AW: rlm_ldap: Limit accepted TLS versions on LDAPS

Robert Hentsch-Jesse rhentsch-jesse at phoenixcontact.com
Tue Dec 15 09:36:27 CET 2020


Thanks for the quick solution!
It fixed the problem for me.

Best regards,

Robert Hentsch-Jesse


-----Ursprüngliche Nachricht-----
Von: Freeradius-Users <freeradius-users-bounces+rhentsch-jesse=phoenixcontact.com at lists.freeradius.org> Im Auftrag von Alan DeKok
Gesendet: Mittwoch, 9. Dezember 2020 17:16
An: freeradius users mailing list <freeradius-users at lists.freeradius.org>
Betreff: Re: rlm_ldap: Limit accepted TLS versions on LDAPS

***External email! Do not click links or open attachments unless you recognize the sender and know the content is safe.***

> On Dec 9, 2020, at 10:48 AM, Michael Ströder via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> On 12/9/20 3:36 PM, Alan DeKok wrote:
>> And the libldap API doesn't provide a way to say "require TLS 1.2"
>
> How about using LDAP_OPT_X_TLS_PROTOCOL_MIN described in ldap_set_option(3)?

  See commit e789729285e

  This should hopefully work.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


.......................................................................................
PHOENIX CONTACT Cyber Security GmbH 
Richard-Willstätter-Straße 6, 12489 Berlin, Germany 
Register Court: AG Charlottenburg, HR B 202908 
Geschäftsführer/General Manager: Kilian Golm



More information about the Freeradius-Users mailing list