diff options
Diffstat (limited to 'zabbix-crypto-policy.patch')
| -rw-r--r-- | zabbix-crypto-policy.patch | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/zabbix-crypto-policy.patch b/zabbix-crypto-policy.patch index 8a157ce..4f9f49a 100644 --- a/zabbix-crypto-policy.patch +++ b/zabbix-crypto-policy.patch @@ -1,7 +1,21 @@ -diff -up zabbix-5.0.2/src/libs/zbxcrypto/tls.c.crypto-policy zabbix-5.0.2/src/libs/zbxcrypto/tls.c ---- zabbix-5.0.2/src/libs/zbxcrypto/tls.c.crypto-policy 2020-07-06 03:54:32.000000000 -0600 -+++ zabbix-5.0.2/src/libs/zbxcrypto/tls.c 2020-07-18 21:22:13.125099598 -0600 -@@ -2932,7 +2932,7 @@ void zbx_tls_init_child(void) +diff --git a/src/go/pkg/tls/tls.go b/src/go/pkg/tls/tls.go +index b7ddff4..063eb02 100644 +--- a/src/go/pkg/tls/tls.go ++++ b/src/go/pkg/tls/tls.go +@@ -406,6 +406,8 @@ static void *tls_new_context(const char *ca_file, const char *crl_file, const ch + #endif + if (NULL != cipher) + ciphers = cipher; ++ else ++ ciphers = "PROFILE=SYSTEM"; + + if (1 != SSL_CTX_set_cipher_list(ctx, ciphers)) + goto out; +diff --git a/src/libs/zbxcomms/tls_openssl.c b/src/libs/zbxcomms/tls_openssl.c +index 40394a3..b2eb0f0 100644 +--- a/src/libs/zbxcomms/tls_openssl.c ++++ b/src/libs/zbxcomms/tls_openssl.c +@@ -1212,7 +1212,7 @@ void zbx_tls_init_child(const zbx_config_tls_t *config_tls, zbx_get_program_type goto out; } } @@ -10,7 +24,7 @@ diff -up zabbix-5.0.2/src/libs/zbxcrypto/tls.c.crypto-policy zabbix-5.0.2/src/li { zbx_snprintf_alloc(&error, &error_alloc, &error_offset, "cannot set list of certificate" " ciphersuites:"); -@@ -3014,7 +3014,7 @@ void zbx_tls_init_child(void) +@@ -1302,7 +1302,7 @@ void zbx_tls_init_child(const zbx_config_tls_t *config_tls, zbx_get_program_type goto out; } } @@ -19,7 +33,7 @@ diff -up zabbix-5.0.2/src/libs/zbxcrypto/tls.c.crypto-policy zabbix-5.0.2/src/li { zbx_snprintf_alloc(&error, &error_alloc, &error_offset, "cannot set list of PSK ciphersuites:"); goto out; -@@ -3070,7 +3070,7 @@ void zbx_tls_init_child(void) +@@ -1360,7 +1360,7 @@ void zbx_tls_init_child(const zbx_config_tls_t *config_tls, zbx_get_program_type goto out; } } |