[Fedora-directory-commits] console/src/com/netscape/management/client/security CipherPreferenceDialog.java, 1.1.1.1, 1.2

Richard Allen Megginson (rmeggins) fedora-directory-commits at redhat.com
Tue Jul 15 17:27:00 UTC 2008


Author: rmeggins

Update of /cvs/dirsec/console/src/com/netscape/management/client/security
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15441/console/src/com/netscape/management/client/security

Modified Files:
	CipherPreferenceDialog.java 
Log Message:
Bump version to 1.1.2
Disable SSLv2 ciphers by default - they are disabled on the server side anyway, so you can't enable them, but this just makes it clear what's going on
Do not use thread.stop - this causes threading issues with modern JVMs
Added support for debugging in Eclipse
Added more debugging log information



Index: CipherPreferenceDialog.java
===================================================================
RCS file: /cvs/dirsec/console/src/com/netscape/management/client/security/CipherPreferenceDialog.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- CipherPreferenceDialog.java	18 Jul 2005 00:34:16 -0000	1.1.1.1
+++ CipherPreferenceDialog.java	15 Jul 2008 17:26:58 -0000	1.2
@@ -103,6 +103,8 @@
     public final static String RSA_RC4_128_MD5 = "rsa_rc4_128_md5";
     /**SSL3 Domestic - Triple DES with 168 bit encryption and SHA message authentication*/
     public final static String RSA_3DES_SHA    = "rsa_3des_sha";
+    /**SSL3 Domestic - RC4 with 128 bit encryption and SHA message authentication*/
+    public final static String RSA_RC4_128_SHA = "rsa_rc4_128_sha";
 
     // fortezza ciphers
     /**SSL3 Domestic - Fortezza with 80 bit encryption and SHA message authentication */
@@ -117,14 +119,14 @@
     public final static String RSA_FIPS_3DES_SHA = "fips_3des_sha";
 
     /* default SSL V2 export ciphers */
-    final static String V2EXPORT   = "+"+RC4EXPORT+
-                                  ",+"+RC2EXPORT;
+    final static String V2EXPORT   = "-"+RC4EXPORT+
+                                  ",-"+RC2EXPORT;
 
     /* default SSL V2 domestic ciphers */
-    final static String V2DOMESTIC = "+"+RC4+
-                                  ",+"+RC2+
-                                  ",+"+DES+
-                                  ",+"+DES3;
+    final static String V2DOMESTIC = "-"+RC4+
+                                  ",-"+RC2+
+                                  ",-"+DES+
+                                  ",-"+DES3;
     
     /* default SSL V3 domestic ciphers */
     final static String V3EXPORT   = "+"+RSA_RC4_40_MD5+
@@ -523,6 +525,9 @@
 		cipherEntry = new CipherEntry(cipher, true, des, 56, md5, SSL_V2);
 	    } else if (cipher.equals(DES3)) {
 		cipherEntry = new CipherEntry(cipher, true, des, 168, md5, SSL_V2);
+	    } else {
+	    	Debug.println("CipherPreferenceDialog.createCipherEntry(): " +
+	    				  "Unknown SSLv2 cipher: " + cipher);
 	    }
 
 	//V3/TLS Cipher
@@ -551,6 +556,9 @@
 		cipherEntry = new CipherEntry(cipher, true, rc4+" "+fortezza, 128, sha, SSL_V3);
 	    } else if (cipher.equals(FORTEZZA_NULL)) {
 		cipherEntry = new CipherEntry(cipher, false, none+" "+fortezza, 0, sha, SSL_V3);
+	    } else {
+	    	Debug.println("CipherPreferenceDialog.createCipherEntry(): " +
+	    				  "Unknown SSLv3 cipher: " + cipher);
 	    }
 
 	    //TLS ciphers
@@ -559,7 +567,10 @@
 		    cipherEntry = new CipherEntry(cipher, true, des, 56, sha, SSL_V3, true);
 		} else if (cipher.equals(TLS_RSA_RC4_SHA)) {
 		    cipherEntry = new CipherEntry(cipher, true, rc4, 56, sha, SSL_V3, true);
-		}
+	    } else {
+	    	Debug.println("CipherPreferenceDialog.createCipherEntry(): " +
+	    				  "Unknown TLSv1 cipher: " + cipher);
+	    }
 	    }
 	}
 




More information about the Fedora-directory-commits mailing list