[Pkg-openldap-devel] Bug#510346: Bug#510346: new TLS_CIPHER_SUITE underdocumented
Quanah Gibson-Mount
quanah at zimbra.com
Wed Jan 14 16:07:12 UTC 2009
--On Wednesday, January 14, 2009 3:03 PM +0100 Simon Josefsson
<simon at josefsson.org> wrote:
> A proper fix requires co-ordination with the OpenLDAP people. Either
> they 1) remove all strange code for parsing ciphers for GnuTLS and only
> use gnutls_priority_set_direct on the TLS_CIPHER_SUITE string, or 2)
> they introduce a new configuration keyword TLS_PRIORITY that is is sent
> to GnuTLS's priority functions. Given that TLS_CIPHER_SUITE accepts
> OpenSSL strings like 'HIGH:+SSLv2' I believe that matches GnuTLS
> priority strings, so I would recommend 1). And improve the
> documentation to point at, e.g., gnutls_priority_init(3) or the GnuTLS
> manual in the OpenLDAP documentation.
Filed upstream:
<http://www.openldap.org/its/index.cgi/?findid=5887>
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
More information about the Pkg-openldap-devel
mailing list