[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7645) various TLSProtocolMin issues

To: openldap-its@OpenLDAP.org
Subject: (ITS#7645) various TLSProtocolMin issues
From: mgaupp@googlemail.com
Date: Wed, 24 Jul 2013 09:34:55 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Manuel Gaupp
Version: 2.4.35
OS: CentOS 6.3
URL: 
Submission from: (NULL) (79.234.218.31)


This topic was originally discussed in
http://www.openldap.org/lists/openldap-technical/201307/msg00133.html

1.) the TLSProtocolMin parameter is not documented, but it should be - at least
in slapd.conf/slapd-config and ldap.conf (there is an example in the original
ITS #5655)

2.) the TLSProtocolMin functionality should be extended for TLS 1.1 and TLS 1.2
(see http://www.openldap.org/lists/openldap-technical/201307/msg00138.html)

3.) ldap.conf already accepts correctly formatted TLSProtocolMin values (e.g.
"3.1") whereas slapd.conf doesn't (has to be given as an integer, e.g. "769"); I
think servers/slapd/bconfig.c should be changed to use ldap_int_tls_config for
this option (as mentioned in the FIXME comment of config_tls_config).

Prev by Date: Re: (ITS#7643) MDB_cmp_func not properly documented
Next by Date: (ITS#7648) undefined symbol: ldap_x_utf8s_to_wcs
Index(es):
- Chronological
- Thread