[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6419) bindconf parser doesn't apply tls-defaults as documented
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#6419) bindconf parser doesn't apply tls-defaults as documented
- From: rhafer@suse.de
- Date: Tue, 8 Dec 2009 12:33:09 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Am Dienstag 08 Dezember 2009 11:53:41 schrieb hyc@symas.com:
> rhafer@suse.de wrote:
> > Am Montag 07 Dezember 2009 21:22:08 schrieb quanah@zimbra.com:
> >> --On Monday, December 07, 2009 2:24 PM +0000 rhafer@suse.de wrote:
> >>> ------------------------------------
> >>> olcSyncrepl: {0}rid=1 provider="ldap://master/" searchbase="dc=test"
> >>> type="refreshAndPersist" starttls=critical bindmethod="simple"
> >>> binddn="uid=syncrepl,dc=test" credentials="XXXXXX"
> >>> ------------------------------------
> >>>
> >>> Question is if this is a bug in the documentation or in the code. I
> >>> think it's the latter.
> >>
> >> Howard believes this is fixed in head with servers/slapd/config.c 1.508
> >> -> 1.509. Can you please test and let us know the result?
> >
> > It solves the problem only partially. It still doesn't work when using
> > "ldaps://" uris AFAICS.
>
> The code was assuming that at least one of the other TLS config keywords
> would also be used in these situations. Most of the time the slapd TLS
> config would only be appropriate for server use, and would need to be
> overridden when acting as a client.
>
> Anyway, this is now fixed in HEAD.
Confirmed.
--
Ralf