Uses lower than default TLS settings
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
freetds (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Currently freetds is built against gnutls library, but has support for both gnutls & openssl.
It tries to set priority strings, and sets them to lower values that are default in Ubuntu and/or supported by SQL Server.
Please stop directly setting gnutls priority string, or use the same one as is used in gnutls in Ubuntu. NORMAL:
Alternatively, please build using openssl library, as that would ensure that security level 2 is enforced without any code changes of freetds. (Built in default is DEFAULT@SECLEVEL=2)
All recent/updated version of SQL Server support TLSv1.2 https:/