[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/libraries/libldap init.c tls.c



On Saturday 30 October 2004 11:08, Pierangelo Masarati wrote:
> ralf@OpenLDAP.org wrote:
> >Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap
> >
> >Modified Files:
> >	init.c  1.90 -> 1.91
> >	tls.c  1.115 -> 1.116
> >
> >Log Message:
> >CRL checking options for ldap.conf and slapd.conf
>
> I haven't been upgrading openssl on my devel machine for a while, so
> HEAD does not compile any more.  No problem, however I suggest an
> OpenSSL version check be implemented and either the CRL code is
> conditionally #define'd or, since an adequate version of OpenSSL impacts
> security, version requirements are put in place, much like we do for
> Berkeley DB.

Yes, you are right. I'll look into implementing such a check and #ifdef the 
CRL related stuff in the code. 

-- 
Ralf