[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: RE24 testing round 3

To: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Subject: Re: RE24 testing round 3
From: Howard Chu <hyc@symas.com>
Date: Mon, 31 Aug 2009 14:54:01 -0700
Cc: openldap-devel@openldap.org
In-reply-to: <hbf.20090831fbag@bombur.uio.no>
References: <C7819F638489C722BBF870A3@[192.168.1.199]> <4A9BE6AC.7090400@phillipoux.net> <4A9C20DC.30700@symas.com> <hbf.20090831fbag@bombur.uio.no>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; rv:1.9.1b5pre) Gecko/20090819 SeaMonkey/2.0a1pre Firefox/3.0.3

Hallvard B Furuseth wrote:

back-ldap/bind.c needs "lutil.h" for lutil_strcopy().

Beyond that, passes all tests on Ubuntu --with-tls=gnutls.

Which reminds me, we need some tests that actually exercise TLS. We should adda sample CA cert + server and user cert+key to the test suite. Or maybegenerate them on the fly, so we can also set a short lifetime and testexpiration and CRL processing. We should test the certificate matching rulesas well. (Not sure how much we need to test re: cert validation; we ought tobe able to rely on the respective crypto suites to do that already.)At the very least, we ought to be able to set a user cert, authenticate withSASL/EXTERNAL, and verify the output of ldapwhoami.


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

References:
- RE24 testing round 3
  - From: Quanah Gibson-Mount <quanah@zimbra.com>
- Re: RE24 testing round 3
  - From: Jonathan Clarke <jonathan@phillipoux.net>
- Re: RE24 testing round 3
  - From: Howard Chu <hyc@symas.com>
- Re: RE24 testing round 3
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: RE24 testing round 3
Next by Date: Re: RE24 testing round 3
Index(es):
- Chronological
- Thread