From c9cf025fadfe043f0f2f679e10d1207d8a158bb6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 17:01:31 +0200
Subject: Adding debian version 2.4.57-2.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 debian/perl-framework/t/conf/http2.conf.in | 105 +++++++++++++++++++++++++++++
 1 file changed, 105 insertions(+)
 create mode 100644 debian/perl-framework/t/conf/http2.conf.in

(limited to 'debian/perl-framework/t/conf/http2.conf.in')

diff --git a/debian/perl-framework/t/conf/http2.conf.in b/debian/perl-framework/t/conf/http2.conf.in
new file mode 100644
index 0000000..2e6ca67
--- /dev/null
+++ b/debian/perl-framework/t/conf/http2.conf.in
@@ -0,0 +1,105 @@
+##
+## mod_http2 test config
+##
+
+<IfDefine APACHE2>
+    <IfModule http2_module>
+
+        LogLevel http2:debug
+        
+        <VirtualHost h2c>
+            Protocols h2c http/1.1
+
+            <IfModule @CGI_MODULE@>
+                <Directory @SERVERROOT@/htdocs/modules/h2>
+                    Options +ExecCGI
+                    AddHandler cgi-script .pl
+
+                </Directory>
+            </IfModule>
+            
+            <Location /modules/h2/hello.pl>
+            </Location>
+            <IfModule mod_rewrite.c>
+                RewriteEngine on
+                RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC]
+            </IfModule>
+            
+        </VirtualHost>
+
+        <IfModule @ssl_module@>
+        
+        <VirtualHost @SERVERNAME@:h2>
+                Protocols h2 http/1.1
+                H2Direct on
+
+                SSLEngine on
+                SSLCACertificateFile @SSLCA@/asf/certs/ca.crt
+                SSLCACertificatePath @ServerRoot@/conf/ssl
+                SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl
+                SSLCARevocationCheck chain
+
+                # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
+                #
+                SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
+                SSLProtocol All -SSLv2 -SSLv3
+                SSLOptions +StdEnvVars
+                
+                <IfVersion >= 2.4.18>
+                    # need this off as long as we ran on old openssl 
+                    H2ModernTLSOnly off
+                </IfVersion>
+                
+                <IfModule @CGI_MODULE@>
+                    <Directory @SERVERROOT@/htdocs/modules/h2>
+                        Options +ExecCGI
+                        AddHandler cgi-script .pl
+                    </Directory>
+                </IfModule>
+                
+                <Location /modules/h2/hello.pl>
+                </Location>
+                <IfModule mod_rewrite.c>
+                    RewriteEngine on
+                    RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC]
+                </IfModule>
+
+            </VirtualHost>
+
+            <VirtualHost noh2.example.org:h2>
+                Protocols http/1.1
+                H2Direct off
+            </VirtualHost>
+            
+            <VirtualHost test.example.org:h2>
+                Protocols h2 http/1.1
+                H2Direct on
+
+                SSLEngine on
+                SSLCACertificateFile @SSLCA@/asf/certs/ca.crt
+                SSLCACertificatePath @ServerRoot@/conf/ssl
+                SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl
+                SSLCARevocationCheck chain
+
+                # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
+                #
+                SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
+                SSLProtocol All -SSLv2 -SSLv3
+                SSLOptions +StdEnvVars
+                
+            </VirtualHost>
+            
+            <VirtualHost test2.example.org:h2>
+                Protocols http/1.1 h2
+                H2Direct on
+            </VirtualHost>
+            
+            <VirtualHost test-ser.example.org:h2>
+            </VirtualHost>
+            
+        </ifModule>
+
+    </IfModule>
+
+</IfDefine>
+
-- 
cgit v1.2.3