← Back to branch summary

~ubuntu-branches/debian/experimental/389-ds-base/experimental

« back to all changes in this revision

Viewing changes to ldap/servers/slapd/ssl.c

  • Committer: Package Import Robot
  • Author(s): Timo Aaltonen
  • Date: 2014-07-08 15:50:11 UTC
  • mfrom: (0.2.2)
  • Revision ID: package-import@ubuntu.com-20140708155011-r66lvtioamqwaype
Tags: 1.3.2.19-1
* New upstream release.
* admin_scripts.diff: Updated to fix more bashisms.
* watch: Update the url.
* Install failedbinds.py and logregex.py scripts.
* init: Use status from init-functions.
* control: Update my email.

Show diffs side-by-side

added added

removed removed

Lines of Context:
ldap/servers/slapd/ssl.c
135
135
    {"SSL3","fips_des_sha", SSL_RSA_FIPS_WITH_DES_CBC_SHA}, /* ditto */
136
136
    {"SSL3","rsa_rc4_40_md5", SSL_RSA_EXPORT_WITH_RC4_40_MD5},
137
137
    {"SSL3","rsa_rc2_40_md5", SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5},
138
 
    {"SSL3","rsa_null_md5", SSL_RSA_WITH_NULL_MD5},
139
 
    {"SSL3","rsa_null_sha", SSL_RSA_WITH_NULL_SHA},
 
138
    {"SSL3","rsa_null_md5", SSL_RSA_WITH_NULL_MD5}, /* disabled by default */
 
139
    {"SSL3","rsa_null_sha", SSL_RSA_WITH_NULL_SHA}, /* disabled by default */
140
140
    {"TLS","tls_rsa_export1024_with_rc4_56_sha", TLS_RSA_EXPORT1024_WITH_RC4_56_SHA},
141
141
    {"TLS","rsa_rc4_56_sha", TLS_RSA_EXPORT1024_WITH_RC4_56_SHA}, /* ditto */
142
142
    {"TLS","tls_rsa_export1024_with_des_cbc_sha", TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA},
265
265
     *       them to activate it by name. */
266
266
    for(x = 0; _conf_ciphers[x].name; x++)  {
267
267
        PRBool enabled = active ? PR_TRUE : PR_FALSE;
268
 
        if(active && !strcmp(_conf_ciphers[x].name, "rsa_null_md5"))  {
 
268
        if(active && (!strcmp(_conf_ciphers[x].name, "rsa_null_md5") ||
 
269
                      !strcmp(_conf_ciphers[x].name, "rsa_null_sha")))
 
270
        {
269
271
            continue;
270
272
        }
271
273
        if (enabled) {
317
319
        slapi_ch_free((void **)&suplist); /* strings inside are static */
318
320
        return NULL;
319
321
    }
320
 
/* Enable all the ciphers by default and the following while loop would disable the user disabled ones This is needed becuase we added a new set of ciphers in the table . Right now there is no support for this from the console */   
 
322
    /*
 
323
     * Enable all the ciphers by default and the following while loop would
 
324
     * disable the user disabled ones.  This is needed because we added a new
 
325
     * set of ciphers in the table. Right now there is no support for this
 
326
     * from the console
 
327
     */
321
328
    _conf_setallciphers(1, &suplist, NULL);
322
329
 
323
330
    t = ciphers;