[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5981) TLSVerifyClient try setting fails with GnuTLS

To: openldap-its@OpenLDAP.org
Subject: (ITS#5981) TLSVerifyClient try setting fails with GnuTLS
From: peter@adpm.de
Date: Sun, 1 Mar 2009 12:10:15 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Peter Marschall
Version: 2.4.15
OS: Linux
URL: ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch
Submission from: (NULL) (92.75.56.86)


Hi,

when OpenLDAP 2.4.15 is compiled with GnuTLS, then setting
  TLSVerifyClient Try
in slapd.conf makes TLS connections without certificates impossible.

This is caused by incomplete decoding in tls_g.c

The patch in ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch
fixes this issue together with a few other little cleanups:
- remove unused variables (less compiler warnings)
- use correct types (less compiler warnings)
- detect failed calls for activation/exiration functions to
  avoid giving wrong information

Please consider adding this patch to OpenLDAP

Regards
Peter

Next by Date: (ITS#5982) man page for ldapexop
Index(es):
- Chronological
- Thread