This is an automated email from the git hooks/post-receive script.
mhonek pushed a commit to branch 389-ds-base-1.4.1
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.1 by this push:
new 2a64658 Issue 50711 - `dsconf security` lacks option for setting
nsTLSAllowClientRenegotiation attribute
2a64658 is described below
commit 2a64658109e0dc3163e463b064664ecf2d7867aa
Author: Matus Honek <mhonek(a)redhat.com>
AuthorDate: Tue Nov 12 18:26:29 2019 +0100
Issue 50711 - `dsconf security` lacks option for setting nsTLSAllowClientRenegotiation
attribute
Bug Description:
dsconf security is not able to handle nsTLSAllowClientRenegotiation attribute.
Fix Description:
Add the respective option for dsconf.
Relates
https://pagure.io/389-ds-base/issue/50711
Author: Matus Honek <mhonek(a)redhat.com>
Review by: spichugin, mreynolds (thanks!)
(cherry picked from commit 7b1144eadcf2dd66fba43ce6dc884940bc2771e8)
---
src/lib389/lib389/cli_conf/security.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/lib389/lib389/cli_conf/security.py
b/src/lib389/lib389/cli_conf/security.py
index 0273817..1d60a2f 100644
--- a/src/lib389/lib389/cli_conf/security.py
+++ b/src/lib389/lib389/cli_conf/security.py
@@ -30,6 +30,9 @@ SECURITY_ATTRS_MAP = OrderedDict([
('tls-client-auth', Props(Encryption, 'nsSSLClientAuth',
'Client authentication requirement',
('off', 'allowed', 'required'))),
+ ('tls-client-renegotiation', Props(Encryption,
'nsTLSAllowClientRenegotiation',
+ 'Allow client TLS renegotiation',
+ onoff)),
('require-secure-authentication', Props(Config,
'nsslapd-require-secure-binds',
'Require binds over LDAPS, StartTLS, or
SASL',
onoff)),
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.