[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7645) various TLSProtocolMin issues



[Post-facto.  Howard has already committed this]

I believe there's two other doc changes that should be added for this: 
1) syncrepl accepts tls_protocol_min as a suboption too,
2) for consistency, perhaps slapd-ldap(5) and slapd-meta(5) should use the
   same <major>[.<minor>] syntax for the value as ldap.conf(5) and 
   slapd.conf(5) ?


First two chunks below are for (1), second two for (2).

Philip Guenther


diff --git a/doc/man/man5/slapd-config.5 b/doc/man/man5/slapd-config.5
index af8beb3..2f8e656 100644
--- a/doc/man/man5/slapd-config.5
+++ b/doc/man/man5/slapd-config.5
@@ -1786,6 +1786,7 @@ FALSE, meaning the contextCSN is stored in the context entry.
 .B [tls_reqcert=never|allow|try|demand]
 .B [tls_ciphersuite=<ciphers>]
 .B [tls_crlcheck=none|peer|all]
+.B [tls_protocol_min=<major>[.<minor>]]
 .B [suffixmassage=<real DN>]
 .B [logbase=<base DN>]
 .B [logfilter=<filter str>]
diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5
index 70116df..8840e3a 100644
--- a/doc/man/man5/slapd.conf.5
+++ b/doc/man/man5/slapd.conf.5
@@ -1763,6 +1763,7 @@ the contextCSN is stored in the context entry.
 .B [tls_reqcert=never|allow|try|demand]
 .B [tls_ciphersuite=<ciphers>]
 .B [tls_crlcheck=none|peer|all]
+.B [tls_protocol_min=<major>[.<minor>]]
 .B [suffixmassage=<real DN>]
 .B [logbase=<base DN>]
 .B [logfilter=<filter str>]
diff --git a/doc/man/man5/slapd-ldap.5 b/doc/man/man5/slapd-ldap.5
index 98969e0..8df818c 100644
--- a/doc/man/man5/slapd-ldap.5
+++ b/doc/man/man5/slapd-ldap.5
@@ -114,7 +114,7 @@ needs to be created.
 .B [tls_cacertdir=<path>]
 .B [tls_reqcert=never|allow|try|demand]
 .B [tls_ciphersuite=<ciphers>]
-.B [tls_protocol_min=<version>]
+.B [tls_protocol_min=<major>[.<minor>]]
 .B [tls_crlcheck=none|peer|all]
 .RS
 Allows to define the parameters of the authentication method that is 
diff --git a/doc/man/man5/slapd-meta.5 b/doc/man/man5/slapd-meta.5
index a4020b5..9a326d5 100644
--- a/doc/man/man5/slapd-meta.5
+++ b/doc/man/man5/slapd-meta.5
@@ -381,7 +381,7 @@ for details on the syntax of this field.
 .B [tls_cacertdir=<path>]
 .B [tls_reqcert=never|allow|try|demand]
 .B [tls_ciphersuite=<ciphers>]
-.B [tls_protocol_min=<version>]
+.B [tls_protocol_min=<major>[.<minor>]]
 .B [tls_crlcheck=none|peer|all]
 .RS
 Allows to define the parameters of the authentication method that is