rpms
/
openldap
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

NSS: Maximal TLS protocol version should be equal to NSS default 

Related: #1435689
This commit is contained in:
Matúš Honěk 2017-03-31 17:08:11 +02:00
parent 54f6fd1feb
commit 32c688fc27
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openldap-nss-protocol-version-new-api.patch
View File

@ -37,9 +37,9 @@ diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
+ default_range.min, default_range.max, 0);
+ }
+ selected_range.min = lt->lt_protocol_min;
+ selected_range.max = supported_range.max;
+ selected_range.max = default_range.max;
+ Debug( LDAP_DEBUG_ANY,
+ "TLS: info: TLS configured protocol minimal version is %#04x.\n",
+ "TLS: info: TLS configured protocol minimal version is %#04x, the maximal version (the NSS default) is %#04x.\n",
+ selected_range.min, selected_range.max, 0);
+ if ( (selected_range.min > supported_range.max) ||
+ (selected_range.max < supported_range.min) ) {

5
openldap.spec
View File

@ -5,7 +5,7 @@
Name: openldap
Version: 2.4.44
Release: 9%{?dist}
Release: 10%{?dist}
Summary: LDAP support libraries
Group: System Environment/Daemons
License: OpenLDAP
@ -548,6 +548,9 @@ exit 0
%{_mandir}/man3/*
%changelog
* Fri Mar 31 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-10
- NSS: Maximal TLS protocol version should be equal to NSS default (#1435689)
* Fri Mar 24 2017 Matus Honek <mhonek@redhat.com> - 2.4.44-9
- NSS: Enhance OpenLDAP to support TLSv1.3 protocol with NSS (#1435689)