From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id +AGYDpPDDGAyEgAA0tVLHw (envelope-from ) for ; Sun, 24 Jan 2021 00:47:15 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id uGhwCpPDDGDHNgAAB5/wlQ (envelope-from ) for ; Sun, 24 Jan 2021 00:47:15 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 696AB9403D2 for ; Sun, 24 Jan 2021 00:47:14 +0000 (UTC) Received: from localhost ([::1]:35056 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1l3TYf-0002wv-DM for larch@yhetil.org; Sat, 23 Jan 2021 19:47:13 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:42220) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l3TYU-0002wM-F8 for guix-patches@gnu.org; Sat, 23 Jan 2021 19:47:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:52331) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1l3TYU-0003Rv-6z for guix-patches@gnu.org; Sat, 23 Jan 2021 19:47:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1l3TYU-0002LO-4h for guix-patches@gnu.org; Sat, 23 Jan 2021 19:47:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#46049] [PATCH] services: nginx: Add ssl-protocols option. Resent-From: Tobias Geerinckx-Rice Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 24 Jan 2021 00:47:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 46049 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Jonathan Brielmaier X-Debbugs-Original-Cc: 46049@debbugs.gnu.org, guix-patches@gnu.org Received: via spool by 46049-submit@debbugs.gnu.org id=B46049.16114491618904 (code B ref 46049); Sun, 24 Jan 2021 00:47:02 +0000 Received: (at 46049) by debbugs.gnu.org; 24 Jan 2021 00:46:01 +0000 Received: from localhost ([127.0.0.1]:35639 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l3TXV-0002JT-1n for submit@debbugs.gnu.org; Sat, 23 Jan 2021 19:46:01 -0500 Received: from tobias.gr ([80.241.217.52]:52028) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l3TXS-0002JJ-OK for 46049@debbugs.gnu.org; Sat, 23 Jan 2021 19:45:59 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobias.gr; s=2018; bh=VQbefYjBTvU5MMWHDu3xSFXsjP+tUODrAXu3kHjO2mo=; h=date:in-reply-to: references:subject:cc:to:from; b=VIVr+uYh2tqlR/g/gJYUXgrr5S2lMb4JK+E+J bKwiPxUsC7iBy/nHzOnccAu8UmzbIehdTmNInG9cUSbpWUIW4iVy//ppFZi1XcXAlvrdiF tEkZVFE7C122jUHASE9ehbb0jp+W8yaagbGh9D9zS7pRGTprq18BCXGLM1TLWwr9IXXn/j p48iX99mDRDTI9/FIXgU57CSNLWQ1hjbYaIji+GVAtAUdIETD0nAHOzrsPevioLrY77uL8 NqOuPmdUeiJXt8j2oENB8liUDEBXU0G7a5ySRdW7yjUZE19xyTVlXP+lQPom9yDP7Yg4AH ttPUhz6FV4pBGGbFrUGrGxVEA== Received: by submission.tobias.gr (OpenSMTPD) with ESMTPSA id 043074fa (TLSv1.2:ECDHE-ECDSA-AES256-GCM-SHA384:256:NO); Sun, 24 Jan 2021 00:46:34 +0000 (UTC) BIMI-Selector: v=BIMI1; s=default; References: <20210123100049.22389-1-jonathan.brielmaier@web.de> In-reply-to: <20210123100049.22389-1-jonathan.brielmaier@web.de> Date: Sun, 24 Jan 2021 01:45:54 +0100 Message-ID: <878s8jqi0t.fsf@nckx> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 46049@debbugs.gnu.org Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" Reply-to: Tobias Geerinckx-Rice X-ACL-Warn: , Tobias Geerinckx-Rice via Guix-patches From: guix-patches--- via X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -4.45 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=tobias.gr header.s=2018 header.b=VIVr+uYh; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 696AB9403D2 X-Spam-Score: -4.45 X-Migadu-Scanner: scn1.migadu.com X-TUID: Es8BrPwkWja7 --=-=-= Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Jonathan, Jonathan Brielmaier =E5=86=99=E9=81=93=EF=BC=9A > * gnu/services/web.scm=20 > ()[ssl-protocols]: > New entry defaulting to "secure" versions of TLS. Thanks! > + (ssl-protocols nginx-server-configuration-ssl-protocols > + (default "TLSv1.2 TLSv1.3")) This should be (default "TLSv1 TLSv1.1 TLSv1.2") instead, see [0]. Otherwise LGTM! Kind regards, T G-R [0]:=20 https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_protocols --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYAzDQg0cbWVAdG9iaWFz LmdyAAoJEA2w/4hPVW15HHIA/iileMqUdOEIjDm3NEawC1uPslmtQRd6/8gz0c82 oMe5AQDnDj1w/iHRBhFvlQhsxCKuscH66xrhf2JBB9vrgoTQAA== =8BZ2 -----END PGP SIGNATURE----- --=-=-=--