Michael Ströder wrote: > On 5/5/21 1:29 PM, Howard Chu wrote: >> Michael Ströder wrote: >>> TLSProtocolMin 3.3 >>> TLSCipherSuite HIGH >> >> Then you're getting TLSv1.3 on these connections. Your ciphersuite config >> has no TLSv1.3 ciphers though; cipher suite "HIGH" only affects TLSv1.2 and >> below. > > Ah sorry. I've wrongly implied that OpenSSL automagically chooses > appropriate TLSv1.3 ciphers for HIGH. > >> Change your suite config to include some actual TLSv1.3 suites and it will be >> fine. There's no bug here, just a change in OpenSSL behavior which is covered >> in their documentation. https://wiki.openssl.org/index.php/TLS1.3 > > Thanks for your explanations. > > Your text seems worth to be added herein: > > https://www.openldap.org/doc/admin25/guide.html#More%20extensive%20TLS%20configuration%20control
With this patch https://git.openldap.org/openldap/openldap/-/commit/cd3567d750b653949e50b6245428e594dff1d8a4 the above problem will no longer occur. That is, if your ciphersuite doesn't contain any TLS1.3 ciphers, then the existing TLS1.3 ciphersuites will not be changed. So you'll get the compiled-in defaults if nothing else was changed. That means you can continue to use old configs without any further changes. I don't think there's any security weakness here since the compiled-in defaults are strong. Just a question of whether it's better to force sysadmins to be cognizant of TLS1.3 or let them keep going on without thinking about it. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
