[Date Prev][Date Next]
HEADS UP: TLS "hard"
I've removed the TLS "hard" option as it doesn't behave as
a default but as an override. That is, if a user explicitly
asks to connect to ldap://ldap.example.com/ with -ZZ but there
is "TLS hard" set, the library will attempt SSL negotiation
despite being explicitly directed to use a different mechanism.
It's likely possible to rewrite init such that "TLS hard"
only affects the URI generated by HOST/PORT ldap.conf options...