[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8580) force openssl use the server side cipher preference

To: openldap-its@OpenLDAP.org
Subject: (ITS#8580) force openssl use the server side cipher preference
From: sca+openldap@andreasschulze.de
Date: Fri, 03 Feb 2017 16:41:15 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Andreas Schulze
Version: RE24
OS: Linux
URL: ftp://ftp.openldap.org/incoming/andreas-schulze-20170203.patch
Submission from: (NULL) (2001:a60:f0b4:e502:758b:b0b2:3fc:f121)


In OpenSSL client and Server may select a cipher.
The patch force the cipher preference is force by the server
and not by the client, which is a openssl default

Let the server select ciphers is best practice for webservers for example.

Prev by Date: (ITS#8579) LMDB: me_fd should be O_CLOEXEC on POSIX systems
Next by Date: (ITS#8581) slapd-meta backend SSL negociation timeout
Index(es):
- Chronological
- Thread