[CalendarServer-changes] [13919] CalendarServer/trunk

source_changes at macosforge.org source_changes at macosforge.org
Tue Aug 26 13:03:59 PDT 2014 

Revision: 13919
          http://trac.calendarserver.org//changeset/13919
Author:   cdaboo at apple.com
Date:     2014-08-26 13:03:59 -0700 (Tue, 26 Aug 2014)
Log Message:
-----------
Enhance TLS security.

Modified Paths:
--------------
    CalendarServer/trunk/requirements-stable.txt
    CalendarServer/trunk/twistedcaldav/stdconfig.py

Modified: CalendarServer/trunk/requirements-stable.txt
===================================================================
--- CalendarServer/trunk/requirements-stable.txt	2014-08-26 20:02:30 UTC (rev 13918)
+++ CalendarServer/trunk/requirements-stable.txt	2014-08-26 20:03:59 UTC (rev 13919)
@@ -5,7 +5,7 @@
 # For CalendarServer development, don't try to get these projects from PyPI; use svn.
 
 -e .
--e svn+http://svn.calendarserver.org/repository/calendarserver/twext/trunk@13911#egg=twextpy
+-e svn+http://svn.calendarserver.org/repository/calendarserver/twext/trunk@13918#egg=twextpy
 -e svn+http://svn.calendarserver.org/repository/calendarserver/PyKerberos/trunk@13420#egg=kerberos
 -e svn+http://svn.calendarserver.org/repository/calendarserver/PyCalendar/trunk@13802#egg=pycalendar
 

Modified: CalendarServer/trunk/twistedcaldav/stdconfig.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/stdconfig.py	2014-08-26 20:02:30 UTC (rev 13918)
+++ CalendarServer/trunk/twistedcaldav/stdconfig.py	2014-08-26 20:03:59 UTC (rev 13919)
@@ -155,8 +155,8 @@
     "SSLPort": 0, # SSL port (0 to disable HTTPS)
     "EnableSSL": False, # Whether to listen on SSL port(s)
     "RedirectHTTPToHTTPS": False, # If True, all nonSSL requests redirected to an SSL Port
-    "SSLMethod": "SSLv3_METHOD", # SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, TLSv1_METHOD
-    "SSLCiphers": "ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM",
+    "SSLMethod": "SSLv23_METHOD", # SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, TLSv1_METHOD
+    "SSLCiphers": "RC4-SHA:HIGH:!ADH",
 
     # Max-age value for Strict-Transport-Security header; set to 0 to
     # disable header.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20140826/50a89fca/attachment.html>

More information about the calendarserver-changes mailing list