Le 20/01/15 23:45, Kiran Ayyagari a écrit : > On Wed, Jan 21, 2015 at 1:54 AM, Emmanuel Lécharny <[email protected]> > wrote: > >> Hi guys, >> >> I think the plugin should be back on track. >> >> I have fixed the NPE we giot while trying to open it. Please feel free >> to test that. >> >> Otherwise, I have added a few things in the LDAP/LDAPS configuration >> page, like the SASL realms (which was missing). >> >> The enabled protocols and enabled ciphers aren't functional yet. They >> need some love. At this point, having a list is simply not going to fly, >> it's way to complex. We can't add the users to add ciphers by typing >> things like : |TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384... >> >> So I'm going to open one modal popup with the list of supported ciphers, >> depending on the Java version the server will run on. >> >> For enabled protocols, I will add as many checkboxes as we have >> protocols to support : SSLv3, TLS 1.0, TLS 1.1 and TLS 1.2. Thats should >> be enough. Im not even sure we will support SSL v3 at all. >> > let us keep the option to use SSL as well
Right now, I have transformed the list of enabled protocols to a set of checkboxes : ... | Enabled protocols : | | [X] SSLv3 [X] TLSv1 [X] TLSv1.1 [X] TLSv1.2 | ... You can select the protocols the server is going to support. This set of checkboxes will update both the LDAP and LDAPS transports (LDAP support startTLS, so at some point, we need that for LDAP) I still have to change the way we handle the cipher suite. It will probably be done by tonite.
