Michael Ströder wrote:
I vaguely remember that there were code changes to the hostname cert
checking when connecting via StartTLS ext.op. or LDAPS. But I'd prefer
if the default behaviour would be strict like it was.
You'll have to be more specific. What are you seeing that it doesn't do any more?
I'm testing with RE24 libs.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/