Skip to content

Commit

Permalink
Merge pull request #1650 from wdpypere/httpd
Browse files Browse the repository at this point in the history 
ncm-metaconfig: httpd - add missing cipher and sslopensslconfcmd
  • Loading branch information
@jrha
jrha committed Feb 13, 2024
2 parents 767c1b3 + 56f8b74 commit 4eb9610
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions ncm-metaconfig/src/main/metaconfig/httpd/pan/schema.pan
View file
Expand Up @@ -7,10 +7,11 @@ include 'components/accounts/functions';
type httpd_sslprotocol = choice("all", "-SSLv3", "-TLSv1", "TLSv1", "-TLSv1.1", "TLSv1.1", "TLSv1.2", "TLSv1.3");

type httpd_ciphersuite = choice("TLSv1", "ECDHE-ECDSA-CHACHA20-POLY1305", "ECDHE-RSA-CHACHA20-POLY1305",
"ECDHE-ECDSA-AES128-GCM-SHA256", "ECDHE-RSA-AES128-GCM-SHA256", "ECDHE-ECDSA-AES256-GCM-SHA384",
"ECDHE-RSA-AES256-GCM-SHA384", "DHE-RSA-AES128-GCM-SHA256", "DHE-RSA-AES256-GCM-SHA384",
"ECDHE-ECDSA-AES128-SHA256", "ECDHE-RSA-AES128-SHA256", "ECDHE-ECDSA-AES128-SHA", "ECDHE-RSA-AES256-SHA384",
"ECDHE-RSA-AES128-SHA", "ECDHE-ECDSA-AES256-SHA384", "ECDHE-ECDSA-AES256-SHA", "ECDHE-RSA-AES256-SHA",
"DHE-RSA-CHACHA20-POLY1305", "ECDHE-ECDSA-AES128-GCM-SHA256", "ECDHE-RSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-AES256-GCM-SHA384", "ECDHE-RSA-AES256-GCM-SHA384", "DHE-RSA-AES128-GCM-SHA256",
"DHE-RSA-AES256-GCM-SHA384", "ECDHE-ECDSA-AES128-SHA256", "ECDHE-RSA-AES128-SHA256",
"ECDHE-ECDSA-AES128-SHA", "ECDHE-RSA-AES256-SHA384", "ECDHE-RSA-AES128-SHA",
"ECDHE-ECDSA-AES256-SHA384", "ECDHE-ECDSA-AES256-SHA", "ECDHE-RSA-AES256-SHA",
"DHE-RSA-AES128-SHA256", "DHE-RSA-AES128-SHA", "DHE-RSA-AES256-SHA256", "DHE-RSA-AES256-SHA",
"ECDHE-ECDSA-DES-CBC3-SHA", "ECDHE-RSA-DES-CBC3-SHA", "EDH-RSA-DES-CBC3-SHA", "AES128-GCM-SHA256",
"AES256-GCM-SHA384", "AES128-SHA256", "AES256-SHA256", "AES128-SHA", "AES256-SHA", "DES-CBC3-SHA", "!RC4",
Expand Down Expand Up @@ -233,6 +234,7 @@ type httpd_ssl_global = {
"staplingrespondertimeout" ? long
"staplingreturnrespondererrors" ? string with match(SELF, '^(on|off)$')
"staplingcache" ? string with match(SELF, '^shmcb:/var/run/ocsp\([0-9]+\)$')
"opensslconfcmd" ? string
};

type httpd_ssl_nss_vhost = {
Expand Down

0 comments on commit 4eb9610

Please sign in to comment.