Thursday, March 12, 2015

[389-commits] src/com

src/com/netscape/admin/dirserv/panel/EncryptionPanel.java | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)

New commits:
commit bd9360ef4f91722ea78ba665ea94d1cb60a6d357
Author: Noriko Hosoi <nhosoi@redhat.com>
Date: Thu Mar 12 14:18:41 2015 -0700

Ticket #48130 - Add "+all" and "-TLS_RSA_WITH_AES_128_GCM_SHA256" to Console Cipher Preference for TLS

Description: Console needs to adjust the cipher settings in nsSSL3Ciphers
(cn=encryption,cn=config) to the server side's SSL updates.

https://fedorahosted.org/389/ticket/48130

Reviewed by rmeggins@redhat.com (Thank you, Rich!!)

diff --git a/src/com/netscape/admin/dirserv/panel/EncryptionPanel.java b/src/com/netscape/admin/dirserv/panel/EncryptionPanel.java
index 6b2cbc3..4985cff 100644
--- a/src/com/netscape/admin/dirserv/panel/EncryptionPanel.java
+++ b/src/com/netscape/admin/dirserv/panel/EncryptionPanel.java
@@ -415,8 +415,8 @@ public class EncryptionPanel extends BlankPanel
Frame f = getModel().getFrame();
CipherPreferenceDialog dlg;

- Debug.println(4,
- "EncryptionPanel.showCipherPreferenceDialog: cipher = " + cipher);
+ Debug.println(4, "EncryptionPanel.showCipherPreferenceDialog: cipher = " + cipher);
+ Debug.println(4, "EncryptionPanel.showCipherPreferenceDialog: TLS_OFF = " + _configData.CIPHER_TLS_OFF);
dlg = new CipherPreferenceDialog(f, null, _configData.CIPHER_SSL3_OFF, _configData.CIPHER_TLS_OFF);
dlg.setCipherEnabled(dlg.SSL_V3, _configData.cipherPrefs);
dlg.setCipherEnabled(dlg.SSL_TLS, _configData.cipherPrefs);
@@ -774,11 +774,13 @@ class EncryptionConfigData {
"-fortezza_null";

// Cipher list to build the TLS tab in the cipher dialog
- static final String CIPHER_TLS_OFF = "-tls_rsa_export1024_with_rc4_56_sha," +
+ static final String CIPHER_TLS_OFF = "+all," +
+ "-tls_rsa_export1024_with_rc4_56_sha," +
"-tls_rsa_export1024_with_des_cbc_sha," +
"-tls_rsa_aes_128_sha," +
- "-tls_rsa_aes_256_sha";
-
+ "-tls_rsa_aes_256_sha," +
+ "-TLS_RSA_WITH_AES_128_GCM_SHA256";
+
// Reads the directory and initializes this instance
public void readFromDirectory(LDAPConnection ldc, LDAPConnection sieldc, String sieDn)
throws LDAPException {


--
389 commits mailing list
389-commits@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-commits

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)