8155 – add support for cacertdir with gnutls

Issue 8155 - add support for cacertdir with gnutls

Summary: add support for cacertdir with gnutls

Status:	VERIFIED FIXED

Alias:	None

Product:	OpenLDAP
Classification:	Unclassified
Component:	libraries (show other issues)
Version:	unspecified
Hardware:	All All

Importance:	--- normal
Target Milestone:	2.5.0
Assignee:	Ryan Tandy

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-05-26 22:09 UTC by Ryan Tandy
Modified:	2020-10-14 21:06 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description Ryan Tandy 2015-05-26 22:09:24 UTC

Full_Name: Ryan Tandy
Version: 
OS: 
URL: 
Submission from: (NULL) (142.31.146.2)
Submitted by: ryan


GnuTLS recently (3.3.6) finally added an API for adding a directory of CA
files:

http://gnutls.org/manual/html_node/Core-TLS-API.html#gnutls_005fcertificate_005fset_005fx509_005ftrust_005fdir-1

https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certificate-stores-and-platforms/

Haven't actually tried it yet, but I think it should allow us to implement
cacertdir.

Just filing this for tracking right now, patch to come later.

Comment 1 Quanah Gibson-Mount 2017-04-12 16:49:48 UTC

moved from Incoming to Software Bugs

Comment 2 Ryan Tandy 2020-04-30 17:03:32 UTC

https://git.openldap.org/openldap/openldap/-/merge_requests/60

Comment 3 Ryan Tandy 2020-05-14 15:49:16 UTC

Commits:
9282e6ed by Ryan Tandy at 2020-05-14T07:56:28-07:00
ITS#8155 Support cacertdir with GnuTLS