Merge lp:~jose/charms/trusty/owncloud/fix-poodle into lp:charms/trusty/owncloud

Proposed by José Antonio Rey on 2015-01-12
Status: Merged
Merged at revision: 32
Proposed branch: lp:~jose/charms/trusty/owncloud/fix-poodle
Merge into: lp:charms/trusty/owncloud
Diff against target: 15 lines (+4/-1)
1 file modified
hooks/config-changed (+4/-1)
To merge this branch: bzr merge lp:~jose/charms/trusty/owncloud/fix-poodle
Reviewer Review Type Date Requested Status
Charles Butler (community) 2015-01-12 Approve on 2015-02-24
Review Queue (community) automated testing Needs Fixing on 2015-01-16
Review via email: mp+246205@code.launchpad.net

Description of the Change

Fixed POODLE vulnerability.

To post a comment you must log in.
Charles Butler (lazypower) wrote :

+1 LGTM - I left a note behind on the precise merge regarding checking the SSL configuration for your edification.

Thanks for the patch Jose!

review: Approve
Charles Butler (lazypower) wrote :

Ah wait, i didn't notice this is in install - what about existing deployments?

Can you move this to either upgrade-charm, or config-changed so we make sure we've fixed anythin gout there in the wild? Thanks!

review: Needs Fixing
Review Queue (review-queue) wrote :

This items has failed automated testing! Results available here http://reports.vapour.ws/charm-tests/charm-bundle-test-10949-results

review: Needs Fixing (automated testing)
32. By José Antonio Rey on 2015-02-03

Moved from install to config-changed

José Antonio Rey (jose) wrote :

And moved to config-changed!

Charles Butler (lazypower) wrote :

+1 LGTM - deployed and checked, and poodle was not one of the listed vulnerabilities. Ty for moving this to config-changed.

Keep up the good work Jose!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'hooks/config-changed'
2--- hooks/config-changed 2014-11-04 04:21:14 +0000
3+++ hooks/config-changed 2015-02-03 07:09:12 +0000
4@@ -170,7 +170,10 @@
5 service apache2 start || :
6 service apache2 reload
7
8-
9+if [ ! -f .fixpoodle ]; then
10+ sed -i "s/SSLProtocol all/SSLProtocol all -SSLv3/g" /etc/apache2/mods-enabled/ssl.conf
11+ touch .fixpoodle
12+fi
13
14 if [ ! -f .443 ]; then
15 open-port 443

Subscribers

People subscribed via source and target branches

to all changes: