Showing with 15 additions and 3 deletions.
  1. +8 −0 CHANGELOG.md
  2. +4 −2 manifests/init.pp
  3. +2 −0 manifests/params.pp
  4. +1 −1 metadata.json
8 changes: 8 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
# Changelog

## [17.1.0](https://github.com/theforeman/puppet-puppet/tree/17.1.0) (2023-06-19)

[Full Changelog](https://github.com/theforeman/puppet-puppet/compare/17.0.0...17.1.0)

**Implemented enhancements:**

- Add TLS1.3 ciphers to default server\_cipher\_suites [\#878](https://github.com/theforeman/puppet-puppet/pull/878) ([alexjfisher](https://github.com/alexjfisher))

## [17.0.0](https://github.com/theforeman/puppet-puppet/tree/17.0.0) (2023-05-16)

[Full Changelog](https://github.com/theforeman/puppet-puppet/compare/16.5.0...17.0.0)
Expand Down
6 changes: 4 additions & 2 deletions manifests/init.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -400,8 +400,10 @@
# Defaults to "${ssl_dir}/ca/ca_crt.pem"
#
# $server_cipher_suites:: List of SSL ciphers to use in negotiation
# Defaults to [ 'TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_256_CBC_SHA',
# 'TLS_RSA_WITH_AES_128_CBC_SHA256', 'TLS_RSA_WITH_AES_128_CBC_SHA', ]
# Defaults to ['TLS_AES_128_GCM_SHA256', 'TLS_AES_256_GCM_SHA384',
# 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256', 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384',
# 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256', 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384',
# 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256', 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384']
#
# $server_ruby_load_paths:: List of ruby paths
#
Expand Down
2 changes: 2 additions & 0 deletions manifests/params.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -386,6 +386,8 @@
$server_admin_api_whitelist = ['localhost', $lower_fqdn]
$server_ca_client_whitelist = ['localhost', $lower_fqdn]
$server_cipher_suites = [
'TLS_AES_128_GCM_SHA256',
'TLS_AES_256_GCM_SHA384',
'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256',
'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384',
'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256',
Expand Down
2 changes: 1 addition & 1 deletion metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "theforeman-puppet",
"version": "17.0.0",
"version": "17.1.0",
"author": "theforeman",
"summary": "Puppet agent and server configuration",
"license": "GPL-3.0+",
Expand Down