File 0241-TLS-set-protocol-version.patch of Package openldap2.24987

From c6e416e88c650ad74f44bc66a931327f82e2075d Mon Sep 17 00:00:00 2001
From: William Brown <wbrown@suse.de>
Date: Wed, 23 Mar 2022 15:06:47 +1000
Subject: [PATCH 241/241] TLS set protocol version

---
 libraries/libldap/tls_o.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c
index f02b7ca53a..81c16864ba 100644
--- a/libraries/libldap/tls_o.c
+++ b/libraries/libldap/tls_o.c
@@ -277,6 +277,9 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
 	}
 
 	if ( lo->ldo_tls_protocol_min ) {
+#ifdef SSL_CTX_set_min_proto_version
+		SSL_CTX_set_min_proto_version( ctx, lo->ldo_tls_protocol_min );
+#else
 		int opt = 0;
 		if ( lo->ldo_tls_protocol_min > LDAP_OPT_X_TLS_PROTOCOL_SSL2 ) {
 			opt |= SSL_OP_NO_SSLv2;
@@ -302,8 +305,12 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
 #endif
 		if ( opt )
 			SSL_CTX_set_options( ctx, opt );
+#endif
 	}
 	if ( lo->ldo_tls_protocol_max ) {
+#ifdef SSL_CTX_set_max_proto_version
+		SSL_CTX_set_max_proto_version( ctx, lo->ldo_tls_protocol_max );
+#else
 		int opt = 0;
 #ifdef SSL_OP_NO_TLSv1_3
 		if ( lo->ldo_tls_protocol_max < LDAP_OPT_X_TLS_PROTOCOL_TLS1_3 )
@@ -325,6 +332,7 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
 			opt |= SSL_OP_NO_SSLv3;
 		if ( opt )
 			SSL_CTX_set_options( ctx, opt );
+#endif
  	}
 
 	if ( lo->ldo_tls_ciphersuite &&
-- 
2.35.1