diff options
author | Andreas Schneider <asn@samba.org> | 2020-06-30 17:12:17 +0200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2020-07-01 14:56:33 +0000 |
commit | d30865014569f4b9a1261d9f0c40bc4fc98f883e (patch) | |
tree | 8813ccb24f72463f39b661786a1e1a9d22ef0cb6 /lib/param/loadparm.c | |
parent | cabf873b75b1d4d456190358bc3ed051bca16978 (diff) | |
download | samba-d30865014569f4b9a1261d9f0c40bc4fc98f883e.tar.gz |
tls: Use NORMAL:-VERS-SSL3.0 as the default configuration
This seems to be really broken in GnuTLS and the documentation is also
not correct.
This partially reverts 53e3a959b958a3b099df6ecc5f6e294e96bd948e
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14408
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 1 14:56:33 UTC 2020 on sn-devel-184
Diffstat (limited to 'lib/param/loadparm.c')
-rw-r--r-- | lib/param/loadparm.c | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c index 53eedeb0cb2..da639a8b0ff 100644 --- a/lib/param/loadparm.c +++ b/lib/param/loadparm.c @@ -2818,15 +2818,9 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx) lpcfg_do_global_parameter(lp_ctx, "tls keyfile", "tls/key.pem"); lpcfg_do_global_parameter(lp_ctx, "tls certfile", "tls/cert.pem"); lpcfg_do_global_parameter(lp_ctx, "tls cafile", "tls/ca.pem"); -#ifdef HAVE_GNUTLS_SET_DEFAULT_PRIORITY_APPEND - lpcfg_do_global_parameter(lp_ctx, - "tls priority", - "@SAMBA,SYSTEM,NORMAL:!-VERS-SSL3.0"); -#else lpcfg_do_global_parameter(lp_ctx, "tls priority", "NORMAL:-VERS-SSL3.0"); -#endif lpcfg_do_global_parameter(lp_ctx, "nsupdate command", "/usr/bin/nsupdate -g"); |