I can think of three reasons why the patch is causing problems:
1. The patch is three years old and was not validated against the current
OpenLDAP version, to which it has been applied. Without additional testing,
I am not even sure if the issue that the patch fixes still exists.
2. The patch was not tested in the proxy configuration.
3. The patch changes the way tls_reqcert parameter is handled. It is
therefore possible that a setup with an incorrect TLS certificate would
stop working. However, that is a general remark and the cause of
Abdelkader Chelouah's problems may be entirely different.
Unfortunately, I do not feel that I would be able to help with any further
work on this patch. Due to the passage of time since this bug was reported,
I would need to redo all the work from scratch (my test environment is long
gone, and the limited understanding of OpenLDAP internals that I once had,
has since faded from my memory). I do not believe that I can afford such an
effort, particularly when I worry that the result could be shelved for
years again. I would be grateful if others, who are more knowledgeable with
OpenLDAP internals, look into this issue.
Thank you very much
Show replies by date