Issue 7686 - Feature request: TLS prot/cipher retrievable with ldap_get_option()
Summary: Feature request: TLS prot/cipher retrievable with ldap_get_option()
Status: VERIFIED FIXED
Alias: None
Product: OpenLDAP
Classification: Unclassified
Component: slapd (show other issues)
Version: unspecified
Hardware: All All
: --- normal
Target Milestone: 2.5.0
Assignee: OpenLDAP project
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-09-09 17:22 UTC by Michael Ströder
Modified: 2020-10-14 21:04 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description Michael Ströder 2013-09-09 17:22:22 UTC 
Full_Name: 
Version: 
OS: 
URL: 
Submission from: (NULL) (79.227.140.201)


Similar to logging at server-side (see ITS#7683) it should be possible for a
LDAP client to retrieve the TLS protocol version and cipher suites actually
negotiated by call to ldap_get_option(3) to be able to make decisions according
to local security policy.
Comment 1 Howard Chu 2013-09-09 18:53:17 UTC 
michael@stroeder.com wrote:
> Full_Name:
> Version:
> OS:
> URL:
> Submission from: (NULL) (79.227.140.201)
>
>
> Similar to logging at server-side (see ITS#7683) it should be possible for a
> LDAP client to retrieve the TLS protocol version and cipher suites actually
> negotiated by call to ldap_get_option(3) to be able to make decisions according
> to local security policy.
>
>
Added in master, tho I logged it against ITS#7683.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/
Comment 2 Howard Chu 2013-10-18 13:53:57 UTC 
changed notes
changed state Open to Test
moved from Incoming to Software Enhancements
Comment 3 OpenLDAP project 2014-08-01 21:04:57 UTC 
added in master