[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4072) Feature request: Don't list StartTLS (1.3.6.1.4.1.1466.20037) if not configured correctly

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#4072) Feature request: Don't list StartTLS (1.3.6.1.4.1.1466.20037) if not configured correctly
From: michael@stroeder.com
Date: Mon, 10 Oct 2005 23:19:04 GMT

Howard Chu wrote:
> Michael Ströder wrote:
> 
>> Howard Chu wrote:
>>  
>>> michael@stroeder.com wrote:
>>>
>>>> I'd like to propose that StartTLS (1.3.6.1.4.1.1466.20037) is not
>>>> listed in
>>>> rootDSE's attribute supportedExtension if TLS/SSL is not configured
>>>> correctly.
>>>
>>> What does "not configured correctly" mean? E.g., if invalid files are
>>> used for the cert/key file options, ldap_pvt_tls_init_def_ctx() will
>>> fail, and slapd will refuse to startup. What other configurations are
>>> you concerned with?
>>
>> Well, rather not configured at all but compiled with TLS support.
>>   
> 
> I guess that makes sense. Done. Please test.

Seems to work especially with this particular client which failed to
connect before. Thanks!

Ciao, Michael.

Prev by Date: (ITS#4074) slapd ignores invalid pid/arg files
Next by Date: Re: (ITS#4072) Feature request: Don't list StartTLS (1.3.6.1.4.1.1466.20037) if not configured correctly
Index(es):
- Chronological
- Thread