[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ITS#8286 round 2

To: Howard Chu <hyc@symas.com>, openldap-devel@openldap.org
Subject: Re: ITS#8286 round 2
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Tue, 18 Dec 2018 10:15:47 -0800
Content-disposition: inline
In-reply-to: <0d072477-1e5c-c194-a095-395f6e7366b6@symas.com>
References: <842973A21685DB44126F1E3F@[192.168.1.39]> <efa1a37e-cebc-bf80-3c18-d10648a05e29@symas.com> <261BFA770E5CEBCB25A3A8A0@[192.168.1.39]> <0d072477-1e5c-c194-a095-395f6e7366b6@symas.com>

--On Tuesday, December 18, 2018 6:08 PM +0000 Howard Chu <hyc@symas.com>wrote:

Quanah Gibson-Mount wrote:

--On Tuesday, December 18, 2018 5:53 PM +0000 Howard Chu <hyc@symas.com>
wrote:


---------------- servers/slapd/bconfig.c -----------------------

olcTLSCertificateKey -- ??? (Private SYNTAX OID)  Shouldn't the SYNTAX
be 1.3.6.1.4.1.1466.115.121.1.8? And use certificateExactMatch?


No, a key is not a certificate. Keys are stored in PKCS#8 encoding.


So what's the matching rule for it? ;)


I suppose it'll have to be octetStringMatch.


Ok, done:

<https://github.com/quanah/openldap-scratch/commit/57026b565a092de45faf3f6bf9ec118fb2080341>

That should cover ITS#8286.

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

References:
- ITS#8286 round 2
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: ITS#8286 round 2
  - From: Howard Chu <hyc@symas.com>
- Re: ITS#8286 round 2
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: ITS#8286 round 2
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: ITS#8286 round 2
Next by Date: Re: ITS#8286 round 2
Index(es):
- Chronological
- Thread