lib-ldap: Do not override the tls_protocol_min setting with a lower one

author Eero Häkkinen <Eero+git@xn--Hkkinen-5wa.fi>

Thu, 22 Jan 2026 12:01:42 +0000 (14:01 +0200)

committer aki.tuomi <aki.tuomi@open-xchange.com>

Fri, 6 Feb 2026 13:10:08 +0000 (13:10 +0000)
author Eero Häkkinen <Eero+git@xn--Hkkinen-5wa.fi>
Thu, 22 Jan 2026 12:01:42 +0000 (14:01 +0200)
committer aki.tuomi <aki.tuomi@open-xchange.com>
Fri, 6 Feb 2026 13:10:08 +0000 (13:10 +0000)
diff --git a/src/lib-ldap/ldap-connection.c b/src/lib-ldap/ldap-connection.c

index 0c00a5565bed4dd1227fa1c1b842fe19951d2179..bf78e43b3104fe231f607422f68377398bddc60a 100644 (file)
--- a/src/lib-ldap/ldap-connection.c
+++ b/src/lib-ldap/ldap-connection.c
@@ -59,11 +59,6 @@ int ldap_connection_setup(struct ldap_connection *conn, const char **error_r)
                                  conn->set->uris, conn->ssl_set, error_r) < 0)
                 return -1;
  
-#ifdef LDAP_OPT_X_TLS_PROTOCOL_MIN
-       /* refuse to connect to SSLv2 as it's completely insecure */
-       opt = LDAP_OPT_X_TLS_PROTOCOL_SSL3;
-       ldap_set_option(conn->conn, LDAP_OPT_X_TLS_PROTOCOL_MIN, &opt);
-#endif
         opt = conn->set->timeout_secs;
         /* default timeout */
         ldap_set_option(conn->conn, LDAP_OPT_TIMEOUT, &opt);
author	Eero Häkkinen <Eero+git@xn--Hkkinen-5wa.fi>
	Thu, 22 Jan 2026 12:01:42 +0000 (14:01 +0200)
committer	aki.tuomi <aki.tuomi@open-xchange.com>
	Fri, 6 Feb 2026 13:10:08 +0000 (13:10 +0000)