[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Patch adding command line TLS support to the ldap utilities

To: Michael Ströder <michael@stroeder.com>, openldap-devel@openldap.org
Subject: Re: Patch adding command line TLS support to the ldap utilities
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Tue, 31 Jan 2017 09:20:52 -0800
Content-disposition: inline
In-reply-to: <WM!f568b1d654c3a2162b5eb65780cf6d3387e84a9256a320f7ec041bb992fbd5c654f83fa9ec1d751f29c7d02d4feb64df!@mailstronghold-1.zmailcloud.com>
References: <DBC88A13E0A9BD0571544FA0@[192.168.1.30]> <1993c820-9428-d18c-9ee2-5ab1b7704ff9@stroeder.com> <WM!5a0cd2824b27aad5ff701b7e13e9b3c71b8867a044086af18fefaf48ba5af04f3baa58c010a2713672fc75de1516976c!@mailstronghold-3.zmailcloud.com> <83E3C376F092AB5BA90CF4C5@[192.168.1.30]> <03264f9e-1783-d047-a3c2-edbee1e14df2@stroeder.com> <WM!f568b1d654c3a2162b5eb65780cf6d3387e84a9256a320f7ec041bb992fbd5c654f83fa9ec1d751f29c7d02d4feb64df!@mailstronghold-1.zmailcloud.com>

--On Tuesday, January 31, 2017 5:07 PM +0100 Michael Ströder<michael@stroeder.com> wrote:

Hmm, up to now I thought setting LDAP_TLS_CACERT and friends overrides
whatever is set in ldap.conf or .ldaprc.

Variables do override, however, I have no clue as to *what* things may beset somewhere. If I were to unset LDAPNOINIT, any test is subject toanything I don't specifically override that the user, system admin, etc,may have set.

And I also thought LDAPNOINIT disables all defaults from config files.


It disables everything (config files, environment variables, etc).

      Thus the following files and variables are read, in order:
          variable     $LDAPNOINIT, and if that is not set:
          system file  /usr/local/etc/openldap/ldap.conf,
          user files   $HOME/ldaprc,  $HOME/.ldaprc,  ./ldaprc,
          system file  $LDAPCONF,
          user files   $HOME/$LDAPRC, $HOME/.$LDAPRC, ./$LDAPRC,
          variables    $LDAP<uppercase option name>.


--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

References:
- Patch adding command line TLS support to the ldap utilities
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Patch adding command line TLS support to the ldap utilities
  - From: Michael Ströder <michael@stroeder.com>
- Re: Patch adding command line TLS support to the ldap utilities
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Patch adding command line TLS support to the ldap utilities
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: Patch adding command line TLS support to the ldap utilities
Index(es):
- Chronological
- Thread