commit apache2-mod_nss for openSUSE:Factory
Hello community, here is the log from the commit of package apache2-mod_nss for openSUSE:Factory checked in at 2014-08-25 11:03:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apache2-mod_nss (Old) and /work/SRC/openSUSE:Factory/.apache2-mod_nss.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "apache2-mod_nss" Changes: -------- --- /work/SRC/openSUSE:Factory/apache2-mod_nss/apache2-mod_nss.changes 2014-07-27 18:47:32.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.apache2-mod_nss.new/apache2-mod_nss.changes 2014-08-25 11:05:02.000000000 +0200 @@ -1,0 +2,7 @@ +Thu Aug 21 07:50:57 UTC 2014 - meissner@suse.com + +- mod_nss-cipherlist_update_for_tls12-doc.diff, + mod_nss-cipherlist_update_for_tls12.diff, + mod_nss.conf.in: Added more TLS 1.2 ciphers, the CBC with SHA256. + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mod_nss-cipherlist_update_for_tls12-doc.diff ++++++ --- /var/tmp/diff_new_pack.B2WRIL/_old 2014-08-25 11:05:04.000000000 +0200 +++ /var/tmp/diff_new_pack.B2WRIL/_new 2014-08-25 11:05:04.000000000 +0200 @@ -1,7 +1,7 @@ diff -rNU 50 ../mod_nss-1.0.8-o/docs/mod_nss.html ./docs/mod_nss.html --- ../mod_nss-1.0.8-o/docs/mod_nss.html 2014-02-18 16:30:19.000000000 +0100 +++ ./docs/mod_nss.html 2014-02-18 16:48:18.000000000 +0100 -@@ -632,100 +632,121 @@ +@@ -632,100 +632,135 @@ </td> <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> @@ -53,11 +53,18 @@ <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> + <tr> ++ <td style="vertical-align: top;">rsa_aes_128_sha256<br> ++ </td> ++ <td style="vertical-align: top;">TLS_RSA_WITH_AES_128_CBC_SHA256<br> ++ </td> ++ <td style="vertical-align: top;">TLSv1.2</td> ++ </tr> ++ <tr> + <td style="vertical-align: top;">rsa_aes_128_gcm_sha<br> + </td> + <td style="vertical-align: top;">TLS_RSA_WITH_AES_128_GCM_SHA256<br> + </td> -+ <td style="vertical-align: top;">TLSv1.0/TLSv1.1/TLSv1.2</td> ++ <td style="vertical-align: top;">TLSv1.2</td> + </tr> + <tr> + <td style="vertical-align: top;">rsa_camellia_128_sha<br> @@ -73,6 +80,13 @@ + </td> + <td style="vertical-align: top;">TLSv1.0/TLSv1.1/TLSv1.2</td> + </tr> ++ <tr> ++ <td style="vertical-align: top;">rsa_aes_256_sha256<br> ++ </td> ++ <td style="vertical-align: top;">TLS_RSA_WITH_AES_256_CBC_SHA256<br> ++ </td> ++ <td style="vertical-align: top;">TLSv1.2</td> ++ </tr> </tbody> </table> <br> @@ -123,7 +137,7 @@ <td>ecdhe_ecdsa_rc4_128_sha</td> <td>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> -@@ -773,100 +794,120 @@ +@@ -773,100 +794,130 @@ <tr> <td>echde_rsa_null</td> <td>TLS_ECDHE_RSA_WITH_NULL_SHA</td> @@ -175,6 +189,16 @@ <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> + <tr> ++ <td>ecdh_ecdsa_aes_128_sha256</td> ++ <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256</td> ++ <td>TLSv1.2</td> ++ </tr> ++ <tr> ++ <td>ecdh_rsa_aes_128_sha256</td> ++ <td>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256</td> ++ <td>TLSv1.2</td> ++ </tr> ++ <tr> + <td>ecdh_ecdsa_aes_128_gcm_sha</td> + <td>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</td> + <td>TLSv1.0/TLSv1.1/TLSv1.2</td> ++++++ mod_nss-cipherlist_update_for_tls12.diff ++++++ --- /var/tmp/diff_new_pack.B2WRIL/_old 2014-08-25 11:05:04.000000000 +0200 +++ /var/tmp/diff_new_pack.B2WRIL/_new 2014-08-25 11:05:04.000000000 +0200 @@ -53,10 +53,10 @@ /* the table itself is defined in nss_engine_init.c */ #ifdef NSS_ENABLE_ECC -#define ciphernum 48 -+#define ciphernum 55 ++#define ciphernum 59 #else -#define ciphernum 23 -+#define ciphernum 26 ++#define ciphernum 28 #endif /* @@ -110,7 +110,7 @@ diff -rNU 50 ../mod_nss-1.0.8-o/nss_engine_init.c ./nss_engine_init.c --- ../mod_nss-1.0.8-o/nss_engine_init.c 2014-02-18 16:30:19.000000000 +0100 +++ ./nss_engine_init.c 2014-02-18 16:30:51.000000000 +0100 -@@ -15,122 +15,130 @@ +@@ -15,122 +15,134 @@ #include "mod_nss.h" #include "apr_thread_proc.h" @@ -161,9 +161,11 @@ {"rsa_rc4_56_sha", TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, 0, SSL3 | TLS}, /* AES ciphers.*/ {"rsa_aes_128_sha", TLS_RSA_WITH_AES_128_CBC_SHA, 0, SSL3 | TLS}, ++ {"rsa_aes_128_sha256", TLS_RSA_WITH_AES_128_CBC_SHA256, 0, TLS}, + {"rsa_aes_128_gcm_sha", TLS_RSA_WITH_AES_128_GCM_SHA256, 0, TLS}, + {"rsa_camellia_128_sha", TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, 0, TLS}, {"rsa_aes_256_sha", TLS_RSA_WITH_AES_256_CBC_SHA, 0, SSL3 | TLS}, ++ {"rsa_aes_256_sha256", TLS_RSA_WITH_AES_256_CBC_SHA256, 0, TLS}, + {"rsa_camellia_256_sha", TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, 0, TLS}, + #ifdef NSS_ENABLE_ECC @@ -178,6 +180,7 @@ {"ecdhe_ecdsa_rc4_128_sha", TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 0, TLS}, {"ecdhe_ecdsa_3des_sha", TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, 0, TLS}, {"ecdhe_ecdsa_aes_128_sha", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 0, TLS}, ++ {"ecdhe_ecdsa_aes_128_sha256", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 0, TLS}, + {"ecdhe_ecdsa_aes_128_gcm_sha", TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0, TLS}, {"ecdhe_ecdsa_aes_256_sha", TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 0, TLS}, {"ecdh_rsa_null_sha", TLS_ECDH_RSA_WITH_NULL_SHA, 0, TLS}, @@ -190,6 +193,7 @@ {"ecdhe_rsa_rc4_128_sha", TLS_ECDHE_RSA_WITH_RC4_128_SHA, 0, TLS}, {"ecdhe_rsa_3des_sha", TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 0, TLS}, {"ecdhe_rsa_aes_128_sha", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 0, TLS}, ++ {"ecdhe_rsa_aes_128_sha256", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 0, TLS}, + {"ecdhe_rsa_aes_128_gcm_sha", TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0, TLS}, {"ecdhe_rsa_aes_256_sha", TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 0, TLS}, {"ecdh_anon_null_sha", TLS_ECDH_anon_WITH_NULL_SHA, 0, TLS}, ++++++ mod_nss.conf.in ++++++ --- /var/tmp/diff_new_pack.B2WRIL/_old 2014-08-25 11:05:04.000000000 +0200 +++ /var/tmp/diff_new_pack.B2WRIL/_new 2014-08-25 11:05:04.000000000 +0200 @@ -216,7 +216,7 @@ # * no rc4, no 3des, no des # * ephemeral is what you want (PFS). # * EC has precedence over RSA -NSSCipherSuite +ecdhe_ecdsa_aes_128_gcm_sha,+ecdh_ecdsa_aes_128_gcm_sha,+ecdhe_rsa_aes_256_sha,+ecdh_rsa_aes_256_sha,+ecdhe_rsa_aes_128_gcm_sha,+ecdh_rsa_aes_128_gcm_sha,+ecdhe_rsa_aes_128_sha,+ecdh_rsa_aes_128_sha,+rsa_aes_128_gcm_sha,+rsa_aes_256_sha,+rsa_aes_128_sha +NSSCipherSuite +ecdhe_ecdsa_aes_128_gcm_sha,+ecdh_ecdsa_aes_128_gcm_sha,+ecdhe_rsa_aes_256_sha,+ecdh_rsa_aes_256_sha,+ecdhe_rsa_aes_128_gcm_sha,+ecdh_rsa_aes_128_gcm_sha,+ecdhe_rsa_aes_128_sha,+ecdh_rsa_aes_128_sha,+rsa_aes_128_gcm_sha,+rsa_aes_256_sha,+rsa_aes_128_sha,+rsa_aes_128_sha256,+ecdhe_rsa_aes_256_sha256,+rsa_aes_256_sha256,+ecdhe_rsa_aes_256_sha256 # SSL Protocol: # Cryptographic protocols that provide communication security. -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@hilbert.suse.de