[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 3rd try : Bug ? ldap_start_tls_s successful even after removing ca certificate from ca cert dir

To: Philip Guenther <pguenther@proofpoint.com>
Subject: Re: 3rd try : Bug ? ldap_start_tls_s successful even after removing ca certificate from ca cert dir
From: SOMA SEKHAR <somasekhar44@gmail.com>
Date: Thu, 28 Aug 2014 13:10:45 +0530
Cc: openldap-technical@openldap.org
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=/8IGAAjWzikNz9H7JtjCMmKiQBl/iekp7etmDlZNJRo=; b=G4aq1BWNZ+4jyvVZBolw16uR4EA6yNONILLU7F53Gnez2BHrkjq6/uZmiPoFlDcvHJ UsA7nRDNyRVOZr7Hzw6SylJMmv2gDjsYIMg7ksESO/a8Sf1SAgRg5fknbm+Rxfa0NLwk X5bX2Bwu6QAHllzNDiVixMQ/V4ipp42eSL3eCjkedqh2mHIuRwZNSBTxBZ4hDUMvSsIh JJzYPJA3M7w2+CVuLjLrpZ1P5hjsYdC/ZTsrxWxVMjFdh/W0qdPPjLT+8FyRornCEB79 cgUsVmfzwTaph1EH58j+XsDX+B336BeU3dlY/XoAVO8jxSrUjb9/OSH2SeRsRbPXPNaH 9P8Q==
In-reply-to: <alpine.BSO.2.11.1408280011560.1874@morgaine.local>
References: <CAE88ON2TQV7qmVYd3NXw8WSmSmi7CaEBVRCHaKu_UwjiASsiwA@mail.gmail.com> <alpine.BSO.2.11.1408272332590.1874@morgaine.local> <CAE88ON39tfREm2DWWpsBXzQXF28n0VABfPdwbc3+u3H_7mqXwA@mail.gmail.com> <alpine.BSO.2.11.1408280011560.1874@morgaine.local>

Thanks Philip. I am new to openldap and openssl. I will check my code once again and try to file an ITS . 

Thanks again. This is of great help.

On Thu, Aug 28, 2014 at 1:01 PM, Philip Guenther <pguenther@proofpoint.com> wrote:

On Thu, 28 Aug 2014, SOMA SEKHAR wrote:
> Thanks for the quick response. As far as I know , LDAP_OPT_X_TLS_CTX
> will set the SSL_CTX pointer. I tried to set this opition to NULL before
> I did a start tls for the second time. I observed process crash at this
> time .

Did you file an ITS about that?

> . From what you are saying , I understood that SSL_CTX had conext from
> which the ca cert is verified for the second time. Please correct me if
> I am wrong

That's my *guess*, but I may be completely wrong. I no longer have a need
to "JUST MAKE IT WORK" for my job, so I'm not going to waste my time
reading the openldap source to find a workaround for the stuff that the
openldap developers aren't going to stand behind by documenting.

Philip Guenther

--
Thanks&Regards,
SomaSekhar.

References:
- 3rd try : Bug ? ldap_start_tls_s successful even after removing ca certificate from ca cert dir
  - From: SOMA SEKHAR <somasekhar44@gmail.com>
- Re: 3rd try : Bug ? ldap_start_tls_s successful even after removing ca certificate from ca cert dir
  - From: Philip Guenther <pguenther@proofpoint.com>
- Re: 3rd try : Bug ? ldap_start_tls_s successful even after removing ca certificate from ca cert dir
  - From: SOMA SEKHAR <somasekhar44@gmail.com>
- Re: 3rd try : Bug ? ldap_start_tls_s successful even after removing ca certificate from ca cert dir
  - From: Philip Guenther <pguenther@proofpoint.com>

Prev by Date: Re: 3rd try : Bug ? ldap_start_tls_s successful even after removing ca certificate from ca cert dir
Next by Date: Re: LMDB: Compare function implementation
Index(es):
- Chronological
- Thread