[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: commit: ldap/libraries/libldap tls.c

> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]

> I suggest, for now, moving to a system where the frontend
> had its own 'default' context (driven by slapd.conf(5)
> settings) and have all the client uses (syncrepl, back-ldap,
> back-meta) share a 'default' context (driven by ldap.conf(5)).
OK, I've committed a hack to let the slapd frontend use its own TLS context.

> Long term, we'll have to figure how to separately configure
> each client use (not only on a per backend basis, but a per
> instance basis).

Right. I haven't addressed this.

> So, basically, I'd create a ldap_pvt_tls API which slapd
> can use for frontend purposes which doesn't rely on ldap.conf
> nor interfere with client uses.

That will take some further thought...

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support