31. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 3/29/2017 4:53:21 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

31.1 Files compared

# Location File Last Modified
1 CTT-DM CIF Submission.zip\code\apache_extensions ssl.conf-TEST Fri Mar 3 16:22:14 2017 UTC
2 CTT-DM CIF Submission.zip\code\apache_extensions ssl.conf-TEST Wed Mar 29 14:51:54 2017 UTC

31.2 Comparison summary

Description Between
Files 1 and 2
Text Blocks Lines
Unchanged 19 256
Changed 18 136
Inserted 0 0
Removed 0 0

31.3 Comparison options

Whitespace
Character case Differences in character case are significant
Line endings Differences in line endings (CR and LF characters) are ignored
CR/LF characters Not shown in the comparison detail

31.4 Active regular expressions

No regular expressions were active.

31.5 Comparison detail

  1   LoadModule  ssl_modul e modules/ mod_ssl.so
  2   LoadModule  proxy_mod ule module s/mod_prox y.so
  3   LoadModule  proxy_htt p_module m odules/mod _proxy_htt p.so
  4  
  5   Listen 443
  6   Listen 444
  7  
  8   SSLProxyEn gine On
  9   ProxyReque sts Off
  10   ProxyPrese rveHost On
  11   ProxyTimeo ut 600
  12  
  13   SSLPassPhr aseDialog   builtin
  14  
  15   SSLSession Cache          shmcb: /var/cache /mod_ssl/s cache(5120 00)
  16   SSLSession CacheTimeo ut  300
  17  
  18   SSLMutex d efault
  19  
  20   SSLRandomS eed startu p file:/de v/urandom   256
  21   SSLRandomS eed connec t builtin
  22   #SSLRandom Seed start up file:/d ev/random   512
  23   #SSLRandom Seed conne ct file:/d ev/random   512
  24   #SSLRandom Seed conne ct file:/d ev/urandom  512
  25  
  26   SSLCryptoD evice buil tin
  27   #SSLCrypto Device ubs ec
  28  
  29   # The virt ualhost be low 443 is  for SSOi
  30   <VirtualHo st _defaul t_:443>
  31  
  32   ErrorLog l ogs/ssl_er ror_log
  33   TransferLo g logs/ssl _access_lo g
  34   LogLevel i nfo
  35  
  36   SSLEngine  on
  37  
  38   #SSLProtoc ol all -SS Lv2
  39   #SSLCipher Suite DEFA ULT:!EXP:! SSLv2:!DES :!IDEA:!SE ED:+3DES
  40   #SSLCipher Suite DEFA ULT:!EXP:! SSLv2:!DES :!IDEA:!SE ED:+3DES
  41   # The 3 li nes below  fixes the  BEAST expl oit
  42   ########## ########## ########## ########## ###
  43   SSLProtoco l all -TLS v1.1 -TLSv 1 -SSLv2 - SSLv3
  44   #SSLCipher Suite ALL: +HIGH:!ADH :!EXP:!SSL v2:!SSLv3: !NULL:!aNU LL
  45   SSLCipherS uite DHE-D SS-AES128- GCM-SHA256 :DHE-RSA-A ES128-GCM- SHA256:ECD HE-RSA-AES 256-GCM-SH A384:ECDHE -ECDSA-AES 256-GCM-SH A384:ECDHE -ECDSA-AES 256-SHA384 :DHE-DSS-A ES256-GCM- SHA384:DHE -RSA-AES25 6-GCM-SHA3 84:ADH-AES 256-GCM-SH A384:ECDH- RSA-AES256 -GCM-SHA38 4:ECDH-ECD SA-AES256- GCM-SHA384 :ECDH-ECDS A-AES256-S HA384:AES2 56-GCM-SHA 384:ECDHE- RSA-AES128 -GCM-SHA25 6:ECDHE-EC DSA-AES128 -GCM-SHA25 6:ADH-AES1 28-GCM-SHA 256:ECDH-E CDSA-AES12 8-GCM-SHA2 56:ECDH-EC DSA-AES128 -SHA256:AD H-AES128-G CM-SHA256: ECDH-ECDSA -AES128-GC M-SHA256:E CDH-ECDSA- AES128-SHA 256:AES128 -GCM-SHA25 6
  46   SSLHonorCi pherOrder  on
  47   ########## ########## ########## ########## ###
  48   SSLCertifi cateFile / app/certs/ server.crt
  49   SSLCertifi cateKeyFil e /app/cer ts/server. key
  50  
  51   SSLVerifyC lient none
  52  
  53   <Files ~ " \.(cgi|sht ml|phtml|p hp3?)$">
  54       SSLOpt ions +StdE nvVars
  55   </Files>
  56   <Directory  "/var/www /cgi-bin">
  57       SSLOpt ions +StdE nvVars
  58   </Director y>
  59  
  60  
  61   SetEnvIf U ser-Agent  ".*MSIE.*"  \
  62            n okeepalive  ssl-uncle an-shutdow n \
  63            d owngrade-1 .0 force-r esponse-1. 0
  64  
  65   CustomLog  logs/ssl_r equest_log  \
  66              "%t %h %{S SL_PROTOCO L}x %{SSL_ CIPHER}x \ "%r\" %b"
  67   # Special  Proxy Mapp ings
  68   #
  69   #Komet (on ly to web8 4 for rail s_komet_a  84)
  70   ProxyPass  /1/rails_k omet_a/ass ets https: // DNS . DNS     : PORT /rails_kom et_a/asset s
  71   ProxyPassR everse /1/ rails_kome t_a/assets  https:// DNS . DNS     : PORT /rails_kom et_a/asset s
  72   ProxyPass  /1/rails_k omet_b/map ping https :// DNS . DNS     : PORT /rails_kom et_a/mappi ng
  73   ProxyPassR everse /1/ rails_kome t_a/mappin g https:// DNS . DNS     : PORT /rails_kom et_a/mappi ng
  74   ProxyPass  /1/rails_k omet_a/kom et_dashboa rd https:/ / DNS . DNS     : PORT /rails_kom et_a/komet _dashboard
  75   ProxyPassR everse /1/ rails_kome t_a/komet_ dashboard  https:// DNS . DNS     : PORT /rails_kom et_a/komet _dashboard
  76   ProxyPass  /1/rails_k omet_a/ext ernal http s:// DNS . DNS     : PORT /rails_kom et_a/exter nal
  77   ProxyPassR everse /1/ rails_kome t_a/extern al https:/ / DNS . DNS     : PORT /rails_kom et_a/exter nal
  78  
  79   #Komet (on ly to web8 5 for rail s_komet_b  84)
  80   ProxyPass  /2/rails_k omet_b/ass ets https: // DNS . DNS     : DNS /rails_kom et_b/asset s
  81   ProxyPassR everse /2/ rails_kome t_b/assets  https:// DNS . DNS     : DNS /rails_kom et_b/asset s
  82   ProxyPass  /2/rails_k omet_b/map ping https :// DNS . DNS     : DNS /rails_kom et_b/mappi ng
  83   ProxyPassR everse /2/ rails_kome t_b/mappin g https:// DNS . DNS     : DNS /rails_kom et_b/mappi ng
  84   ProxyPass  /2/rails_k omet_b/kom et_dashboa rd https:/ / DNS . DNS     : DNS /rails_kom et_b/komet _dashboard
  85   ProxyPassR everse /2/ rails_kome t_b/komet_ dashboard  https:// DNS . DNS     : DNS /rails_kom et_b/komet _dashboard
  86   ProxyPass  /2/rails_k omet_b/ext ernal http s:// DNS . DNS     : DNS /rails_kom et_b/exter nal
  87   ProxyPassR everse /2/ rails_kome t_b/extern al https:/ / DNS . DNS     : DNS /rails_kom et_b/exter nal
  88  
  89   #Komet (on ly to web8 4 for rail s_komet_a  85)
  90   ProxyPass  /3/rails_k omet_a/ass ets https: // DNS . DNS     : DNS /rails_kom et_a/asset s
  91   ProxyPassR everse /3/ rails_kome t_a/assets  https:// DNS . DNS     : DNS /rails_kom et_a/asset s
  92   ProxyPass  /3/rails_k omet_b/map ping https :// DNS . DNS     : DNS /rails_kom et_a/mappi ng
  93   ProxyPassR everse /3/ rails_kome t_a/mappin g https:// DNS . DNS     : DNS /rails_kom et_a/mappi ng
  94   ProxyPass  /3/rails_k omet_a/kom et_dashboa rd https:/ / DNS . DNS     : DNS /rails_kom et_a/komet _dashboard
  95   ProxyPassR everse /3/ rails_kome t_a/komet_ dashboard  https:// DNS . DNS     : DNS /rails_kom et_a/komet _dashboard
  96   ProxyPass  /3/rails_k omet_a/ext ernal http s:// DNS . DNS     : DNS /rails_kom et_a/exter nal
  97   ProxyPassR everse /3/ rails_kome t_a/extern al https:/ / DNS . DNS     : DNS /rails_kom et_a/exter nal
  98  
  99   #Komet (on ly to web8 5 for rail s_komet_b  85)
  100   ProxyPass  /4/rails_k omet_b/ass ets https: // DNS . DNS     : PORT /rails_kom et_b/asset s
  101   ProxyPassR everse /4/ rails_kome t_b/assets  https:// DNS . DNS     : PORT /rails_kom et_b/asset s
  102   ProxyPass  /4/rails_k omet_b/map ping https :// DNS . DNS     : PORT /rails_kom et_b/mappi ng
  103   ProxyPassR everse /4/ rails_kome t_b/mappin g https:// DNS . DNS     : PORT /rails_kom et_b/mappi ng
  104   ProxyPass  /4/rails_k omet_b/kom et_dashboa rd https:/ / DNS . DNS     : PORT /rails_kom et_b/komet _dashboard
  105   ProxyPassR everse /4/ rails_kome t_b/komet_ dashboard  https:// DNS . DNS     : PORT /rails_kom et_b/komet _dashboard
  106   ProxyPass  /4/rails_k omet_b/ext ernal http s:// DNS . DNS     : PORT /rails_kom et_b/exter nal
  107   ProxyPassR everse /4/ rails_kome t_b/extern al https:/ / DNS . DNS     : PORT /rails_kom et_b/exter nal
  108  
  109  
  110  
  111   #Prisme
  112   ProxyPass  /rails_pri sme/assets  https:// DNS . DNS     : PORT /rails_pri sme/assets
  113   ProxyPassR everse /ra ils_prisme /assets ht tps:// DNS . DNS     : PORT /rails_pri sme/assets
  114   ProxyPass  /rails_pri sme/welcom e https:// DNS . DNS     : PORT /rails_pri sme/welcom e
  115   ProxyPassR everse /ra ils_prisme /welcome h ttps:// DNS . DNS     : PORT /rails_pri sme/welcom e
  116   ProxyPass  /rails_pri sme/users/ sign_in ht tps:// DNS . DNS     : PORT /rails_pri sme/users/ sign_in
  117   ProxyPassR everse /ra ils_prisme /users/sig n_in https :// DNS . DNS     : PORT /rails_pri sme/users/ sign_in
  118   ProxyPass  /rails_pri sme https: // DNS . DNS     : PORT /rails_pri sme
  119   ProxyPassR everse /ra ils_prisme  https:// DNS . DNS     : PORT /rails_pri sme
  120  
  121   #Jenkins
  122   ProxyPass  /jenkins h ttps:// DNS . DNS     : PORT /jenkins
  123   ProxyPassR everse /je nkins http s:// DNS . DNS     : PORT /jenkins
  124  
  125   #ISAAC-RES T
  126   Proxypass  /isaac-res t-1 https: // DNS . DNS     : PORT /isaac-res t
  127   ProxyPassR everse /is aac-rest-1  https:// DNS . DNS     : PORT /isaac-res t
  128   Proxypass  /isaac-res t-2 https: // DNS . DNS     : PORT /isaac-res t
  129   ProxyPassR everse /is aac-rest-2  https:// DNS . DNS     : PORT /isaac-res t
  130  
  131   </VirtualH ost>
  132  
  133   #Rewrite R ules
  134   # for web4
  135   <Location  /1/isaac-r est>
  136   ProxyPass  https:// DNS . DNS     : PORT /isaac-res t_1
  137   ProxyPassR everse htt ps:// DNS . DNS     : PORT /isaac-res t
  138   </Location >
  139  
  140   # for web8 4
  141   <Location  /2/isaac-r est>
  142   ProxyPass  https:// DNS . DNS     : PORT /isaac-res t_2
  143   ProxyPassR everse  DNS . DNS     : PORT /isaac-res t
  144   </Location >
  145  
  146   # for web5
  147   <Location  /3/isaac-r est>
  148   ProxyPass  https:// DNS . DNS     : PORT /isaac-res t_1
  149   ProxyPassR everse htt ps:// DNS . DNS     : PORT /isaac-res t
  150   </Location >
  151  
  152   # for web8 5
  153   <Location  /4/isaac-r est>
  154   ProxyPass  https:// DNS . DNS     : PORT /isaac-res t_2
  155   ProxyPassR everse  DNS . DNS     : PORT /isaac-res t
  156   </Location >
  157  
  158   <Location  /nexus>
  159   ProxyPass  https:// DNS . DNS     : PORT /nexus
  160   ProxyPassR everse htt ps:// DNS . DNS     :8443/nexu s
  161   </Location >
  162  
  163   <Location  /rails_pri sme/>
  164   ProxyPass  https:// DNS . DNS     : PORT /rails_pri sme/
  165   ProxyPassR everse htt ps:// DNS . DNS     : PORT /rails_pri sme/
  166   SetEnv pro xy-sendchu nks 1
  167   </Location >
  168  
  169   #Location  for web84  komet_a
  170   <Location  /1/rails_k omet_a/>
  171   ProxyPass  https:// DNS . DNS     : PORT /rails_kom et_a/
  172   ProxyPassR everse htt ps:// DNS . DNS     : PORT /rails_kom et_a/
  173   </Location >
  174  
  175   #Location  for web84  komet_b
  176   <Location  /2/rails_k omet_b/>
  177   ProxyPass  https:// DNS . DNS     : PORT /rails_kom et_b/
  178   ProxyPassR everse htt ps:// DNS . DNS     :8080/rail s_komet_b/
  179   </Location >
  180  
  181   #Location  for web85  komet_a
  182   <Location  /3/rails_k omet_a/>
  183   ProxyPass  https:// DNS . DNS     : PORT /rails_kom et_a/
  184   ProxyPassR everse htt ps:// DNS . DNS     : PORT /rails_kom et_a/
  185   </Location >
  186  
  187   #Location  for web85  komet_b
  188   <Location  /4/rails_k omet_b/>
  189   ProxyPass  https:// DNS . DNS     : PORT /rails_kom et_b/
  190   ProxyPassR everse htt ps:// DNS . DNS     : PORT /rails_kom et_b/
  191   </Location >
  192  
  193   <Location  /git/>
  194   ProxyPass  https:// DNS . DNS     : PORT /git/
  195   ProxyPassR everse htt ps:// DNS . DNS     : PORT /git/
  196   </Location >

Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.