[Bug 1656979] Re: No support for DHE ciphers (TLS)
[Expired for openldap (Ubuntu) because there has been no activity for 60 days.] ** Changed in: openldap (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
** Changed in: openldap (Ubuntu) Status: Expired => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
[Expired for openldap (Ubuntu) because there has been no activity for 60 days.] ** Changed in: openldap (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
** Changed in: openldap (Ubuntu) Status: Expired => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
[Expired for openldap (Ubuntu) because there has been no activity for 60 days.] ** Changed in: openldap (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
** Changed in: openldap (Ubuntu) Status: Expired => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
[Expired for openldap (Ubuntu) because there has been no activity for 60 days.] ** Changed in: openldap (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
Hello Haw, openldap 2.4.45 is in artful now, so this should be fixed. could you please try your cipherscan again and confirm? Thanks! ** Changed in: openldap (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
Also: https://anonscm.debian.org/git/pkg- openldap/openldap.git/tree/libraries/libldap/tls_g.c#n317 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
Hmm, not too sure why that is. The version in Debian (and also Ubuntu) definitely doesn't include that patch: | $ chdist apt-get xenial source slapd | Reading package lists... Done | Picking 'openldap' as source package instead of 'slapd' | NOTICE: 'openldap' packaging is maintained in the 'Git' version control system at: | git://anonscm.debian.org/pkg-openldap/openldap.git | Please use: | git clone git://anonscm.debian.org/pkg-openldap/openldap.git | Need to get 4993 kB of source archives. | Get:1 http://archive.ubuntu.com/ubuntu xenial-updates/main openldap 2.4.42+dfsg-2ubuntu3.1 (dsc) [3040 B] | Get:2 http://archive.ubuntu.com/ubuntu xenial-updates/main openldap 2.4.42+dfsg-2ubuntu3.1 (tar) [4813 kB] | Get:3 http://archive.ubuntu.com/ubuntu xenial-updates/main openldap 2.4.42+dfsg-2ubuntu3.1 (diff) [177 kB] | Fetched 4993 kB in 14s (343 kB/s) | $ grep DH_BITS ./libraries/libldap/tls_g.c | #define DH_BITS (1024) | gnutls_dh_params_generate2(ctx->dh_params, DH_BITS); Via online source viewer also confirms this: https://anonscm.debian.org/git/pkg-openldap/openldap.git/tree/libraries/libldap/tls_g.c#n47 https://anonscm.debian.org/git/pkg-openldap/openldap.git/tree/libraries/libldap/tls_g.c#n294 ** Changed in: openldap (Ubuntu) Status: Incomplete => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1656979] Re: No support for DHE ciphers (TLS)
Hello, I'm a bit confused. As you noted, Xenial (and on) have 2.4.42 as the base, but the fix you mention is in 2.4.39. So is it not fixed upstream? Or is this a result of the GnuTLS build? ** Changed in: openldap (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1656979 Title: No support for DHE ciphers (TLS) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1656979/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs