[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: [EXT] Re: SSL / TLS 1.0 - exposed in SSF?

To: Quanah Gibson-Mount <quanah@symas.com>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: RE: [EXT] Re: SSL / TLS 1.0 - exposed in SSF?
From: Aaron Bennett <abennett@clarku.edu>
Date: Fri, 22 Nov 2019 17:24:13 +0000
Accept-language: en-US
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=clarku.edu; dmarc=pass action=none header.from=clarku.edu; dkim=pass header.d=clarku.edu; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cFzdLS18ocx1SgPJhiFG3tnCIMnbMDJdB/slCFJfEPc=; b=h6tJfxyJePcHKrfNj2btG8g+glUqrlYTkOEwPPHGtkGQCfBw5ZjHrTC16awHWUzqoH8bZ7f7TjXkxjKysgNxzmlJ7bWZvtG+ehIeso1URr98rAOedBuOTcePtRymkv/desG2aARbIKo5dq+26lBWwr/II/t4s4mc2MQe0NRPgzpxle1Bp8+vl7onx2KR2OZ5MD3CdL/2QCH5UIGuUoPCl0CF+kL6ak/4HfS/EaLf/KyxYerf5/NiSBOPffxlXLWUU9RH8k6nxc9bMWLqydv0ycRhFoVOk8j+UKP6Gfe1BFMCZ5rKSemzI6G8rI0M3S+98aV/wCIBCdn51NRmRzlgOw==
Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nU42efNUUNadMkZ1WZZzqp7jEpja4iU38pYmgjQJF5LxwlGIVfdKZp/iL3GVg0OA/N0QJSkl2khBusBeElgQy2pOXBMn+sheoBfyPoS4aJ6HS7TMySHGwFJpFyVzWsFBrB7uJOfoH4J4XpSaDG/1VHqTJbAjI8IvJcEgctgiF0Jzxo8jJJEaaFoIw39VT1R3o1kgd18XJpEsY9QbnJS0BeKNJyl1AWsbZh+loXRfLxiMsmg+l+nDDcXSK6YeIe5aEPnYpkQlhRmxYUTaI7Q1I0WTDBT782+TUqYDWVOy9oY03eETqAZoivMTNjjOiXp27FGOYA1C7qO2UyH+00G4vQ==
Authentication-results: spf=none (sender IP is ) smtp.mailfrom=abennett@clarku.edu;
Content-language: en-US
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=clarkuedu.onmicrosoft.com; s=selector1-clarkuedu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cFzdLS18ocx1SgPJhiFG3tnCIMnbMDJdB/slCFJfEPc=; b=GEzi3CYsjKLaxQpKElBzw7SS8ys+k4V8xVYXaxNsRir6IAXQDnxLrffXjiFvjlgtlsRk/HGN9nEHiSzn6hm+sEDoJZTRb14trwktLPvQ3PjpcjlhLXp/wuPCygqQ4UzFlnNmvOy/VaptAw0LIlzTG3d+qo17h69z+fMTWEaQnMA=
In-reply-to: <E03F0C617EFE57917B6C9DB4@[192.168.1.144]>
References: <MN2PR03MB50053556941862864A008465A14E0@MN2PR03MB5005.namprd03.prod.outlook.com> <E03F0C617EFE57917B6C9DB4@[192.168.1.144]>
Thread-index: AdWgm2ufsjzigE+jS2Ov8qf9qOeo1gAvPi6AAAAvjqA=
Thread-topic: [EXT] Re: SSL / TLS 1.0 - exposed in SSF?

-----Original Message-----
From: Quanah Gibson-Mount <quanah@symas.com> 
Sent: Friday, November 22, 2019 12:15 PM
To: Aaron Bennett <abennett@clarku.edu>; openldap-technical@openldap.org
Subject: [EXT] Re: SSL / TLS 1.0 - exposed in SSF?


>This is ITS#7683 https://www.openldap.org/its/index.cgi/?findid=7683

>You can obtain a patch that can be applied to RE24 to add this functionality from https://github.com/Zimbra/packages/blob/develop/thirdparty/openldap/patches/ITS7683.patch
>

Thank you, Quanah.  Is that patch applicable beyond 2.4.40?   

( this is what makes me think it's 2.4.40: only... )

--- openldap-2.4.40/servers/slapd/connection.c.orig	2014-11-13 17:07:32.258240498 -0600
+++ openldap-2.4.40/servers/slapd/connection.c	2014-11-13 17:09:17.778236982 -0600

Best,

Aaron


--- 
Aaron Bennett
Manager of Systems Administration
Clark University ITS

Follow-Ups:
- RE: [EXT] Re: SSL / TLS 1.0 - exposed in SSF?
  - From: Quanah Gibson-Mount <quanah@symas.com>

References:
- SSL / TLS 1.0 - exposed in SSF?
  - From: Aaron Bennett <abennett@clarku.edu>
- Re: SSL / TLS 1.0 - exposed in SSF?
  - From: Quanah Gibson-Mount <quanah@symas.com>

Prev by Date: Re: SSL / TLS 1.0 - exposed in SSF?
Next by Date: Re:Re:Re: It seems that the Tls cipher settings in ldap client and server not work.
Index(es):
- Chronological
- Thread