[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Start TLS operation issue (ITS#3037)

>> We are pretty liberal in accepting the other 8 octets
>> of bogusity in the PDU

Do you mean that the latest version of your server will accept such message
formed by MS or Netscape API?

>> The problem I see here is that even if we were to
>> ignore the bogus empty sequence, would the client
>> accept a properly formed response (with no sequence)

I don't think there will be any problems. Tests with Novell server revealed
that client accepts properly formed responses. And even if it wasn't so it
couldn't be a problem of OpenLDAP server anyway. But the fact is that there
is no possibility to send extended request to OpenLDAP server with help of
two most popular client LDAP APIs (MS, Natscape).

Thanx in advance.