[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5360) wrong default for TLSVerifyClient (with GnuTLS?)

To: openldap-its@OpenLDAP.org
Subject: (ITS#5360) wrong default for TLSVerifyClient (with GnuTLS?)
From: steve.langasek@canonical.com
Date: Sat, 9 Feb 2008 02:27:04 GMT

Full_Name: Steve Langasek
Version: 2.4.7
OS: Debian
URL: http://people.ubuntu.com/~vorlon/slapd-tlsverifyclient-default.patch
Submission from: (NULL) (2001:4830:1244:0:219:d2ff:fe76:2acb)


The code in slapd whose purpose is to override the library default value for
LDAP_OPT_X_TLS_REQUIRE_CERT is failing, at least when OpenLDAP is built with
GnuTLS, because the override is done to a set of "global" options which are
never used.

The patch referenced below has been verified to fix this issue.

Prev by Date: (ITS#5359) Add BDB encryption support
Next by Date: (ITS#5361) cert verification failures with GnuTLS and DNS subjectAltName
Index(es):
- Chronological
- Thread