Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:fsirl:openldap
openldap2
0239-ITS-9422-Update-for-TLS-v1.3.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0239-ITS-9422-Update-for-TLS-v1.3.patch of Package openldap2
From c51c78f50b96eb07dcaf45b237e03ae0291c30e2 Mon Sep 17 00:00:00 2001 From: Quanah Gibson-Mount <quanah@openldap.org> Date: Thu, 11 Feb 2021 17:26:39 +0000 Subject: [PATCH 239/241] ITS#9422 - Update for TLS v1.3 --- include/ldap.h | 1 + libraries/libldap/tls_o.c | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/include/ldap.h b/include/ldap.h index c245651c27..149b9ea725 100644 --- a/include/ldap.h +++ b/include/ldap.h @@ -176,6 +176,7 @@ LDAP_BEGIN_DECL #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_0 ((3 << 8) + 1) #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_1 ((3 << 8) + 2) #define LDAP_OPT_X_TLS_PROTOCOL_TLS1_2 ((3 << 8) + 3) +#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_3 ((3 << 8) + 4) /* OpenLDAP SASL options */ #define LDAP_OPT_X_SASL_MECH 0x6100 diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c index 27bd7fa982..41d34a94bb 100644 --- a/libraries/libldap/tls_o.c +++ b/libraries/libldap/tls_o.c @@ -279,6 +279,13 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) #ifdef SSL_OP_NO_TLSv1 #ifdef SSL_OP_NO_TLSv1_1 #ifdef SSL_OP_NO_TLSv1_2 +#ifdef SSL_OP_NO_TLSv1_3 + if ( lo->ldo_tls_protocol_min > LDAP_OPT_X_TLS_PROTOCOL_TLS1_3) + SSL_CTX_set_options( ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | + SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | + SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3 ); + else +#endif if ( lo->ldo_tls_protocol_min > LDAP_OPT_X_TLS_PROTOCOL_TLS1_2) SSL_CTX_set_options( ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | -- 2.35.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor