[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4975) --without-tls is broken

Full_Name: Hallvard B Furuseth
Version: HEAD
OS: Linux
Submission from: (NULL) (
Submitted by: hallvard

slapd/schema_init.c:certificateExactNormalize() (outside HAVE_TLS) needs
slapd/dn.c:dnX509normalize() (inside HAVE_TLS).  The latter uses
libldap/tls.c:ldap_X509dn2bv() (outside HAVE_TLS), which needs oid_name
oids[] (inside HAVE_TLS).

If those are all moved outside HAVE_TLS, test021-certificate still fails:
  Running ./scripts/test021-certificate...
  running defines.sh
  Running slapadd to build slapd database...
  Starting slapd on TCP/IP port 9011...
  Testing certificate handling...
  Add certificates...
  ldapmodify failed (18)!
...because certificateExactNormalize() isn't used (the certificateExactMatch
syntax #ifdef HAVE_TLS'es it out).  It passes if that #ifdef is removed too.

I haven't kept track of the TLS changes though, so I don't know if just
moving #ifdefs around is the right fix.