openldap-bugs

openldap-bugs@openldap.org

1 participants
20895 discussions

[Issue 9654] New: Allow using both Elliptic curves and RSA certificate
by openldap-its＠openldap.org 30 Aug '21

30 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=9654 Issue ID: 9654 Summary: Allow using both Elliptic curves and RSA certificate Product: OpenLDAP Version: 2.5.4 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- sendmail and Cyrus IMAP allow to set two TLS server certificates -one RSA and EC. When the client supports Elliptic curves, the smaller EC certificate is used. Likewise it accepts two private keys, in case the private key is not included in the certificate file. In sendmail and Cyrus IMAP, two certificates are set in the same directive, separated with comma: define(`confSERVER_CERT', `/etc/zzz/fullchain.pem,/etc/zzz/fullchain_ec.pem') define(`confSERVER_KEY', `/etc/zzz/privkey.pem,/etc/zzz/privkey_ec.pem') In Cyrus IMAP the code dealing with this for OpenSSL is at https://github.com/cyrusimap/cyrus-imapd/blob/master/imap/tls.c#L453 : cf1/kf1 is the fist public/private key, cf2/kf2 are the second. In sendmail the code is in sendmail/tls.c:inittls() - it calls SSL_CTX_use_PrivateKey_file twice - once with keyfile and once with kf2 (keyfile 2). • Extend OpenLDAP to accept several certificates (RSA/EC) - either per permitting several (comma separated) values in olcTLSCertificateFile/olcTLSCertificateKeyFile , or by allowing several occurrences of the property. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9587] New: Admin guide: Need example partial replication configuration
by openldap-its＠openldap.org 27 Aug '21

27 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=9587 Issue ID: 9587 Summary: Admin guide: Need example partial replication configuration Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The admin guide states: Syncrepl supports partial, sparse, and fractional replications but there are no example configurations for partial replication to draw from. This needs to be added to the guide. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9156] latest ppolicy draft support
by openldap-its＠openldap.org 26 Aug '21

26 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=9156 --- Comment #13 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Commits: • c4d399c2 by Quanah Gibson-Mount at 2021-08-26T15:43:24+00:00 ITS#9156 - Remove ppolicy.schema from README Also remove nadf.schema, that got removed some time long ago -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8862] typos manual slapd-mdb
by openldap-its＠openldap.org 26 Aug '21

26 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=8862 --- Comment #7 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Quanah Gibson-Mount from comment #6) > (In reply to dpa-openldap(a)aegee.org from comment #5) > > For me “as large a value as possible…” sounds without “a” better. > > Then it would no longer be grammatically correct. > > "as large a value as possible" is correct. An alternative way to phrase it would be "as large of a value as possible", but both are correct statements. "as large value as possible" is not a correct statement in any form in this context. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8862] typos manual slapd-mdb
by openldap-its＠openldap.org 26 Aug '21

26 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=8862 --- Comment #6 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to dpa-openldap(a)aegee.org from comment #5) > For me “as large a value as possible…” sounds without “a” better. Then it would no longer be grammatically correct. "as large a value as possible" is correct. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8862] typos manual slapd-mdb
by openldap-its＠openldap.org 26 Aug '21

26 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=8862 --- Comment #5 from dpa-openldap(a)aegee.org <dpa-openldap(a)aegee.org> --- For me “as large a value as possible…” sounds without “a” better. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8862] typos manual slapd-mdb
by openldap-its＠openldap.org 26 Aug '21

26 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=8862 --- Comment #4 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to dpa-openldap(a)aegee.org from comment #3) > How about this sentence: > > > It is important to set this to as large a value as possible… What about it? It's a correct statement. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8862] typos manual slapd-mdb
by openldap-its＠openldap.org 26 Aug '21

26 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=8862 --- Comment #3 from dpa-openldap(a)aegee.org <dpa-openldap(a)aegee.org> --- How about this sentence: > It is important to set this to as large a value as possible… -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6949] OpenLDAP Logging
by openldap-its＠openldap.org 26 Aug '21

26 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=6949 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mhardin(a)symas.com --- Comment #6 from Quanah Gibson-Mount <quanah(a)openldap.org> --- *** Issue 9492 has been marked as a duplicate of this issue. *** -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6097] MMR problems with deletes
by openldap-its＠openldap.org 24 Aug '21

24 Aug '21

https://bugs.openldap.org/show_bug.cgi?id=6097 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9647 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs