Re: (ITS#6131) "TLSVerifyClient try" not working with GNU TLS - openldap-bugs

1 Jun 2009


      Kartik Subbarao wrote:
...
Howard Chu wrote:
...
This bug report makes no sense; the code you quoted is not part of
OpenLDAP 2.4.16. The relevant code is in function tlsg_session_accept()
in tls_g.c, and there is no such bug in that function.
Well, according to the CVS head branch, the code that I cited in tls.c
is still there:
http://www.openldap.org/devel/cvsweb.cgi/~checkout~/libraries/libldap/tls.c?...
But I certainly defer to your knowledge of which code is relevant
Read the Makefile; tls.c is not used any more.
...
-- I
was just looking around for a possible explanation to the problem that
I'm encountering.
I double-checked the version that I was running and it's actually
2.4.15, not 2.4.16. Would there be a significant difference between
these two versions with respect to TLS certificate handling?
Yes. Read the 2.4.16 CHANGES.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/