From ab245eca0981996a9abe3fac5079675c3c04224c Mon Sep 17 00:00:00 2001 From: Jean-Philippe Pialasse Date: Tue, 31 Dec 2024 03:43:52 -0500 Subject: [PATCH] * Fri Dec 27 2024 Jean-Philippe Pialasse 11.0.0-9.sme - add X-Content-Type-Options nosniff [SME: 12835] - add Strict Transport Security support HSTS [SME: 12815] - add X-Frame-Options SAMEORIGIN Header to prevent clickjacking [SME: 12816] - add referrer-Policy same-origin [SME: 12817] - add OCSP Stapling support [SME: 12819] - add CSP Content-Security-Policy support [SME: 9567] - add .well-known and .well-known/security.txt [SME: 12818] --- createlinks | 16 ++++++++-------- .../{acme-challenge => }/security.txt | 0 .../{acme-challenge => }/security.txt/10contact | 0 .../security.txt/20encryption | 0 .../{acme-challenge => }/security.txt/30expires | 0 .../{acme-challenge => }/security.txt/40language | 0 .../security.txt/template-begin | 0 smeserver-apache.spec | 4 ++-- 8 files changed, 10 insertions(+), 10 deletions(-) rename root/etc/e-smith/templates.metadata/var/www/html/.well-known/{acme-challenge => }/security.txt (100%) rename root/etc/e-smith/templates/var/www/html/.well-known/{acme-challenge => }/security.txt/10contact (100%) rename root/etc/e-smith/templates/var/www/html/.well-known/{acme-challenge => }/security.txt/20encryption (100%) rename root/etc/e-smith/templates/var/www/html/.well-known/{acme-challenge => }/security.txt/30expires (100%) rename root/etc/e-smith/templates/var/www/html/.well-known/{acme-challenge => }/security.txt/40language (100%) rename root/etc/e-smith/templates/var/www/html/.well-known/{acme-challenge => }/security.txt/template-begin (100%) diff --git a/createlinks b/createlinks index c50d485..7aff77d 100755 --- a/createlinks +++ b/createlinks @@ -6,7 +6,7 @@ use esmith::Build::CreateLinks qw(:all); #-------------------------------------------------- my $event = "smeserver-apache-update"; templates2events("/etc/httpd/conf/httpd.conf", $event); -templates2events("/var/www/html/.well-known/acme-challenge/security.txt", $event); +templates2events("/var/www/html/.well-known/security.txt", $event); safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith"); event_link("systemd-reload", $event, "89"); event_link("systemd-default", $event, "88"); @@ -17,7 +17,7 @@ templates2events("/etc/logrotate.d/httpd", $event); #-------------------------------------------------- my $event = "console-save"; -templates2events("/var/www/html/.well-known/acme-challenge/security.txt", $event); +templates2events("/var/www/html/.well-known/security.txt", $event); templates2events("/etc/httpd/conf/httpd.conf", $event); safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith"); @@ -145,7 +145,7 @@ safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-s $event = "remoteaccess-update"; -templates2events("/var/www/html/.well-known/acme-challenge/security.txt", $event); +templates2events("/var/www/html/.well-known/security.txt", $event); templates2events("/etc/httpd/conf/httpd.conf", $event); safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith"); @@ -155,7 +155,7 @@ safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-s $event = "email-update"; -templates2events("/var/www/html/.well-known/acme-challenge/security.txt", $event); +templates2events("/var/www/html/.well-known/security.txt", $event); templates2events("/etc/httpd/conf/httpd.conf", $event); safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith"); @@ -165,7 +165,7 @@ safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-s $event = "logrotate"; -templates2events("/var/www/html/.well-known/acme-challenge/security.txt", $event); +templates2events("/var/www/html/.well-known/security.txt", $event); safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith"); #-------------------------------------------------- @@ -173,7 +173,7 @@ safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-s #-------------------------------------------------- $event = "ssl-update"; -templates2events("/var/www/html/.well-known/acme-challenge/security.txt", $event); +templates2events("/var/www/html/.well-known/security.txt", $event); templates2events("/etc/httpd/conf/httpd.conf", $event); safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith"); @@ -182,7 +182,7 @@ safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-s #-------------------------------------------------- $event = "post-install"; -templates2events("/var/www/html/.well-known/acme-challenge/security.txt", $event); +templates2events("/var/www/html/.well-known/security.txt", $event); templates2events("/etc/logrotate.d/httpd", $event); #-------------------------------------------------- @@ -190,6 +190,6 @@ templates2events("/etc/logrotate.d/httpd", $event); #-------------------------------------------------- $event = "post-upgrade"; -templates2events("/var/www/html/.well-known/acme-challenge/security.txt", $event); +templates2events("/var/www/html/.well-known/security.txt", $event); templates2events("/etc/logrotate.d/httpd", $event); diff --git a/root/etc/e-smith/templates.metadata/var/www/html/.well-known/acme-challenge/security.txt b/root/etc/e-smith/templates.metadata/var/www/html/.well-known/security.txt similarity index 100% rename from root/etc/e-smith/templates.metadata/var/www/html/.well-known/acme-challenge/security.txt rename to root/etc/e-smith/templates.metadata/var/www/html/.well-known/security.txt diff --git a/root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/10contact b/root/etc/e-smith/templates/var/www/html/.well-known/security.txt/10contact similarity index 100% rename from root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/10contact rename to root/etc/e-smith/templates/var/www/html/.well-known/security.txt/10contact diff --git a/root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/20encryption b/root/etc/e-smith/templates/var/www/html/.well-known/security.txt/20encryption similarity index 100% rename from root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/20encryption rename to root/etc/e-smith/templates/var/www/html/.well-known/security.txt/20encryption diff --git a/root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/30expires b/root/etc/e-smith/templates/var/www/html/.well-known/security.txt/30expires similarity index 100% rename from root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/30expires rename to root/etc/e-smith/templates/var/www/html/.well-known/security.txt/30expires diff --git a/root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/40language b/root/etc/e-smith/templates/var/www/html/.well-known/security.txt/40language similarity index 100% rename from root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/40language rename to root/etc/e-smith/templates/var/www/html/.well-known/security.txt/40language diff --git a/root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/template-begin b/root/etc/e-smith/templates/var/www/html/.well-known/security.txt/template-begin similarity index 100% rename from root/etc/e-smith/templates/var/www/html/.well-known/acme-challenge/security.txt/template-begin rename to root/etc/e-smith/templates/var/www/html/.well-known/security.txt/template-begin diff --git a/smeserver-apache.spec b/smeserver-apache.spec index 1cd5b84..9fea7b7 100644 --- a/smeserver-apache.spec +++ b/smeserver-apache.spec @@ -4,7 +4,7 @@ Summary: smeserver server and gateway - apache module %define name smeserver-apache Name: %{name} %define version 11.0.0 -%define release 8 +%define release 9 Version: %{version} Release: %{release}%{?dist} License: GPL @@ -74,7 +74,7 @@ if [ $1 -gt 1 ] ; then fi %changelog -* Fri Dec 27 2024 Jean-Philippe Pialasse 11.0.0-8.sme +* Fri Dec 27 2024 Jean-Philippe Pialasse 11.0.0-9.sme - add X-Content-Type-Options nosniff [SME: 12835] - add Strict Transport Security support HSTS [SME: 12815] - add X-Frame-Options SAMEORIGIN Header to prevent clickjacking [SME: 12816]