maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

disable tlsv1.1 for ssl settings

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2016-10-31 11:17:56 +01:00
parent a44be363a6
commit 76c200a56c
3 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
View File

@@ -210,7 +210,9 @@ class lighttpd extends HttpConfigBase
echo $ip . ':' . $port . ' :: certificate file "' . $domain['ssl_cert_file'] . '" does not exist! Cannot create SSL-directives' . "\n";
} else {
$this->lighttpd_data[$vhost_filename] .= 'ssl.engine = "enable"' . "\n";
$this->lighttpd_data[$vhost_filename] .= 'ssl.use-compression = "disable"' . "\n";
$this->lighttpd_data[$vhost_filename] .= 'ssl.use-sslv2 = "disable"' . "\n";
$this->lighttpd_data[$vhost_filename] .= 'ssl.use-sslv3 = "disable"' . "\n";
$this->lighttpd_data[$vhost_filename] .= 'ssl.cipher-list = "' . Settings::Get('system.ssl_cipher_list') . '"' . "\n";
$this->lighttpd_data[$vhost_filename] .= 'ssl.honor-cipher-order = "enable"' . "\n";
$this->lighttpd_data[$vhost_filename] .= 'ssl.pemfile = "' . makeCorrectFile($domain['ssl_cert_file']) . '"' . "\n";
@@ -517,7 +519,9 @@ class lighttpd extends HttpConfigBase
if ($domain['ssl_cert_file'] != '') {
$ssl_settings .= 'ssl.engine = "enable"' . "\n";
$ssl_settings .= 'ssl.use-compression = "disable"' . "\n";
$ssl_settings .= 'ssl.use-sslv2 = "disable"' . "\n";
$ssl_settings .= 'ssl.use-sslv3 = "disable"' . "\n";
$ssl_settings .= 'ssl.cipher-list = "' . Settings::Get('system.ssl_cipher_list') . '"' . "\n";
$ssl_settings .= 'ssl.honor-cipher-order = "enable"' . "\n";
$ssl_settings .= 'ssl.pemfile = "' . makeCorrectFile($domain['ssl_cert_file']) . '"' . "\n";