peter(a)adpm.de wrote:
Full_Name: Peter Marschall
Version: 2.4.15
OS: Linux
URL:
ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch
Submission from: (NULL) (92.75.56.86)
Hi,
when OpenLDAP 2.4.15 is compiled with GnuTLS, then setting
TLSVerifyClient Try
in slapd.conf makes TLS connections without certificates impossible.
This is caused by incomplete decoding in tls_g.c
The patch in
ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch
fixes this issue together with a few other little cleanups:
- remove unused variables (less compiler warnings)
- use correct types (less compiler warnings)
- detect failed calls for activation/exiration functions to
avoid giving wrong information
Please consider adding this patch to OpenLDAP
Thanks for the patch, committed to HEAD.
Regards
Peter
--
-- Howard Chu
CTO, Symas Corp.
http://www.symas.com
Director, Highland Sun
http://highlandsun.com/hyc/
Chief Architect, OpenLDAP
http://www.openldap.org/project/