Gajdos (pgajdos) over 8 years ago (revision 16)

Yeah I know apache_branch as string is awful, we will need to convert it to a number soon.

Vítězslav Čížek (vitezslav_cizek) accepted request 335936 from

Petr Gajdos (pgajdos) over 8 years ago (revision 15)

- test module with %apache_test_module_curl

Petr Gajdos (pgajdos) accepted request 335921 from

Vítězslav Čížek (vitezslav_cizek) over 8 years ago (revision 14)

- unified ciphers with SLE-12
  * modified patches:
    mod_nss-cipherlist_update_for_tls12-doc.diff
    mod_nss-cipherlist_update_for_tls12.diff
    update-ciphers.patch

- send TLS server name extension on proxy connections (bsc#933832)
  * added mod_nss-reverse_proxy_send_SNI.patch
- updates to the SNI code (from Stanislav Tokos):
  update update-ciphers.patch
  (bsc#928039)
  merge changes from the mod_nss-SNI_support.patch to:
  0001-SNI-check-with-NameVirtualHosts.patch
  (bnc#927402)
  abstract hash for NSSNickname and ServerName, add ServerAliases and Wild
  Cards for vhost
  (bsc#927402, bsc#928039, bsc#930922)
  replace SSL_SNI_SEND_ALERT by nss_die (cleaner solution for virtual hosts)
  (bsc#930186)
  add alert about permission on the certificate database
  (bsc#933265)

buildservice-autocommit accepted request 317184 from

Kristyna Streitova (kstreitova) almost 9 years ago (revision 13)

auto commit by copy to link target

Kristyna Streitova (kstreitova) accepted request 317129 from

Petr Gajdos (pgajdos) almost 9 years ago (revision 12)

require %{apache_suse_maintenance_mmn}

buildservice-autocommit accepted request 307757 from

Kristyna Streitova (kstreitova) about 9 years ago (revision 11)

auto commit by copy to link target

Kristyna Streitova (kstreitova) accepted request 307739 from

Howard Guo (guohouzuo) about 9 years ago (revision 10)

In previous submission I incorrectly removed the entire line "Include ...mod_nss.d/*.conf".

buildservice-autocommit accepted request 305824 from

Cristian Rodríguez (elvigia) about 9 years ago (revision 9)

auto commit by copy to link target

Cristian Rodríguez (elvigia) accepted request 305767 from

Kristyna Streitova (kstreitova) about 9 years ago (revision 8)

- change of url and source address

buildservice-autocommit accepted request 294910 from

Kristyna Streitova (kstreitova) about 9 years ago (revision 7)

auto commit by copy to link target

Kristyna Streitova (kstreitova) accepted request 293916 from

Kristyna Streitova (kstreitova) about 9 years ago (revision 6)

- remove "ecdhe_rsa_aes_256_sha256" cipher from the mod_nss.conf.in
  file as this cipher is not supported and it was listed here
  incorrectly [bnc#921182]

buildservice-autocommit accepted request 289610 from

Cristian Rodríguez (elvigia) about 9 years ago (revision 5)

auto commit by copy to link target

Cristian Rodríguez (elvigia) accepted request 288636 from

Kristyna Streitova (kstreitova) about 9 years ago (revision 4)

- add mod_nss-SNI_support.patch that brings Server Name Indication
  support that allows to have multiple HTTPS websites with multiple
  certificates on the same IP address and port.
  [fate#318331], [bnc#897712]

Kristyna Streitova (kstreitova) accepted request 261220 from

Kristyna Streitova (kstreitova) over 9 years ago (revision 3)

- bnc#902068: added mod_nss-add_support_for_enabling_TLS_v1.2.patch
  that adding small fixes for support of TLS v1.2 

- bnc#897712: added mod_nss-compare_subject_CN_and_VS_hostname.patch
  that compare CN and VS hostname (use NSS library). Removed
  following patches:
  * mod_nss-SNI-checks.patch
  * mod_nss-SNI-callback.patch 

- mod_nss-cipherlist_update_for_tls12-doc.diff,
  mod_nss-cipherlist_update_for_tls12.diff,
  mod_nss.conf.in: Added more TLS 1.2 ciphers, the CBC with SHA256.

Kristyna Streitova (kstreitova) committed over 9 years ago (revision 2)

Roman Drahtmueller (draht) committed almost 10 years ago (revision 1)

- mod_nss-bnc863518-reopen_dev_tty.diff: close(0) and 
  open("/dev/tty", ...) to make sure that stdin can be read from.
  startproc may inherit wrongly opened file descriptors to httpd.
  (Note: An analogous fix exists in startproc(8), too.)
  [bnc#863518]
- VirtualHost part in /etc/apache2/conf.d/mod_nss.conf is now
  externalized to /etc/apache2/conf.d/vhost-nss.template and not
  activated/read by default. [bnc#878681]
- NSSCipherSuite update following additional ciphers of Feb 18
  change. [bnc#878681]

- mod_nss-SNI-callback.patch, mod_nss-SNI-checks.patch:
  server side SNI was not implemented when mod_nss was made;
  patches implement SNI with checks if SNI provided hostname
  equals Host: field in http request header.

- mod_nss-cipherlist_update_for_tls12-doc.diff
  mod_nss-cipherlist_update_for_tls12.diff
  GCM mode and Camellia ciphers added to the supported ciphers list.
  The additional ciphers are: 
  rsa_aes_128_gcm_sha == TLS_RSA_WITH_AES_128_GCM_SHA256
  rsa_camellia_128_sha == TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
  rsa_camellia_256_sha == TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
  ecdh_ecdsa_aes_128_gcm_sha == TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
  ecdhe_ecdsa_aes_128_gcm_sha == TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  ecdh_rsa_aes_128_gcm_sha == TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
  ecdhe_rsa_aes_128_gcm_sha == TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  [bnc#863035]

- mod_nss-CVE-2013-4566-NSSVerifyClient.diff fixes CVE-2013-4566:

Browse Source

Places

Revisions of apache2-mod_nss

Places