subject:"\(ITS#9054\) Add support for multiple EECDH curves"

Re: (ITS#9054) Add support for multiple EECDH curves

2019-07-16 Thread quanah

--On Tuesday, July 16, 2019 9:45 PM + qua...@openldap.org wrote:

> Full_Name: Quanah Gibson-Mount
> Version: 2.4.47
> OS: N/A
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (47.208.128.44)
>
>
> Currently OpenLDAP only allows for a single EECDH curve to be configured.
> However, OpenSSL 1.0.2 released in January 2015 was the first release to
> implement negotiation of supported curves in TLS servers.  OpenLDAP needs
> updating to support this functionality.


tls_dh.c in postfix/src/tls_dh.c gives some insight into how to correctly 
do this with OpenSSL, in the tls_auto_eecdh_curves fucntion.

--Quanah



--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:

(ITS#9054) Add support for multiple EECDH curves

2019-07-16 Thread quanah

Full_Name: Quanah Gibson-Mount
Version: 2.4.47
OS: N/A
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (47.208.128.44)


Currently OpenLDAP only allows for a single EECDH curve to be configured. 
However, OpenSSL 1.0.2 released in January 2015 was the first release to
implement negotiation of supported curves in TLS servers.  OpenLDAP needs
updating to support this functionality.

Re: (ITS#9054) Add support for multiple EECDH curves

(ITS#9054) Add support for multiple EECDH curves

2 matches

Site Navigation

Mail list logo

Footer information