Project

General

Profile

Tâche #11341

Désactiver le SSLv3 sur l'annuaire

Added by Joël Cuissinat almost 8 years ago. Updated over 7 years ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Laurent Flori
Target version:
Distribution EOLE - Sprint 2015 49-51 - Équipe MENESR
Start date:
12/01/2015
Due date:
% Done:

100%

Estimated time:
3.00 h
Spent time:
1.33 h
Remaining (hours):
0.0

Associated revisions

Revision 77946995 (diff)
Added by lolo over 7 years ago

Correction de la liste des suites de chiffrement
fixes: #11341 @1h

History

#1 Updated by Laurent Flori over 7 years ago

  • Assigned To set to Laurent Flori

#2 Updated by Scrum Master over 7 years ago

  • Status changed from Nouveau to En cours
  • Start date set to 12/01/2015

#3 Updated by Anonymous over 7 years ago

  • Status changed from En cours to Résolu
  • % Done changed from 0 to 100

#4 Updated by Joël Cuissinat over 7 years ago

  • Remaining (hours) changed from 3.0 to 0.5
  • Avant (2.5.1) :
    root@scribe:~# openssl s_client -connect localhost:636 -ssl3
   [ ... ]
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : AES256-SHA
    Session-ID: 0C2D17F9F30FABC2C6A54711237117D1704A2F29D3036476B8BCFCCC44D39248
    Session-ID-ctx: 
    Master-Key: 75DC04526CCCD80A14FD38490C51F83AA529066BC9346EF1787C7DADB8A0ED3F493B1172080A0CBF4176CD1FF7B51B01
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1449242571
    Timeout   : 7200 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
  • Après (2.5.2) :
    root@scribe:~# openssl s_client -connect localhost:636 -ssl3
CONNECTED(00000003)
139631814735520:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:339:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : 0000
    Session-ID: 
    Session-ID-ctx: 
    Master-Key: 
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1449243671
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---

#5 Updated by Joël Cuissinat over 7 years ago

  • Status changed from Résolu to Fermé
  • Remaining (hours) changed from 0.5 to 0.0

Also available in: Atom PDF