https://bugs.openldap.org/show_bug.cgi?id=9627
Issue ID: 9627 Summary: Query regarding openldap ca cert buffer usage over filepath Product: OpenLDAP Version: 2.5.6 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs@openldap.org Reporter: naveen.kumartg@siemens.com Target Milestone: ---
Hi,
We are unable to connect to openldap server via starttls using LDAP_OPT_X_TLS_CACERT. The LDAP_OPT_X_TLS_CACERT option doesn't work and it is not mentioned in any of the documents.
LDAP_OPT_X_TLS_CACERTFILE option does work but it takes file path.
Does openldap stack support ca certificate in buffer/array format otherthan just the filepath.?, We would like to avoid filepath.
Best Regards, Naveen
https://bugs.openldap.org/show_bug.cgi?id=9627
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |INVALID
--- Comment #1 from Howard Chu hyc@openldap.org --- The ITS is for bug reports. Software usage questions belong on the openldap-technical mailing list. Closing this ticket.
https://bugs.openldap.org/show_bug.cgi?id=9627
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CONFIRMED Ever confirmed|0 |1 Resolution|INVALID |---
--- Comment #2 from Quanah Gibson-Mount quanah@openldap.org --- (In reply to naveen from comment #0)
The LDAP_OPT_X_TLS_CACERT option doesn't work and it is not mentioned in any of the documents.
This option was added to tls2.c in 83fb515555 and to bconfig.c in 7b41feed83 but is not documented in the man pages, unlike LDAP_OPT_X_TLS_CACERTFILE and LDAP_OPT_X_TLS_CACERTDIR.
This lack of documentation is clearly a bug.
It also appears to be missing from libldap/init.c, so it's not clear to me what purpose it has, if any.
https://bugs.openldap.org/show_bug.cgi?id=9627
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |RESOLVED Resolution|--- |INVALID
--- Comment #3 from Howard Chu hyc@openldap.org --- (In reply to Quanah Gibson-Mount from comment #2)
(In reply to naveen from comment #0)
The LDAP_OPT_X_TLS_CACERT option doesn't work and it is not mentioned in any of the documents.
This option was added to tls2.c in 83fb515555 and to bconfig.c in 7b41feed83 but is not documented in the man pages, unlike LDAP_OPT_X_TLS_CACERTFILE and LDAP_OPT_X_TLS_CACERTDIR.
This lack of documentation is clearly a bug.
The existence of undocumented internal-use-only APIs is not a bug.
It also appears to be missing from libldap/init.c, so it's not clear to me what purpose it has, if any.
Nor is its absence from init.c a bug.
https://bugs.openldap.org/show_bug.cgi?id=9627
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org