27. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 3/29/2017 4:53:21 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

27.1 Files compared

# Location File Last Modified
1 CTT-DM CIF Submission.zip\code\apache_extensions ssl.conf-DEV Fri Mar 3 16:22:14 2017 UTC
2 CTT-DM CIF Submission.zip\code\apache_extensions ssl.conf-DEV Wed Mar 29 13:00:55 2017 UTC

27.2 Comparison summary

Description Between
Files 1 and 2
Text Blocks Lines
Unchanged 32 388
Changed 31 206
Inserted 0 0
Removed 0 0

27.3 Comparison options

Whitespace
Character case Differences in character case are significant
Line endings Differences in line endings (CR and LF characters) are ignored
CR/LF characters Not shown in the comparison detail

27.4 Active regular expressions

No regular expressions were active.

27.5 Comparison detail

  1   LoadModule  ssl_modul e modules/ mod_ssl.so
  2   LoadModule  proxy_mod ule module s/mod_prox y.so
  3   LoadModule  proxy_htt p_module m odules/mod _proxy_htt p.so
  4  
  5   Listen 443
  6   Listen 444
  7  
  8   SSLProxyEn gine On
  9   ProxyReque sts Off
  10   ProxyPrese rveHost On
  11   ProxyTimeo ut 600
  12  
  13  
  14   SSLPassPhr aseDialog   builtin
  15  
  16  
  17   SSLSession Cache          shmcb: /var/cache /mod_ssl/s cache(5120 00)
  18   SSLSession CacheTimeo ut  300
  19  
  20  
  21   SSLMutex d efault
  22  
  23   SSLRandomS eed startu p file:/de v/urandom   256
  24   SSLRandomS eed connec t builtin
  25   #SSLRandom Seed start up file:/d ev/random   512
  26   #SSLRandom Seed conne ct file:/d ev/random   512
  27   #SSLRandom Seed conne ct file:/d ev/urandom  512
  28  
  29   SSLCryptoD evice buil tin
  30   #SSLCrypto Device ubs ec
  31  
  32   # The virt ualhost be low 444 is  for SSOe
  33   <VirtualHo st _defaul t_:444>
  34   #ServerNam e DNS.DNS    
  35   Redirect p ermanent /  https:// DNS . DNS     /
  36  
  37   ErrorLog l ogs/SSOe-s sl_error_l og
  38   TransferLo g logs/SSO e-ssl_acce ss_log
  39   CustomLog  logs/SSOe- ssl_reques t_log \
  40              "%t %h %{S SL_PROTOCO L}x %{SSL_ CIPHER}x \ "%r\" %b"
  41   LogLevel i nfo
  42   SSLEngine  on
  43   #SSLProtoc ol all -SS Lv2
  44   #SSLCipher Suite DEFA ULT:!EXP:! SSLv2:!DES :!IDEA:!SE ED:+3DES
  45   #
  46   # The 3 li nes below  fixes the  BEAST expl oit
  47   ########## ########## ########## ########## ###
  48   SSLCipherS uite EECDH +AESGCM
  49   SSLProtoco l All -SSL v2 -SSLv3
  50   SSLHonorCi pherOrder  On
  51   ########## ########## ########## ########## ###
  52   SSLCertifi cateFile / app/certs/ server.crt
  53   SSLCertifi cateKeyFil e /app/cer ts/server. key
  54   SSLVerifyC lient none
  55  
  56   <Files ~ " \.(cgi|sht ml|phtml|p hp3?)$">
  57       SSLOpt ions +StdE nvVars
  58   </Files>
  59  
  60   <Directory  "/var/www /cgi-bin">
  61       SSLOpt ions +StdE nvVars
  62   </Director y>
  63  
  64   SetEnvIf U ser-Agent  ".*MSIE.*"  \
  65            n okeepalive  ssl-uncle an-shutdow n \
  66            d owngrade-1 .0 force-r esponse-1. 0
  67  
  68   # Special  Proxy Mapp ings
  69   #
  70   #Komet
  71   ProxyPass  /1/rails_k omet_a/ass ets https: // DNS . DNS     : PORT /rails_kom et_a/asset s
  72   ProxyPassR everse /1/ rails_kome t_a/assets  https:// DNS . DNS     : PORT /rails_kom et_a/asset s
  73   ProxyPass  /1/rails_k omet_a/map ping https :// DNS . DNS     : PORT /rails_kom et_a/mappi ng
  74   ProxyPassR everse /1/ rails_kome t_a/mappin g https:// DNS . DNS     : PORT /rails_kom et_a/mappi ng
  75   ProxyPass  /1/rails_k omet_a/kom et_dashboa rd https:/ / DNS . DNS     : PORT /rails_kom et_a/komet _dashboard
  76   ProxyPassR everse /1/ rails_kome t_a/komet_ dashboard  https:// DNS . DNS     : PORT /rails_kom et_a/komet _dashboard
  77   ProxyPass  /1/rails_k omet_a/ext ernal http s:// DNS . DNS     : PORT /rails_kom et_a/exter nal
  78   ProxyPassR everse /1/ rails_kome t_a/extern al https:/ / DNS . DNS     : PORT /rails_kom et_a/exter nal
  79   #RewriteEn gine On
  80   #RewriteRu le /1/rail s_komet_a/ external/( .*) https: // DNS . DNS     : PORT /rails_kom et_a/exter nal/$1 [P]
  81  
  82  
  83   #Prisme
  84   ProxyPass  /rails_pri sme/assets  https:/ DNS . DNS     :8080/rail s_prisme/a ssets
  85   ProxyPassR everse /ra ils_prisme /assets ht tps:// DNS . DNS     : PORT /rails_pri sme/assets
  86   ProxyPass  /rails_pri sme/welcom e https:// DNS . DNS     : PORT /rails_pri sme/welcom e
  87   ProxyPassR everse /ra ils_prisme /welcome h ttps:// DNS . DNS     : PORT /rails_pri sme/welcom e
  88   ProxyPass  /rails_pri sme/users/ sign_in ht tps:// DNS . DNS     : PORT /rails_pri sme/users/ sign_in
  89   ProxyPassR everse /ra ils_prisme /users/sig n_in https :// DNS . DNS     : PORT /rails_pri sme/users/ sign_in
  90   ProxyPass  /rails_pri sme https: //vaausctt dbs80.aac. DNS     :8080/rail s_prisme
  91   ProxyPassR everse /ra ils_prisme  https:// DNS . DNS     : PORT /rails_pri sme
  92  
  93   #Jenkins
  94   ProxyPass  /jenkins h ttps:// PORT . DNS     : PORT /jenkins
  95   ProxyPassR everse /je nkins http s:// PORT . DNS     : PORT /jenkins
  96  
  97   <Location  /manager>
  98   ProxyPass  https:// DNS . DNS     : PORT /manager/
  99   ProxyPassR everse htt ps:// DNS . DNS     : PORT /manager/
  100   AuthType b asic
  101   AuthBasicA uthoritati ve Off
  102   SetEnv pro xy-chain-a uth On
  103   </Location >
  104  
  105   ProxyPass  /isaac-res t https:// DNS . DNS     : PORT /isaac-res t
  106   ProxyPassR everse /is aac-rest h ttps:// DNS . DNS     : PORT /isaac-res t
  107   </VirtualH ost>
  108  
  109   <VirtualHo st _defaul t_:443>
  110  
  111   #Redirect  / https:// DNS . DNS    
  112  
  113   ErrorLog l ogs/ssl_er ror_log
  114   TransferLo g logs/ssl _access_lo g
  115   LogLevel i nfo
  116  
  117   SSLEngine  on
  118  
  119   #SSLProtoc ol all -SS Lv2
  120   #SSLCipher Suite DEFA ULT:!EXP:! SSLv2:!DES :!IDEA:!SE ED:+3DES
  121   # The 3 li nes below  fixes the  BEAST expl oit
  122   ########## ########## ########## ########## ###
  123   SSLProtoco l all -TLS v1.1 -TLSv 1 -SSLv2 - SSLv3
  124   #SSLCipher Suite ALL: +HIGH:!ADH :!EXP:!SSL v2:!SSLv3: !NULL:!aNU LL
  125   SSLCipherS uite DHE-D SS-AES128- GCM-SHA256 :DHE-RSA-A ES128-GCM- SHA256:ECD HE-RSA-AES 256-GCM-SH A384:ECDHE -ECDSA-AES 256-GCM-SH A384:ECDHE -ECDSA-AES 256-SHA384 :DHE-DSS-A ES256-GCM- SHA384:DHE -RSA-AES25 6-GCM-SHA3 84:ADH-AES 256-GCM-SH A384:ECDH- RSA-AES256 -GCM-SHA38 4:ECDH-ECD SA-AES256- GCM-SHA384 :ECDH-ECDS A-AES256-S HA384:AES2 56-GCM-SHA 384:ECDHE- RSA-AES128 -GCM-SHA25 6:ECDHE-EC DSA-AES128 -GCM-SHA25 6:ADH-AES1 28-GCM-SHA 256:ECDH-E CDSA-AES12 8-GCM-SHA2 56:ECDH-EC DSA-AES128 -SHA256:AD H-AES128-G CM-SHA256: ECDH-ECDSA -AES128-GC M-SHA256:E CDH-ECDSA- AES128-SHA 256:AES128 -GCM-SHA25 6
  126   SSLHonorCi pherOrder  on
  127   ########## ########## ########## ########## ###
  128  
  129   SSLCertifi cateFile / app/certs/ server.crt
  130   SSLCertifi cateKeyFil e /app/cer ts/server. key
  131  
  132   #SSLCertif icateChain File /etc/ pki/tls/ce rts/server -chain.crt
  133   #SSLCACert ificateFil e /etc/pki /tls/certs /ca-bundle .crt
  134  
  135   SSLVerifyC lient none
  136  
  137   <Files ~ " \.(cgi|sht ml|phtml|p hp3?)$">
  138       SSLOpt ions +StdE nvVars
  139   </Files>
  140   <Directory  "/var/www /cgi-bin">
  141       SSLOpt ions +StdE nvVars
  142   </Director y>
  143  
  144  
  145   SetEnvIf U ser-Agent  ".*MSIE.*"  \
  146            n okeepalive  ssl-uncle an-shutdow n \
  147            d owngrade-1 .0 force-r esponse-1. 0
  148  
  149   CustomLog  logs/ssl_r equest_log  \
  150              "%t %h %{S SL_PROTOCO L}x %{SSL_ CIPHER}x \ "%r\" %b"
  151   # Special  Proxy Mapp ings
  152   #
  153   #Komet a
  154   ProxyPass  /1/rails_k omet_a/ass ets https: // DNS . DNS     : PORT /rails_kom et_a/asset s
  155   ProxyPassR everse /1/ rails_kome t_a/assets  https:// DNS . DNS     : PORT /rails_kom et_a/asset s
  156   ProxyPass  /1/rails_k omet_a/map ping https :// DNS . DNS     : PORT /rails_kom et_a/mappi ng
  157   ProxyPassR everse /1/ rails_kome t_a/mappin g https:// DNS . DNS     : PORT rails_kome t_a/mappin g
  158   ProxyPass  /1/rails_k omet_a/kom et_dashboa rd https:/ / DNS . DNS     : PORT /rails_kom et_a/komet _dashboard
  159   ProxyPassR everse /1/ rails_kome t_a/komet_ dashboard  https:// DNS . DNS     : PORT /rails_kom et_a/komet _dashboard
  160   # Added fo r logout m apping
  161   ProxyPass  /1/rails_k omet_a/ext ernal/logo ut https:/ / DNS . DNS     : PORT /rails_kom et_a/exter nal/logout
  162   ProxyPassR everse /1/ rails_kome t_a/extern al/logout  https:// DNS . DNS     : PORT /rails_kom et_a/exter nal/logout
  163  
  164   #Komet a
  165   #ProxyPass  /rails_ko met_a/asse ts https:/ / DNS . DNS     : PORT /rails_kom et_a/asset s
  166   #ProxyPass Reverse /r ails_komet _a/assets  https:// DNS . DNS     : PORT /rails_kom et_a/asset s
  167   #ProxyPass  /rails_ko met_a/mapp ing https: // DNS . DNS     : PORT /rails_kom et_a/mappi ng
  168   #ProxyPass Reverse /r ails_komet _a/mapping  https:// DNS . DNS     : PORT /rails_kom et_a/mappi ng
  169   #ProxyPass  /rails_ko met_a/kome t_dashboar d https:// DNS . DNS     : PORT /rails_kom et_a/komet _dashboard
  170   #ProxyPass Reverse /r ails_komet _a/komet_d ashboard h ttps:/ DNS . DNS     : PORT /rails_kom et_a/komet _dashboard
  171   # Added fo r logout m apping
  172   #ProxyPass  /rails_ko met_a/exte rnal/logou t https:// DNS . DNS     : PORT /rails_kom et_a/exter nal/logout
  173   #ProxyPass Reverse /r ails_komet _a/externa l/logout h ttps:// DNS . DNS     : PORT /rails_kom et_a/exter nal/logout
  174  
  175  
  176  
  177   #
  178   #ProxyPass  /rails_ko met_a/exte rnal/expor t https:// DNS . DNS     : PORT /rails_kom et_a/exter nal/export
  179   #ProxyPass Reverse /r ails_komet _a/externa l/export h ttps:// DNS . DNS     : PORT /rails_kom et_a/exter nal/export
  180   #
  181   #RewriteEn gine On
  182   #RewriteRu le /rails_ komet_a/ex ternal/(.* ) https:// vaauscttwe b80.aac. DNS     : PORT /rails_kom et_a/exter nal/$1 [P]
  183  
  184   #Reverse D ynamic Mir ror - VHAT  Exports ( not workin g...)
  185   #RewriteEn gine on
  186   #RewriteCo nd   /rail s_komet_a/ external/e xport/$1            - U
  187   #RewriteRu le   ^http ://vaausct tweb80\.aa c\.va\.gov /(.*)$ /ra ils_komet_ a/external /export/$1
  188  
  189  
  190   #Komet b
  191   ProxyPass  /2/rails_k omet_b/ass ets https: // DNS . DNS     : PORT /rails_kom et_b/asset s
  192   ProxyPassR everse /2/ rails_kome t_b/assets  https:// DNS . DNS     : PORT /rails_kom et_b/asset s
  193   ProxyPass  /2/rails_k omet_b/map ping https :// DNS . DNS     : PORT /rails_kom et_b/mappi ng
  194   ProxyPassR everse /2/ rails_kome t_b/mappin g https:// DNS . DNS     : PORT /rails_kom et_b/mappi ng
  195   ProxyPass  /2/rails_k omet_b/kom et_dashboa rd https:/ / PORT . DNS     : PORT /rails_kom et_b/komet _dashboard
  196   ProxyPassR everse /2/ rails_kome t_b/komet_ dashboard  https:// DNS . DNS     : PORT /rails_kom et_b/komet _dashboard
  197   ProxyPass  /2/rails_k omet_b/ext ernal http s:// DNS . DNS     : PORT /rails_kom et_b/exter nal
  198   ProxyPassR everse /2/ rails_kome t_b/extern al https:/ / DNS . DNS     : PORT /rails_kom et_b/exter nal
  199  
  200  
  201   #Komet 2a
  202   #ProxyPass  /rails_ko met_2a/ass ets https: // DNS . DNS     : PORT /rails_kom et_2a/asse ts
  203   #ProxyPass Reverse /r ails_komet _2a/assets  https:// DNS . DNS     : PORT /rails_kom et_2a/asse ts
  204   #ProxyPass  /rails_ko met_2a/map ping https :// DNS . DNS     : PORT /rails_kom et_2a/mapp ing
  205   #ProxyPass Reverse /r ails_komet _2a/mappin g https:// DNS . DNS     : PORT /rails_kom et_2a/mapp ing
  206   #ProxyPass  /rails_ko met_2a/kom et_dashboa rd https:/ / DNS . DNS     : PORT /rails_kom et_2a/kome t_dashboar d
  207   #ProxyPass Reverse /r ails_komet _a/komet_d ashboard h ttps:// DNS . DNS     : PORT /rails_kom et_2a/kome t_dashboar d
  208   #ProxyPass  /rails_ko met_2a/ext ernal http s:// DNS . DNS     : PORT /rails_kom et_2a/exte rnal
  209   #ProxyPass Reverse /r ails_komet _2a/extern al https:/ / DNS . DNS     : PORT /rails_kom et_2a/exte rnal
  210  
  211  
  212   #Komet 2b
  213   #ProxyPass  /rails_ko met_2b/ass ets https: // DNS . DNS     : PORT /rails_kom et_2b/asse ts
  214   #ProxyPass Reverse /r ails_komet _2b/assets  https:// DNS . DNS     : PORT /rails_kom et_2b/asse ts
  215   #ProxyPass  /rails_ko met_2b/map ping https :// DNS . DNS     : PORT /rails_kom et_2b/mapp ing
  216   #ProxyPass Reverse /r ails_komet _2b/mappin g https:// DNS . DNS     : PORT /rails_kom et_2b/mapp ing
  217   #ProxyPass  /rails_ko met_2b/kom et_dashboa rd https:/ / DNS . DNS     : PORT /rails_kom et_2b/kome t_dashboar d
  218   #ProxyPass Reverse /r ails_komet _2b/komet_ dashboard  https:// DNS . DNS     : PORT /rails_kom et_2b/kome t_dashboar d
  219   #ProxyPass  /rails_ko met_2b/ext ernal http s:// DNS . DNS     : PORT /rails_kom et_2b/exte rnal
  220   #ProxyPass Reverse /r ails_komet _2b/extern al https:/ / DNS . DNS     : PORT /rails_kom et_2b/exte rnal
  221  
  222  
  223   #Prisme
  224   ProxyPass  /rails_pri sme/assets  https:// DNS . DNS     : PORT rails_pris me/assets
  225   ProxyPassR everse /ra ils_prisme /assets ht tps:// DNS . DNS     : PORT /rails_pri sme/assets
  226   ProxyPass  /rails_pri sme/welcom e https:// DNS . DNS     : PORT /rails_pri sme/welcom e
  227   ProxyPassR everse /ra ils_prisme /welcome h ttps:// DNS . DNS     : PORT /rails_pri sme/welcom e
  228   ProxyPass  /rails_pri sme/users/ sign_in ht tps:// DNS . DNS     : PORT /rails_pri sme/users/ sign_in
  229   ProxyPassR everse /ra ils_prisme /users/sig n_in https :// DNS . DNS     : PORT /rails_pri sme/users/ sign_in
  230   ProxyPass  /rails_pri sme https: // DNS . DNS     : PORT /rails_pri sme
  231   ProxyPassR everse /ra ils_prisme  https:// DNS . DNS     : PORT /rails_pri sme
  232  
  233   #Jenkins
  234   ProxyPass  /jenkins h ttps:// DNS . DNS     : PORT /jenkins
  235   ProxyPassR everse /je nkins http s:// DNS . DNS     : PORT /jenkins
  236  
  237   <Location  /manager>
  238   ProxyPass  https:// DNS . DNS     : PORT /manager/
  239   ProxyPassR everse htt ps:// DNS . DNS     : PORT /manager/
  240   AuthType b asic
  241   AuthBasicA uthoritati ve Off
  242   SetEnv pro xy-chain-a uth On
  243   </Location >
  244  
  245   ProxyPass  /isaac-res t https:// DNS . DNS     : PORT /isaac-res t
  246   ProxyPassR everse /is aac-rest h ttps:// DNS . DNS     : PORT /isaac-res t
  247   #ProxyPass  /isaac-re st/rest/1/ export htt ps:// DNS . DNS     : PORT /isaac-res t/isaac-re st/rest/1/ export/vet sXML
  248   #ProxyPass Reverse /i saac-rest/ rest/1/exp ort https: // DNS . DNS     :8080/isaa c-rest/isa ac-rest/re st/1/expor t/vetsXML
  249  
  250   </VirtualH ost>
  251  
  252   #Rewrite R ules
  253   #
  254   #RewriteEn gine On
  255   #RewriteRu le /rails_ komet_a/ex ternal/(.* ) https:// DNS . DNS     : PORT /rails_kom et_a/exter nal/$1 [P]
  256  
  257   <Location  /isaac-res t>
  258   ProxyPass  https:// DNS . DNS     : PORT isaac-rest
  259   ProxyPassR everse htt ps:// DNS . DNS     : PORT /isaac-res t
  260   </Location >
  261  
  262   <Location  /1/isaac-r est>
  263   ProxyPass  https:// DNS . DNS     : PORT /isaac-res t_1
  264   ProxyPassR everse htt ps:// DNS . DNS     : PORT /isaac-res t
  265   </Location >
  266  
  267   <Location  /2/isaac-r est>
  268   ProxyPass  https:// DNS . DNS     : PORT /isaac-res t_2
  269   ProxyPassR everse htt ps:// DNS . DNS     : PORT /isaac-res t
  270   </Location >
  271  
  272   <Location  /nexus>
  273   ProxyPass  https:// DNS . DNS     : PORT /nexus
  274   ProxyPassR everse htt ps:// DNS . DNS     : PORT /nexus
  275   </Location >
  276  
  277   <Location  /rails_pri sme/>
  278   ProxyPass  https:// DNS . DNS     : PORT /rails_pri sme/
  279   ProxyPassR everse htt ps:// DNS . DNS     : PORT /rails_pri sme/
  280   SetEnv pro xy-sendchu nks 1
  281   </Location >
  282  
  283   #ProxyPass Match ^/1/ rails_kome t_a/(.+)$    https:// DNS . DNS     : PORT /rails_kom et_a/$1
  284   <Location  /1/rails_k omet_a/>
  285   ProxyPass    https:// DNS . DNS     : PORT /rails_kom et_a/
  286   ProxyPassR everse htt ps:// DNS . DNS     : PORT /rails_kom et_a/
  287   </Location >
  288  
  289   <Location  /2/rails_k omet_b/>
  290   ProxyPass  https:// DNS . DNS     : PORT /rails_kom et_b/
  291   ProxyPassR everse htt ps:// DNS . DNS     : PORT /rails_kom et_b/
  292   </Location >
  293  
  294   <Location  /git/>
  295   ProxyPass  https:// DNS c. DNS     : PORT /git/
  296   ProxyPassR everse htt ps:// DNS . DNS     : PORT /git/
  297   </Location >

Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.