From 3d253e28e6a7e88619cef8a31dd39285a154b1b0 Mon Sep 17 00:00:00 2001 From: Gluzskiy Alexandr Date: Sun, 1 Jul 2018 10:14:24 +0300 Subject: synchting-scm added, a bit tricky script, but looks like it working fine --- packages/net-p2p/syncthing/files/tls_params.patch | 28 +++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 packages/net-p2p/syncthing/files/tls_params.patch (limited to 'packages/net-p2p/syncthing/files/tls_params.patch') diff --git a/packages/net-p2p/syncthing/files/tls_params.patch b/packages/net-p2p/syncthing/files/tls_params.patch new file mode 100644 index 0000000..92b79ed --- /dev/null +++ b/packages/net-p2p/syncthing/files/tls_params.patch @@ -0,0 +1,28 @@ +diff --git a/cmd/syncthing/gui.go b/cmd/syncthing/gui.go +index 29fc35b9..8e080237 100644 +--- a/cmd/syncthing/gui.go ++++ b/cmd/syncthing/gui.go +@@ -187,19 +187,14 @@ func (s *apiService) getListener(guiCfg config.GUIConfiguration) (net.Listener, + } + tlsCfg := &tls.Config{ + Certificates: []tls.Certificate{cert}, +- MinVersion: tls.VersionTLS10, // No SSLv3 ++ MinVersion: tls.VersionTLS11, + CipherSuites: []uint16{ + // No RC4 ++ tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, ++ tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, ++ tls.TLS_RSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, +- tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, +- tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, +- tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, +- tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, +- tls.TLS_RSA_WITH_AES_128_CBC_SHA, +- tls.TLS_RSA_WITH_AES_256_CBC_SHA, +- tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, +- tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, + }, + } + -- cgit v1.2.3