If nsslapd-security is "on" and nsSSL3Ciphers is given AND none of the ciphers are available or some syntax error is detected, the server sets nsslapd-security "off" and starts.
git patch file (master) 0002-Ticket-47895-If-no-effective-ciphers-are-available-d.patch
CI test is included in dirsrvtests/tickets/ticket47838_test.py.
In:
{{{ "ERROR: %s Initial:ization Failed. Disabling %s.\n" }}}
is that colon just a stray character that should be removed?
{{{ "ERROR: Failed to disabling %s: \"%s\".\n" }}}
language correction - it should be "Failed to disable", not "Failed to disabling".
I don't know if there's a rule about the length of error messages, but that one seems quite uninformative, as a user it's always nice to see a bit more detail about what went wrong, perhaps?
Replying to [comment:5 adamwill]:
In: {{{ "ERROR: %s Initial:ization Failed. Disabling %s.\n" }}} is that colon just a stray character that should be removed? In: {{{ "ERROR: Failed to disabling %s: \"%s\".\n" }}} language correction - it should be "Failed to disable", not "Failed to disabling".
Thank you, Adam! I should have reread the strings that compiler does not tell me to fix... :p Fixing it...
The possibilities of the failure in config_set_security is NULL value or invalid value. They are set to errorbuf, e.g., nsslapd-secure: invalid value \"%s\". Valid values are \"on\" or \"off\"." So, I think there's no further confusion there.
git patch file (master) -- revised the typos pointed by Adam (Thank you!!) 0003-Ticket-47895-If-no-effective-ciphers-are-available-d.patch
Reviewed by Nathan (Thank you!!)
Pushed to master: de57632..0f1a203 master -> master commit 0f1a203
Pushed to 389-ds-base-1.3.3: 55e317f..cad5b96 389-ds-base-1.3.3 -> 389-ds-base-1.3.3 commit cad5b96
Metadata Update from @nhosoi: - Issue assigned to nhosoi - Issue set to the milestone: 1.3.3 backlog
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1226
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Log in to comment on this ticket.