guenther+ldapdev@sendmail.com wrote:
Full_Name: Philip Guenther Version: OS: Linux URL: ftp://ftp.openldap.org/incoming/guenther-080813.patch Submission from: (NULL) (64.58.1.252)
It's time for SSL version 2.0 to die: it has numerous weaknesses and has been superseded by SSL version 3.0 and TLS version 1.0 for *years*. Indeed, the LDAP Start_Tls extended operation is defined by reference to the TLS standard.
(It could be argued that a client that sends an SSLv2-compatible handshake after doing Start_Tls is non-compliant, or at least non-interoperable, as servers are only required to support true TLS handshakes.)
As a first step, here's a patch against the CVS trunk that adds the ability to set the minimum TLS/SSL protocol from the C API (LDAP_OPT_X_TLS_PROTOCOL_MIN), the ldap.conf (TLS_PROTOCOL_MIN), and the slapd config (TLSProtocolMin/olcTLSProtocolMin). Possible settings are: C API ldap_[sg]et_option() ldap.conf/slapd config
LDAP_OPT_X_TLS_PROTOCOL_SSLv2 SSLv2 LDAP_OPT_X_TLS_PROTOCOL_SSLv3 SSLv3 LDAP_OPT_X_TLS_PROTOCOL_TLSv1_0 TLSv1 OR TLSv1.0
Using an option flag for each protocol version seems excessive; it will be a recurring maintenance burden because each new option flag reflects an API change. (GnuTLS claims to already support TLSv1.2.)
This should use a single option flag and a numeric or bitfield argument for selecting protocols instead. Since we're talking about minimum settings, it should likely just be an increasing range of numbers.
I note that the on-the-wire protocol version is just a 16 bit integer; we could define protocol names that correspond directly to these values.
(1.0, because TLSv1.1 is already published, even though OpenSSL doesn't support it yet)