[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4975) --without-tls is broken

To: openldap-its@OpenLDAP.org
Subject: (ITS#4975) --without-tls is broken
From: h.b.furuseth@usit.uio.no
Date: Sun, 20 May 2007 19:37:38 GMT

Full_Name: Hallvard B Furuseth
Version: HEAD
OS: Linux
URL: 
Submission from: (NULL) (129.240.202.105)
Submitted by: hallvard


slapd/schema_init.c:certificateExactNormalize() (outside HAVE_TLS) needs
slapd/dn.c:dnX509normalize() (inside HAVE_TLS).  The latter uses
libldap/tls.c:ldap_X509dn2bv() (outside HAVE_TLS), which needs oid_name
oids[] (inside HAVE_TLS).

If those are all moved outside HAVE_TLS, test021-certificate still fails:
  Running ./scripts/test021-certificate...
  running defines.sh
  Running slapadd to build slapd database...
  Starting slapd on TCP/IP port 9011...
  Testing certificate handling...
  Add certificates...
  ldapmodify failed (18)!
...because certificateExactNormalize() isn't used (the certificateExactMatch
syntax #ifdef HAVE_TLS'es it out).  It passes if that #ifdef is removed too.

I haven't kept track of the TLS changes though, so I don't know if just
moving #ifdefs around is the right fix.

Prev by Date: (ITS#4974) tls calls ldap_pvt_thread_self with wrong prototype
Next by Date: Re: (ITS#4975) --without-tls is broken
Index(es):
- Chronological
- Thread