From: Alan T. DeKok <aland@freeradius.org>
Date: Sat, 17 May 2025 12:08:00 +0000 (-0400)
Subject: TLS 1.3 support for LDAP module #5583
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dfb7dfa8018241d52bfb63402d5e68eac69c713e;p=thirdparty%2Ffreeradius-server.git

TLS 1.3 support for LDAP module #5583
---

diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index 94164cbfaa3..03a109bb628 100644
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -2637,7 +2637,10 @@ static int mod_instantiate(module_inst_ctx_t const *mctx)
 	}
 
 	if (inst->handle_config.tls_min_version_str) {
-		if (strcmp(inst->handle_config.tls_min_version_str, "1.2") == 0) {
+		if (strcmp(inst->handle_config.tls_min_version_str, "1.3") == 0) {
+			inst->handle_config.tls_min_version = LDAP_OPT_X_TLS_PROTOCOL_TLS1_3;
+
+		} else if (strcmp(inst->handle_config.tls_min_version_str, "1.2") == 0) {
 			inst->handle_config.tls_min_version = LDAP_OPT_X_TLS_PROTOCOL_TLS1_2;
 
 		} else if (strcmp(inst->handle_config.tls_min_version_str, "1.1") == 0) {