upstream/oracle/userland-gate: changeset 4750:aff83d5fcb23

--- a/components/openldap/patches/01-no-ssl3.patch	Mon Aug 03 23:01:51 2015 -0700
+++ b/components/openldap/patches/01-no-ssl3.patch	Fri Aug 07 17:51:40 2015 -0600
@@ -13,7 +13,7 @@
  #DEREF		never
 +
 +TLS_PROTOCOL_MIN	3.2
-+TLS_CIPHER_SUITE	-ALL:+TLSv1.2:+TLSv1.1
++TLS_CIPHER_SUITE	TLSv1.2:!aNULL:!eNULL:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-DES-CBC3-SHA:DHE-DSS-DES-CBC3-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA
 --- openldap-2.4.30/servers/slapd/slapd.conf.old	Mon Jun  1 16:47:47 2015
 +++ openldap-2.4.30/servers/slapd/slapd.conf	Mon Jun  1 16:47:59 2015
 @@ -22,10 +22,12 @@
@@ -22,8 +22,8 @@
  #	Require 112-bit (3DES or better) encryption for updates
  #	Require 63-bit encryption for simple bind
  # security ssf=1 update_ssf=112 simple_bind=64
-+TLSProtocolMin	3.2
-+TLSCipherSuite	-ALL:+TLSv1.2:+TLSv1.1
++TLSProtocolMin	770
++TLSCipherSuite	TLSv1.2:!aNULL:!eNULL:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-DES-CBC3-SHA:DHE-DSS-DES-CBC3-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA
  
  # Sample access control policy:
  #	Root DSE: allow anyone to read it

author	zihao.zhu@oracle.com <zihao.zhu@oracle.com>
	Fri, 07 Aug 2015 17:51:40 -0600
branch	s11-update
changeset 4750	aff83d5fcb23
parent 4735	d31dad6299ac
child 4752	3409fc90e641