Tree - rpms/389-ds-base - CentOS Git server

rpms / 389-ds-base

Blame SOURCES/0021-Issue-50834-Incorrectly-setting-the-NSS-default-SSL-.patch

Blob History Raw

		8394b4	`From e169d4690fb37be4fa9be1b2624c72ec90b1b68e Mon Sep 17 00:00:00 2001`
		8394b4	`From: Mark Reynolds <mreynolds@redhat.com>`
		8394b4	`Date: Mon, 20 Jan 2020 13:16:36 -0500`
		8394b4	`Subject: [PATCH] Issue 50834 - Incorrectly setting the NSS default SSL version`
		8394b4	`max`
		8394b4
		8394b4	`Description: We've been using the wrong function to get the NSS max`
		8394b4	`version We were calling SSL_VersionRangeGetSupported()`
		8394b4	`which gets the versions NSS "can" handle, but`
		8394b4	`SSL_VersionRangeGetDefault() gets the versions that`
		8394b4	`are actually "enabled".`
		8394b4
		8394b4	`relates: https://pagure.io/389-ds-base/issue/50834`
		8394b4
		8394b4	`Reviewed by: mreynolds(one line commit rule)`
		8394b4	`---`
		8394b4	`ldap/servers/slapd/ssl.c \| 2 +-`
		8394b4	`1 file changed, 1 insertion(+), 1 deletion(-)`
		8394b4
		8394b4	`diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c`
		8394b4	`index 6a07f1ab0..71f91f761 100644`
		8394b4	`--- a/ldap/servers/slapd/ssl.c`
		8394b4	`+++ b/ldap/servers/slapd/ssl.c`
		8394b4	`@@ -936,7 +936,7 @@ slapd_nss_init(int init_ssl __attribute__((unused)), int config_available __attr`
		8394b4	`char *certdir;`
		8394b4	`char emin[VERSION_STR_LENGTH], emax[VERSION_STR_LENGTH];`
		8394b4	`/* Get the range of the supported SSL version */`
		8394b4	`- SSL_VersionRangeGetSupported(ssl_variant_stream, &enabledNSSVersions);`
		8394b4	`+ SSL_VersionRangeGetDefault(ssl_variant_stream, &enabledNSSVersions);`
		8394b4
		8394b4	`(void)slapi_getSSLVersion_str(enabledNSSVersions.min, emin, sizeof(emin));`
		8394b4	`(void)slapi_getSSLVersion_str(enabledNSSVersions.max, emax, sizeof(emax));`
		8394b4	`--`
		8394b4	`2.21.1`
		8394b4

rpms / 389-ds-base

Source Code

Blame SOURCES/0021-Issue-50834-Incorrectly-setting-the-NSS-default-SSL-.patch