[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7042) [PATCH] allow unsetting of tls_* options for syncrepl

To: openldap-its@OpenLDAP.org
Subject: (ITS#7042) [PATCH] allow unsetting of tls_* options for syncrepl
From: jvcelak@redhat.com
Date: Mon, 12 Sep 2011 16:33:32 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Jan Vcelak
Version: master
OS: Linux
URL: ftp://ftp.openldap.org/incoming/jvcelak-20110912-syncrepl-allow-unsetting-of-tls-options.patch
Submission from: (NULL) (209.132.186.34)


Hello,

I'm just passing a patch submitted to our bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=734187

To sum it up: If tls_cert/tls_key syncrepl options are not specified, server
setting is inherited and used. According to various reports on the Internet,
this is a feature, not a bug. However it forces a replica to use a client
certificate for authentication, because the tls_cert and tls_key options can not
be disabled.

The patch allows tls_* options to be disabled, like this: "tls_cert="
Without the patch, "file not found" error will occur.

The patch is written by the submitter of the bug report - Patrick Monnerat (pm
at datasphere dot ch).

Jan

Prev by Date: Re: (ITS#6925) [PATCH] Use inet_ntop for server when available
Next by Date: Re: (ITS#7042) [PATCH] allow unsetting of tls_* options for syncrepl
Index(es):
- Chronological
- Thread