src/com/netscape/admin/dirserv/panel/EncryptionPanel.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
New commits: commit f668294a80f37dad8be85348fbe582e817ef2361 Author: Mark Reynolds mreynolds@redhat.com Date: Tue Jan 20 12:47:37 2015 -0500
Ticket 47994 - DS Console always sets nsSSL3 to "on" when a securty setting is adjusted
Bug Description: The DS console always sets "nsSSL3: on" when a security setting is changed. SSL3 should not be enabled.
Fix Description: Instead set "nsTLS1: on" which is what we really want.
https://fedorahosted.org/389/ticket/47994
Reviewed by: rmeggins(Thanks!)
diff --git a/src/com/netscape/admin/dirserv/panel/EncryptionPanel.java b/src/com/netscape/admin/dirserv/panel/EncryptionPanel.java index 20d885f..6b2cbc3 100644 --- a/src/com/netscape/admin/dirserv/panel/EncryptionPanel.java +++ b/src/com/netscape/admin/dirserv/panel/EncryptionPanel.java @@ -898,7 +898,7 @@ class EncryptionConfigData { attrs.add(new LDAPAttribute("nsssltoken", setup.selectedDevice)); if (setup.selectedCertificate.length() >= 1) {
- // Strip off the "<token>:" prefix for certs on extrnal tokens + // Strip off the "<token>:" prefix for certs on external tokens String cert = setup.selectedCertificate; String tokenPrefix = setup.selectedDevice + ":"; if (cert.startsWith(tokenPrefix)) { @@ -921,7 +921,7 @@ class EncryptionConfigData { // cn=encryption,cn=config LDAPModificationSet modSet = new LDAPModificationSet(); String v = sslServerOn ? "on" : "off"; - modSet.add(LDAPModification.REPLACE, new LDAPAttribute("nsssl3", v)); + modSet.add(LDAPModification.REPLACE, new LDAPAttribute("nsTLS1", v)); switch(clientAuth) { case CLIENT_AUTH_ALLOWED: v = "allowed";
389-commits@lists.fedoraproject.org