openldap/openldap-nss-default-cipher-suite-always-selected.patch

35 lines
1.0 KiB
Diff
Raw Normal View History

MozNSS: default cipher suite always selected
Author: Tim Strobell <tim.strobell.ctr@nrl.navy.mil>
Upstream ITS: #7285
Upstream commit: 2c2bb2e7aee1b2167f383a8344985a1cf66aff3f
Resolves: #828790
diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
index 23d843c..b608551 100644
--- a/libraries/libldap/tls_m.c
+++ b/libraries/libldap/tls_m.c
@@ -2218,12 +2218,13 @@ tlsm_deferred_ctx_init( void *arg )
return -1;
}
- if ( lt->lt_ciphersuite &&
- tlsm_parse_ciphers( ctx, lt->lt_ciphersuite )) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set cipher list %s.\n",
- lt->lt_ciphersuite, 0, 0 );
- return -1;
+ if ( lt->lt_ciphersuite ) {
+ if ( tlsm_parse_ciphers( ctx, lt->lt_ciphersuite ) ) {
+ Debug( LDAP_DEBUG_ANY,
+ "TLS: could not set cipher list %s.\n",
+ lt->lt_ciphersuite, 0, 0 );
+ return -1;
+ }
} else if ( tlsm_parse_ciphers( ctx, "DEFAULT" ) ) {
Debug( LDAP_DEBUG_ANY,
"TLS: could not set cipher list DEFAULT.\n",
--
1.7.10.4