[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Extended Request Response Behavior



Hi Kurt,
 Please accept my sincere apologies..

 I will certainly reports those errors to the maintainer of those
libraries..

 I changed extended.c to just make and isolate as to why the client was
choking. i have changed it back to how it was.

> I think I said RFC 2830 is under revision.  I have (as the author
> of RFC 3062) no current plans on updating RFC 3062.
my bad here.. i meant to ask about 2830. i mixed up startTLS and
PasswdModify EXops. (if u remember i had these issues with startTLS as
well)

> >Question 2:
> > Can we have a configuration flag that allows us to follow 3062 verbatim ?
again my bad here. my apologies. it certainly does follow 3062 verbatim.
wanted to ask about starttls.

2830 currently states:
	A Start TLS extended request is formed by setting the requestName
	field to the OID string given above.  <...>

	   ExtendedResponse is defined as follows:
     		ExtendedResponse ::= [APPLICATION 24] SEQUENCE {
             		COMPONENTS OF LDAPResult,
             		responseName     [10] LDAPOID OPTIONAL,
             		response         [11] OCTET STRING OPTIONAL }

A Start TLS extended response **MUST** contain a responseName field which
**MUST** be set to the same string as that in the responseName field
present in the Start TLS extended request.

so, with the new revision of 2380 will that "MUST" be dropped ? (was
supposed to be my question 1)

and a flag to allow that "feature" of 2830 in OpenLDAP configuration
options (was supposed to be 2nd question).

With regard to VMS needing an OID for PasswdModify EXop is their bug, i
will report it to them. I am checking if this is required for winldap, if
so i will report it to them to (along with that the extra junk it was
sending for starttls request)

Thanks,
Siva