47 lines
1.4 KiB
Diff
47 lines
1.4 KiB
Diff
From c6e416e88c650ad74f44bc66a931327f82e2075d Mon Sep 17 00:00:00 2001
|
|
From: William Brown <wbrown@suse.de>
|
|
Date: Wed, 23 Mar 2022 15:06:47 +1000
|
|
Subject: [PATCH 241/241] TLS set protocol version
|
|
|
|
---
|
|
libraries/libldap/tls_o.c | 8 ++++++++
|
|
1 file changed, 8 insertions(+)
|
|
|
|
diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
|
|
index f02b7ca53a..81c16864ba 100644
|
|
--- a/libraries/libldap/tls_o.c
|
|
+++ b/libraries/libldap/tls_o.c
|
|
@@ -277,6 +277,9 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
|
|
}
|
|
|
|
if ( lo->ldo_tls_protocol_min ) {
|
|
+#ifdef SSL_CTX_set_min_proto_version
|
|
+ SSL_CTX_set_min_proto_version( ctx, lo->ldo_tls_protocol_min );
|
|
+#else
|
|
int opt = 0;
|
|
if ( lo->ldo_tls_protocol_min > LDAP_OPT_X_TLS_PROTOCOL_SSL2 ) {
|
|
opt |= SSL_OP_NO_SSLv2;
|
|
@@ -302,8 +305,12 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
|
|
#endif
|
|
if ( opt )
|
|
SSL_CTX_set_options( ctx, opt );
|
|
+#endif
|
|
}
|
|
if ( lo->ldo_tls_protocol_max ) {
|
|
+#ifdef SSL_CTX_set_max_proto_version
|
|
+ SSL_CTX_set_max_proto_version( ctx, lo->ldo_tls_protocol_max );
|
|
+#else
|
|
int opt = 0;
|
|
#ifdef SSL_OP_NO_TLSv1_3
|
|
if ( lo->ldo_tls_protocol_max < LDAP_OPT_X_TLS_PROTOCOL_TLS1_3 )
|
|
@@ -325,6 +332,7 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
|
|
opt |= SSL_OP_NO_SSLv3;
|
|
if ( opt )
|
|
SSL_CTX_set_options( ctx, opt );
|
|
+#endif
|
|
}
|
|
|
|
if ( lo->ldo_tls_ciphersuite &&
|
|
--
|
|
2.35.1
|
|
|