[Date Prev][Date Next] [Chronological] [Thread] [Top]

Patch: CIPHER_SERVER_PREFERENCE




Hello,

The patch implement a feature similar to http://www.postfix.org/postconf.5.html#tls_preempt_cipherlist
Not perfect, not configurable but works here without problems.

Andreas
Description: force openssl use the server side cipher preference
Author: A. Schulze
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
Index: openldap-2.4.44/libraries/libldap/tls_o.c
===================================================================
--- openldap-2.4.44.orig/libraries/libldap/tls_o.c
+++ openldap-2.4.44/libraries/libldap/tls_o.c
@@ -363,6 +363,8 @@ tlso_ctx_init( struct ldapoptions *lo, s
 		}
 	}
 #endif
+	/* maybe some # ifdef are needed */
+	SSL_CTX_set_options( ctx, SSL_OP_CIPHER_SERVER_PREFERENCE );
 	return 0;
 }