[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Patch adding command line TLS support to the ldap utilities

Quanah Gibson-Mount wrote:
> Michael Ströder <michael@stroeder.com> wrote:
>> Quanah Gibson-Mount wrote:
>>> In working on creating a TLS testsuite for OpenLDAP, a glaring omission
>>> in the abilities of the command line tools quickly became apparent.
>>> Specifically, the inability to set any TLS related options.
>> Just out of curiosity:
>> Wasn't using the env vars not enough in the test suite's shell scripts?
> No.  I have no way of knowing what option(s)/conf files may exist in the environment
> of the user building OpenLDAP.  We set LDAPNOINIT in the test suite to avoid this
> problem for the non-TLS portion, but there's no ability to do anything TLS related at
> that point w/o such a patch.

Hmm, up to now I thought setting LDAP_TLS_CACERT and friends overrides whatever is set in
ldap.conf or .ldaprc.

And I also thought LDAPNOINIT disables all defaults from config files.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature