Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
orbea -
OpenLDAP
Commits
a84d11dc
Commit
a84d11dc
authored
Feb 11, 2021
by
Quanah Gibson-Mount
Browse files
ITS
#9422
- Update for TLS v1.3
parent
496f9ced
Changes
2
Hide whitespace changes
Inline
Side-by-side
include/ldap.h
View file @
a84d11dc
...
...
@@ -179,6 +179,7 @@ LDAP_BEGIN_DECL
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_0 ((3 << 8) + 1)
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_1 ((3 << 8) + 2)
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_2 ((3 << 8) + 3)
#define LDAP_OPT_X_TLS_PROTOCOL_TLS1_3 ((3 << 8) + 4)
#define LDAP_OPT_X_SASL_CBINDING_NONE 0
#define LDAP_OPT_X_SASL_CBINDING_TLS_UNIQUE 1
...
...
libraries/libldap/tls_o.c
View file @
a84d11dc
...
...
@@ -292,6 +292,13 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
#ifdef SSL_OP_NO_TLSv1
#ifdef SSL_OP_NO_TLSv1_1
#ifdef SSL_OP_NO_TLSv1_2
#ifdef SSL_OP_NO_TLSv1_3
if
(
lo
->
ldo_tls_protocol_min
>
LDAP_OPT_X_TLS_PROTOCOL_TLS1_3
)
SSL_CTX_set_options
(
ctx
,
SSL_OP_NO_SSLv2
|
SSL_OP_NO_SSLv3
|
SSL_OP_NO_TLSv1
|
SSL_OP_NO_TLSv1_1
|
SSL_OP_NO_TLSv1_2
|
SSL_OP_NO_TLSv1_3
);
else
#endif
if
(
lo
->
ldo_tls_protocol_min
>
LDAP_OPT_X_TLS_PROTOCOL_TLS1_2
)
SSL_CTX_set_options
(
ctx
,
SSL_OP_NO_SSLv2
|
SSL_OP_NO_SSLv3
|
SSL_OP_NO_TLSv1
|
SSL_OP_NO_TLSv1_1
|
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment