[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3791) start_tls while chasing referrals

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#3791) start_tls while chasing referrals
From: ando@sys-net.it
Date: Thu, 11 Aug 2005 07:59:18 GMT

> Hi,
>
> any news on this? Is it planned to integrate this patch into CVS? To me it
> look reasonable.

I'd rather say it looks obscure.

I'm thinking about something slightly different for back-ldap/meta; in
fact, I believe this should go into the ldap_rebind_proc that's supplied
by the client and not in the client library itself.  In fact, starting TLS
on a connection to a different DSA as a consequence of chasing a referral
may result in error cases which require client's intervention.  So, the
fix should go in pam_ldap rather than in libldap.  All we should do is
provide, in some doc, an example ldap_rebind_proc that retries the
original bind, optionally starting TLS if required.

Comments?

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

Prev by Date: Re: (ITS#3791) start_tls while chasing referrals
Next by Date: Re: (ITS#3791) start_tls while chasing referrals
Index(es):
- Chronological
- Thread