[Bug 1103353] Re: Invalid GnuTLS cipher suite strings causes libldap to crash
Jouko Orava
joorava at iki.fi
Thu Jan 24 01:45:46 UTC 2013
Correct. The workaround to avoid the crash is to use a strictly valid
GnuTLS cipher suite string, for example "NORMAL" or "SECURE128" or
"SECURE192" or "SECURE256".
In those rare cases where those existing defaults are not acceptable
(due to security concerns, for example), the minimal "search.c" program
I attached to #4 can be used to try to find a valid cipher suite string,
connecting to an LDAP server (using ldap:// URI, and StartTLS). It also
reports the cipher, mac, and kx achieved when the StartTLS is
successful.
I'll see if I can report this upstream to openldap.org, too.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1103353
Title:
Invalid GnuTLS cipher suite strings causes libldap to crash
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1103353/+subscriptions
More information about the Ubuntu-server-bugs
mailing list