[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Additional bug in OpenLDAP TLS code

To: Quanah Gibson-Mount <quanah@symas.com>, openldap-devel@openldap.org
Subject: Re: Additional bug in OpenLDAP TLS code
From: Michael Ströder <michael@stroeder.com>
Date: Wed, 10 May 2017 22:19:38 +0200
In-reply-to: <80106510F3B08D5173986771@[192.168.1.19]>
Openpgp: id=43C8730E84A20E560722806C07DC7AE36A8BC938
References: <80106510F3B08D5173986771@[192.168.1.19]>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:51.0) Gecko/20100101 SeaMonkey/2.48

Quanah Gibson-Mount wrote:
> Attempting to connect via ldapsearch to ldap://127.0.0.1 and initiate startTLS will
> fail, as the IP gets mapped to "localhost", and then the FQDN check fails.

Yes, this is a bug. Especially since the mapping to "localhost" does not have a trustable
source for this mapping.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- Additional bug in OpenLDAP TLS code
  - From: Quanah Gibson-Mount <quanah@symas.com>

Prev by Date: Additional bug in OpenLDAP TLS code
Next by Date: Re: Additional bug in OpenLDAP TLS code
Index(es):
- Chronological
- Thread