upstream/oracle/userland-gate: changeset 4748:976281af43d9

--- a/components/openldap/patches/01-no-ssl3.patch	Fri Aug 07 14:59:43 2015 -0700
+++ b/components/openldap/patches/01-no-ssl3.patch	Fri Aug 07 16:20:13 2015 -0600
@@ -13,7 +13,7 @@
  #DEREF		never
 +
 +TLS_PROTOCOL_MIN	3.2
-+TLS_CIPHER_SUITE	-ALL:+TLSv1.2:+TLSv1.1
++TLS_CIPHER_SUITE	TLSv1.2:!aNULL:!eNULL:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-DES-CBC3-SHA:DHE-DSS-DES-CBC3-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA
 --- openldap-2.4.30/servers/slapd/slapd.conf.old	Mon Jun  1 16:47:47 2015
 +++ openldap-2.4.30/servers/slapd/slapd.conf	Mon Jun  1 16:47:59 2015
 @@ -22,10 +22,12 @@
@@ -22,8 +22,8 @@
  #	Require 112-bit (3DES or better) encryption for updates
  #	Require 63-bit encryption for simple bind
  # security ssf=1 update_ssf=112 simple_bind=64
-+TLSProtocolMin	3.2
-+TLSCipherSuite	-ALL:+TLSv1.2:+TLSv1.1
++TLSProtocolMin	770
++TLSCipherSuite	TLSv1.2:!aNULL:!eNULL:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-DES-CBC3-SHA:DHE-DSS-DES-CBC3-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA
  
  # Sample access control policy:
  #	Root DSE: allow anyone to read it

author	zihao.zhu@oracle.com <zihao.zhu@oracle.com>
	Fri, 07 Aug 2015 16:20:13 -0600
changeset 4748	976281af43d9
parent 4747	0e43ac303e45
child 4749	a34fb58473e0