[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6131) "TLSVerifyClient try" not working with GNU TLS

Kartik Subbarao wrote:
> Howard Chu wrote:
>> This bug report makes no sense; the code you quoted is not part of
>> OpenLDAP 2.4.16. The relevant code is in function tlsg_session_accept()
>> in tls_g.c, and there is no such bug in that function.
> Well, according to the CVS head branch, the code that I cited in tls.c
> is still there:
> http://www.openldap.org/devel/cvsweb.cgi/~checkout~/libraries/libldap/tls.c?rev=1.167&hideattic=1&sortbydate=0
> But I certainly defer to your knowledge of which code is relevant

Read the Makefile; tls.c is not used any more.

> -- I
> was just looking around for a possible explanation to the problem that
> I'm encountering.
> I double-checked the version that I was running and it's actually
> 2.4.15, not 2.4.16. Would there be a significant difference between
> these two versions with respect to TLS certificate handling?

Yes. Read the 2.4.16 CHANGES.

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/