[Date Prev][Date Next]
Re: RE24 testing round 3
Hallvard B Furuseth wrote:
back-ldap/bind.c needs "lutil.h" for lutil_strcopy().
Beyond that, passes all tests on Ubuntu --with-tls=gnutls.
Which reminds me, we need some tests that actually exercise TLS. We should add
a sample CA cert + server and user cert+key to the test suite. Or maybe
generate them on the fly, so we can also set a short lifetime and test
expiration and CRL processing. We should test the certificate matching rules
as well. (Not sure how much we need to test re: cert validation; we ought to
be able to rely on the respective crypto suites to do that already.)
At the very least, we ought to be able to set a user cert, authenticate with
SASL/EXTERNAL, and verify the output of ldapwhoami.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/