Re: (ITS#5981) TLSVerifyClient try setting fails with GnuTLS

1 Mar 2009


      peter@adpm.de wrote:
...
Full_Name: Peter Marschall
Version: 2.4.15
OS: Linux
URL: ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch
Submission from: (NULL) (92.75.56.86)
Hi,
when OpenLDAP 2.4.15 is compiled with GnuTLS, then setting
   TLSVerifyClient Try
in slapd.conf makes TLS connections without certificates impossible.
This is caused by incomplete decoding in tls_g.c
The patch in ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch
fixes this issue together with a few other little cleanups:

remove unused variables (less compiler warnings)
use correct types (less compiler warnings)
detect failed calls for activation/exiration functions to
 avoid giving wrong information

Please consider adding this patch to OpenLDAP
Thanks for the patch, committed to HEAD.
...
Regards
Peter
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Re: (ITS#5981) TLSVerifyClient try setting fails with GnuTLS