ITS#7285 Mozilla NSS: default cipher suite always selected

author Tim Strobell (Contractor) <tim.strobell.ctr@nrl.navy.mil>

Mon, 4 Jun 2012 21:50:23 +0000 (17:50 -0400)

committer Quanah Gibson-Mount <quanah@openldap.org>

Tue, 5 Jun 2012 16:36:52 +0000 (09:36 -0700)
author Tim Strobell (Contractor) <tim.strobell.ctr@nrl.navy.mil>
Mon, 4 Jun 2012 21:50:23 +0000 (17:50 -0400)
committer Quanah Gibson-Mount <quanah@openldap.org>
Tue, 5 Jun 2012 16:36:52 +0000 (09:36 -0700)
diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c

index 23d843c0ec2c0d8697ad636f641630d3e4305845..b608551e4dce051c12c27077ad1686e46c73c8aa 100644 (file)
--- a/libraries/libldap/tls_m.c
+++ b/libraries/libldap/tls_m.c
@@ -2218,12 +2218,13 @@ tlsm_deferred_ctx_init( void *arg )
                 return -1;
         }
  
-       if ( lt->lt_ciphersuite &&
-            tlsm_parse_ciphers( ctx, lt->lt_ciphersuite )) {
-               Debug( LDAP_DEBUG_ANY,
-                      "TLS: could not set cipher list %s.\n",
-                      lt->lt_ciphersuite, 0, 0 );
-               return -1;
+       if ( lt->lt_ciphersuite ) {
+               if ( tlsm_parse_ciphers( ctx, lt->lt_ciphersuite ) ) {
+                       Debug( LDAP_DEBUG_ANY,
+                              "TLS: could not set cipher list %s.\n",
+                              lt->lt_ciphersuite, 0, 0 );
+                       return -1;
+               }
         } else if ( tlsm_parse_ciphers( ctx, "DEFAULT" ) ) {
                 Debug( LDAP_DEBUG_ANY,
                        "TLS: could not set cipher list DEFAULT.\n",
author	Tim Strobell (Contractor) <tim.strobell.ctr@nrl.navy.mil>
	Mon, 4 Jun 2012 21:50:23 +0000 (17:50 -0400)
committer	Quanah Gibson-Mount <quanah@openldap.org>
	Tue, 5 Jun 2012 16:36:52 +0000 (09:36 -0700)