[Date Prev][Date Next] [Chronological] [Thread] [Top]

HEADS UP: TLS "hard"

I've removed the TLS "hard" option as it doesn't behave as
a default but as an override.  That is, if a user explicitly
asks to connect to ldap://ldap.example.com/ with -ZZ but there
is "TLS hard" set, the library will attempt SSL negotiation
despite being explicitly directed to use a different mechanism.

It's likely possible to rewrite init such that "TLS hard"
only affects the URI generated by HOST/PORT ldap.conf options...