141454 – loolwsd: Allow to disable specific TLS protocol versions

Bug 141454 - loolwsd: Allow to disable specific TLS protocol versions

Summary: loolwsd: Allow to disable specific TLS protocol versions

Status:	NEW

Alias:	None

Product:	LibreOffice Online
Classification:	Unclassified
Component:	LibreOffice (show other bugs)
Version: (earliest affected)	unspecified
Hardware:	All All

Importance:	medium enhancement
Assignee:	Not Assigned

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2021-04-02 09:59 UTC by lool-bugreport
Modified:	2021-04-02 10:00 UTC (History)
CC List:	0 users

See Also:
Crash report or crash signature:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description lool-bugreport 2021-04-02 09:59:37 UTC

In /etc/loolwsd/loolwsd.xml it is currently possible to configure the OpenSSL ciphers via <cipher_list></cipher_list>.

With the recent deprecation of the TLS 1.0 and 1.1 protocol versions the possibility to disable both protocols is currently missing (either not implemented or maybe just not documented?).

Please add the possibility in the loolwsd.xml to disable specific TLS protocols similar to e.g. Apache: https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslprotocol