[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: StartTLS downgrading
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Timothy H Folks
> I found the following note in the LDAP tips section of Sun's JNDI
> tutorial:
>
> Note 2: The OpenLDAP server, upon receiving the tls.close(),
> will shut
> down the connection instead of downgrading it to a plain connection.
>
> Is this still true?
Yes. The RFC never mandated a particular behavior for this operation.
OpenLDAP just does whatever OpenSSL does. OpenSSL's "close" function tears
down the SSL session and closes the socket.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support