[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: commit: ldap/libraries/libldap init.c tls.c
- To: Pierangelo Masarati <ando@sys-net.it>
- Subject: Re: commit: ldap/libraries/libldap init.c tls.c
- From: Ralf Haferkamp <rhafer@suse.de>
- Date: Tue, 2 Nov 2004 14:01:54 +0100
- Cc: OpenLDAP Commit <openldap-commit2devel@OpenLDAP.org>
- Content-disposition: inline
- In-reply-to: <41835A00.5030009@sys-net.it>
- References: <200410281650.i9SGochr074995@cantor.openldap.org> <41835A00.5030009@sys-net.it>
- User-agent: KMail/1.7.1
On Saturday 30 October 2004 11:08, Pierangelo Masarati wrote:
> ralf@OpenLDAP.org wrote:
> >Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap
> >
> >Modified Files:
> > init.c 1.90 -> 1.91
> > tls.c 1.115 -> 1.116
> >
> >Log Message:
> >CRL checking options for ldap.conf and slapd.conf
>
> I haven't been upgrading openssl on my devel machine for a while, so
> HEAD does not compile any more. No problem, however I suggest an
> OpenSSL version check be implemented and either the CRL code is
> conditionally #define'd or, since an adequate version of OpenSSL impacts
> security, version requirements are put in place, much like we do for
> Berkeley DB.
Yes, you are right. I'll look into implementing such a check and #ifdef the
CRL related stuff in the code.
--
Ralf