[Git][openldap/openldap][master] ITS#8675 - Fix tools to not continue on TLS error - openldap-commit

26 Mar 2020


      Quanah Gibson-Mount pushed to branch master at openldap / OpenLDAP
Commits:
23af2c36 by Kurt Zeilenga at 2020-03-26T18:45:00+00:00
ITS#8675 - Fix tools to not continue on TLS error
The spec says that upon StartTLS &#39;success&#39;, both TLS communications is
established on the octet following the Start TLS response (and the
request)... and that once one starts TLS communications, one can never
go back to LDAP without TLS. So if there&#39;s a TLS failure (whether as
part of TLS nego or later), LDAP communications cannot be continued
(without TLS).
Only ignoring LDAP errors (rc &gt; 0) ensures that if TLS negotiation
fails, we don&#39;t attempt to send LDAP operations without TLS.
- - - - -
1 changed file:
- clients/tools/common.c
View it on GitLab: https://git.openldap.org/openldap/openldap/-/commit/23af2c36e23be325fcd70f1b...
-- 
View it on GitLab: https://git.openldap.org/openldap/openldap/-/commit/23af2c36e23be325fcd70f1b...
You're receiving this email because of your account on git.openldap.org.