ldap/servers
by Mark Reynolds
ldap/servers/slapd/ssl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 6b61e05e04661312871c0b1c6121901d786d54c3
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu Jul 7 14:53:48 2016 -0400
Ticket 48743 - If a cipher is disabled do not attempt to look it up
Description: Even if a SSL cipher is disabled the server still attempts
to locate the cipher in the security library. If the disabled
cipher is unknown it logs a warning at server startup, but
if it's disabled there is no reason to check if it exists.
https://fedorahosted.org/389/ticket/48743
Reviewed by: nhosoi(Thanks!)
diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c
index 12a0360..b176460 100644
--- a/ldap/servers/slapd/ssl.c
+++ b/ldap/servers/slapd/ssl.c
@@ -749,7 +749,7 @@ _conf_setciphers(char *ciphers, int flags)
if (lookup) { /* lookup with old cipher name and get NSS cipherSuiteName */
for (i = 0; _lookup_cipher[i].alias; i++) {
if (!PL_strcasecmp(ciphers, _lookup_cipher[i].alias)) {
- if (!_lookup_cipher[i].name[0]) {
+ if (enabled && !_lookup_cipher[i].name[0]) {
slapd_SSL_warn("Cipher suite %s is not available in NSS %d.%d. Ignoring %s",
ciphers, NSS_VMAJOR, NSS_VMINOR, ciphers);
continue;
7 years, 8 months
admserv/cfgstuff
by Mark Reynolds
admserv/cfgstuff/console.conf.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
New commits:
commit 7d6245d938c4aa5432eba9764dcbdf3838d86c77
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Wed Jul 6 10:34:08 2016 -0400
TIcket 48823 - Admin Server - Add IPv6 support
Description: Update the comments in console.conf to represent the
current admin server default port.
https://fedorahosted.org/389/ticket/48823
Reviewed by: nhosoi(Thanks!)
diff --git a/admserv/cfgstuff/console.conf.in b/admserv/cfgstuff/console.conf.in
index 0b7f106..26250f6 100644
--- a/admserv/cfgstuff/console.conf.in
+++ b/admserv/cfgstuff/console.conf.in
@@ -80,9 +80,9 @@ ErrorLog @logdir@/error
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
-# e.g. "Listen 12.34.56.78:80"
+# e.g. "Listen 12.34.56.78:9830"
#
-# To allow connections to IPv6 addresses add "Listen [::]:80"
+# To allow connections to use IPv6 addresses add "Listen [::]:9830"
#
Listen @admservip@:@admservport@
7 years, 8 months
src/com
by Mark Reynolds
src/com/netscape/admin/dirserv/panel/replication/HostInfoDialog.java | 39 ++++++++--
1 file changed, 33 insertions(+), 6 deletions(-)
New commits:
commit 2163fdb2775b6c04532a06fca08a4212d8ff277b
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Wed Jul 6 10:04:32 2016 -0400
Ticket 48823 - ds-console - add IPv6 support
Description: In the replication agreement wizard allow the characters
needed for IPv6 addresses according to RFC 2732.
Also, if the IPv6 address is not enclosed in brackets
then add the brackets (this is really needed by ldapjdk).
https://fedorahosted.org/389/ticket/48823
Reviewed by: nhosoi(Thanks!)
diff --git a/src/com/netscape/admin/dirserv/panel/replication/HostInfoDialog.java b/src/com/netscape/admin/dirserv/panel/replication/HostInfoDialog.java
index 48ed18e..6839004 100644
--- a/src/com/netscape/admin/dirserv/panel/replication/HostInfoDialog.java
+++ b/src/com/netscape/admin/dirserv/panel/replication/HostInfoDialog.java
@@ -19,13 +19,31 @@
package com.netscape.admin.dirserv.panel.replication;
-import java.awt.*;
-import java.awt.event.*;
-import javax.swing.*;
-import javax.swing.event.*;
+import java.awt.BorderLayout;
+import java.awt.Component;
+import java.awt.Cursor;
+import java.awt.GridBagConstraints;
+import java.awt.GridBagLayout;
+import java.awt.Insets;
+import java.awt.event.ActionEvent;
+import java.awt.event.ActionListener;
+import java.awt.event.MouseEvent;
+import java.awt.event.MouseMotionListener;
+
+import javax.swing.Box;
+import javax.swing.JButton;
+import javax.swing.JFrame;
+import javax.swing.JLabel;
+import javax.swing.JPanel;
+import javax.swing.JTextField;
+import javax.swing.event.DocumentEvent;
+import javax.swing.event.DocumentListener;
+
import com.netscape.admin.dirserv.DSUtil;
import com.netscape.admin.dirserv.panel.UIFactory;
-import com.netscape.management.client.util.*;
+import com.netscape.management.client.util.AbstractDialog;
+import com.netscape.management.client.util.Debug;
+import com.netscape.management.client.util.ResourceSet;
/**
@@ -174,10 +192,11 @@ class HostInfoDialog extends AbstractDialog
for (int i = 0; host_ok && (i < host.length()); i++) {
if ( (Character.UnicodeBlock.of(host.charAt(i)) != Character.UnicodeBlock.BASIC_LATIN) ||
( (!Character.isLetterOrDigit(host.charAt(i))) && (host.charAt(i) != '.') &&
+ (host.charAt(i) != ':') && (host.charAt(i) != '[') && (host.charAt(i) != ']') &&
(host.charAt(i) != '-') ) ) {
host_ok = false;
}
- }
+ }
try {
int value = Integer.parseInt(_portText.getText());
@@ -239,6 +258,14 @@ class HostInfoDialog extends AbstractDialog
} catch(NumberFormatException ex) {
return;
}
+
+ if (!_fqHostName.startsWith("[") && _fqHostName.contains(":")){
+ // Looks like an IPv6 address without brackets... add them
+ StringBuilder sb = new StringBuilder("[");
+ sb.append(_fqHostName);
+ sb.append("]");
+ _fqHostName = sb.toString();
+ }
_isOk = true;
setVisible(false);
dispose();
7 years, 8 months