[Fusionforge-commits] r10203 - in trunk/src/etc: httpd.conf.d httpd.conf.d-fhs httpd.conf.d-opt httpd.conf.d-usrlocal

Roland Mas lolando at libremir.placard.fr.eu.org
Thu Jul 8 10:54:39 CEST 2010


Author: lolando
Date: 2010-07-08 10:54:39 +0200 (Thu, 08 Jul 2010)
New Revision: 10203

Added:
   trunk/src/etc/httpd.conf.d-fhs/ssl-on.inc
   trunk/src/etc/httpd.conf.d-fhs/ssl-really-on.inc
   trunk/src/etc/httpd.conf.d-opt/ssl-on.inc
   trunk/src/etc/httpd.conf.d-opt/ssl-really-on.inc
   trunk/src/etc/httpd.conf.d-usrlocal/ssl-on.inc
   trunk/src/etc/httpd.conf.d-usrlocal/ssl-really-on.inc
   trunk/src/etc/httpd.conf.d/ssl-on.inc
   trunk/src/etc/httpd.conf.d/ssl-really-on.inc
Removed:
   trunk/src/etc/httpd.conf.d-fhs/ssl-on.inc
   trunk/src/etc/httpd.conf.d-opt/ssl-on.inc
   trunk/src/etc/httpd.conf.d-usrlocal/ssl-on.inc
   trunk/src/etc/httpd.conf.d/ssl-on.inc
Modified:
   trunk/src/etc/httpd.conf.d-fhs/20-vhosts-lists.conf
Log:
Turn SSL off by default, with a single file edit needed for turning it on

Deleted: trunk/src/etc/httpd.conf.d/ssl-on.inc
===================================================================
--- trunk/src/etc/httpd.conf.d/ssl-on.inc	2010-07-08 08:35:33 UTC (rev 10202)
+++ trunk/src/etc/httpd.conf.d/ssl-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -1,23 +0,0 @@
-<IfModule mod_ssl.c>
-  SSLEngine on
-  
-  SSLCertificateFile {core/config_path}/ssl-cert.pem
-  SSLCertificateKeyFile {core/config_path}/ssl-cert.key
-  # Add extra SSL configuration (e.g. SSLCACertificatePath) here
-  
-  <Files ~ "\.(cgi|shtml)$">
-    SSLOptions +StdEnvVars
-  </Files>
-  
-  <Directory "/usr/lib/cgi-bin">
-    SSLOptions +StdEnvVars
-  </Directory>
-  
-  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-</IfModule>
-
-<IfModule apache_ssl.c>
-  SSLEnable
-  
-  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-</IfModule>

Added: trunk/src/etc/httpd.conf.d/ssl-on.inc
===================================================================
--- trunk/src/etc/httpd.conf.d/ssl-on.inc	                        (rev 0)
+++ trunk/src/etc/httpd.conf.d/ssl-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -0,0 +1,7 @@
+# SSL is off by default to not provide a false sense of security
+# If/when you have a real SSL certificate, uncomment the "really-on" line and 
+# comment out the "off" line.
+
+Include {core/config_path}/httpd.conf.d/ssl-off.inc
+# Include {core/config_path}/httpd.conf.d/ssl-really-on.inc
+

Copied: trunk/src/etc/httpd.conf.d/ssl-really-on.inc (from rev 10202, trunk/src/etc/httpd.conf.d/ssl-on.inc)
===================================================================
--- trunk/src/etc/httpd.conf.d/ssl-really-on.inc	                        (rev 0)
+++ trunk/src/etc/httpd.conf.d/ssl-really-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -0,0 +1,23 @@
+<IfModule mod_ssl.c>
+  SSLEngine on
+  
+  SSLCertificateFile {core/config_path}/ssl-cert.pem
+  SSLCertificateKeyFile {core/config_path}/ssl-cert.key
+  # Add extra SSL configuration (e.g. SSLCACertificatePath) here
+  
+  <Files ~ "\.(cgi|shtml)$">
+    SSLOptions +StdEnvVars
+  </Files>
+  
+  <Directory "/usr/lib/cgi-bin">
+    SSLOptions +StdEnvVars
+  </Directory>
+  
+  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>
+
+<IfModule apache_ssl.c>
+  SSLEnable
+  
+  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>

Modified: trunk/src/etc/httpd.conf.d-fhs/20-vhosts-lists.conf
===================================================================
--- trunk/src/etc/httpd.conf.d-fhs/20-vhosts-lists.conf	2010-07-08 08:35:33 UTC (rev 10202)
+++ trunk/src/etc/httpd.conf.d-fhs/20-vhosts-lists.conf	2010-07-08 08:54:39 UTC (rev 10203)
@@ -15,7 +15,7 @@
 <VirtualHost *:443>
   Include /etc/gforge/httpd.conf.d/vhost-list.inc
   Include /etc/gforge/httpd.conf.d/plugin-mailman.inc
-
+  
   RewriteEngine on  
   RewriteRule ^/$ https://%{HTTP_HOST}/cgi-bin/mailman/listinfo [R=301]
   

Deleted: trunk/src/etc/httpd.conf.d-fhs/ssl-on.inc
===================================================================
--- trunk/src/etc/httpd.conf.d-fhs/ssl-on.inc	2010-07-08 08:35:33 UTC (rev 10202)
+++ trunk/src/etc/httpd.conf.d-fhs/ssl-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -1,23 +0,0 @@
-<IfModule mod_ssl.c>
-  SSLEngine on
-  
-  SSLCertificateFile /etc/gforge/ssl-cert.pem
-  SSLCertificateKeyFile /etc/gforge/ssl-cert.key
-  # Add extra SSL configuration (e.g. SSLCACertificatePath) here
-  
-  <Files ~ "\.(cgi|shtml)$">
-    SSLOptions +StdEnvVars
-  </Files>
-  
-  <Directory "/usr/lib/cgi-bin">
-    SSLOptions +StdEnvVars
-  </Directory>
-  
-  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-</IfModule>
-
-<IfModule apache_ssl.c>
-  SSLEnable
-  
-  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-</IfModule>

Added: trunk/src/etc/httpd.conf.d-fhs/ssl-on.inc
===================================================================
--- trunk/src/etc/httpd.conf.d-fhs/ssl-on.inc	                        (rev 0)
+++ trunk/src/etc/httpd.conf.d-fhs/ssl-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -0,0 +1,7 @@
+# SSL is off by default to not provide a false sense of security
+# If/when you have a real SSL certificate, uncomment the "really-on" line and 
+# comment out the "off" line.
+
+Include /etc/gforge/httpd.conf.d/ssl-off.inc
+# Include /etc/gforge/httpd.conf.d/ssl-really-on.inc
+

Copied: trunk/src/etc/httpd.conf.d-fhs/ssl-really-on.inc (from rev 10202, trunk/src/etc/httpd.conf.d-fhs/ssl-on.inc)
===================================================================
--- trunk/src/etc/httpd.conf.d-fhs/ssl-really-on.inc	                        (rev 0)
+++ trunk/src/etc/httpd.conf.d-fhs/ssl-really-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -0,0 +1,23 @@
+<IfModule mod_ssl.c>
+  SSLEngine on
+  
+  SSLCertificateFile /etc/gforge/ssl-cert.pem
+  SSLCertificateKeyFile /etc/gforge/ssl-cert.key
+  # Add extra SSL configuration (e.g. SSLCACertificatePath) here
+  
+  <Files ~ "\.(cgi|shtml)$">
+    SSLOptions +StdEnvVars
+  </Files>
+  
+  <Directory "/usr/lib/cgi-bin">
+    SSLOptions +StdEnvVars
+  </Directory>
+  
+  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>
+
+<IfModule apache_ssl.c>
+  SSLEnable
+  
+  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>

Deleted: trunk/src/etc/httpd.conf.d-opt/ssl-on.inc
===================================================================
--- trunk/src/etc/httpd.conf.d-opt/ssl-on.inc	2010-07-08 08:35:33 UTC (rev 10202)
+++ trunk/src/etc/httpd.conf.d-opt/ssl-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -1,23 +0,0 @@
-<IfModule mod_ssl.c>
-  SSLEngine on
-  
-  SSLCertificateFile /etc/gforge/ssl-cert.pem
-  SSLCertificateKeyFile /etc/gforge/ssl-cert.key
-  # Add extra SSL configuration (e.g. SSLCACertificatePath) here
-  
-  <Files ~ "\.(cgi|shtml)$">
-    SSLOptions +StdEnvVars
-  </Files>
-  
-  <Directory "/usr/lib/cgi-bin">
-    SSLOptions +StdEnvVars
-  </Directory>
-  
-  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-</IfModule>
-
-<IfModule apache_ssl.c>
-  SSLEnable
-  
-  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-</IfModule>

Added: trunk/src/etc/httpd.conf.d-opt/ssl-on.inc
===================================================================
--- trunk/src/etc/httpd.conf.d-opt/ssl-on.inc	                        (rev 0)
+++ trunk/src/etc/httpd.conf.d-opt/ssl-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -0,0 +1,7 @@
+# SSL is off by default to not provide a false sense of security
+# If/when you have a real SSL certificate, uncomment the "really-on" line and 
+# comment out the "off" line.
+
+Include /etc/gforge/httpd.conf.d/ssl-off.inc
+# Include /etc/gforge/httpd.conf.d/ssl-really-on.inc
+

Copied: trunk/src/etc/httpd.conf.d-opt/ssl-really-on.inc (from rev 10202, trunk/src/etc/httpd.conf.d-opt/ssl-on.inc)
===================================================================
--- trunk/src/etc/httpd.conf.d-opt/ssl-really-on.inc	                        (rev 0)
+++ trunk/src/etc/httpd.conf.d-opt/ssl-really-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -0,0 +1,23 @@
+<IfModule mod_ssl.c>
+  SSLEngine on
+  
+  SSLCertificateFile /etc/gforge/ssl-cert.pem
+  SSLCertificateKeyFile /etc/gforge/ssl-cert.key
+  # Add extra SSL configuration (e.g. SSLCACertificatePath) here
+  
+  <Files ~ "\.(cgi|shtml)$">
+    SSLOptions +StdEnvVars
+  </Files>
+  
+  <Directory "/usr/lib/cgi-bin">
+    SSLOptions +StdEnvVars
+  </Directory>
+  
+  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>
+
+<IfModule apache_ssl.c>
+  SSLEnable
+  
+  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>

Deleted: trunk/src/etc/httpd.conf.d-usrlocal/ssl-on.inc
===================================================================
--- trunk/src/etc/httpd.conf.d-usrlocal/ssl-on.inc	2010-07-08 08:35:33 UTC (rev 10202)
+++ trunk/src/etc/httpd.conf.d-usrlocal/ssl-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -1,23 +0,0 @@
-<IfModule mod_ssl.c>
-  SSLEngine on
-  
-  SSLCertificateFile /etc/gforge/ssl-cert.pem
-  SSLCertificateKeyFile /etc/gforge/ssl-cert.key
-  # Add extra SSL configuration (e.g. SSLCACertificatePath) here
-  
-  <Files ~ "\.(cgi|shtml)$">
-    SSLOptions +StdEnvVars
-  </Files>
-  
-  <Directory "/usr/lib/cgi-bin">
-    SSLOptions +StdEnvVars
-  </Directory>
-  
-  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-</IfModule>
-
-<IfModule apache_ssl.c>
-  SSLEnable
-  
-  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-</IfModule>

Added: trunk/src/etc/httpd.conf.d-usrlocal/ssl-on.inc
===================================================================
--- trunk/src/etc/httpd.conf.d-usrlocal/ssl-on.inc	                        (rev 0)
+++ trunk/src/etc/httpd.conf.d-usrlocal/ssl-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -0,0 +1,7 @@
+# SSL is off by default to not provide a false sense of security
+# If/when you have a real SSL certificate, uncomment the "really-on" line and 
+# comment out the "off" line.
+
+Include /etc/gforge/httpd.conf.d/ssl-off.inc
+# Include /etc/gforge/httpd.conf.d/ssl-really-on.inc
+

Copied: trunk/src/etc/httpd.conf.d-usrlocal/ssl-really-on.inc (from rev 10202, trunk/src/etc/httpd.conf.d-usrlocal/ssl-on.inc)
===================================================================
--- trunk/src/etc/httpd.conf.d-usrlocal/ssl-really-on.inc	                        (rev 0)
+++ trunk/src/etc/httpd.conf.d-usrlocal/ssl-really-on.inc	2010-07-08 08:54:39 UTC (rev 10203)
@@ -0,0 +1,23 @@
+<IfModule mod_ssl.c>
+  SSLEngine on
+  
+  SSLCertificateFile /etc/gforge/ssl-cert.pem
+  SSLCertificateKeyFile /etc/gforge/ssl-cert.key
+  # Add extra SSL configuration (e.g. SSLCACertificatePath) here
+  
+  <Files ~ "\.(cgi|shtml)$">
+    SSLOptions +StdEnvVars
+  </Files>
+  
+  <Directory "/usr/lib/cgi-bin">
+    SSLOptions +StdEnvVars
+  </Directory>
+  
+  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>
+
+<IfModule apache_ssl.c>
+  SSLEnable
+  
+  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>




More information about the Fusionforge-commits mailing list