ITS#8580 - Explicitly honor the server side cipher suite preference

diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
index 5b9509a4584001aa8edd54578751c5e6ccf8f6ce..8eee6abcbd0894d8c020f7047ed19034f04f1ef4 100644 (file)
--- a/libraries/libldap/tls_o.c
+++ b/libraries/libldap/tls_o.c
@@ -501,6 +501,8 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
                                        X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL  );
                }
        }
+       /* Explicitly honor the server side cipher suite preference */
+       SSL_CTX_set_options( ctx, SSL_OP_CIPHER_SERVER_PREFERENCE );
        return 0;
 }