Re: Additional bug in OpenLDAP TLS code

Wednesday, 10 May 2017

--On Wednesday, May 10, 2017 11:19 PM +0200 Michael Ströder 
<michael(a)stroeder.com&gt; wrote:

...
 Quanah Gibson-Mount wrote:
> Attempting to connect via ldapsearch to ldap://127.0.0.1 and initiate
> startTLS will fail, as the IP gets mapped to "localhost", and then the
> FQDN check fails.

 Yes, this is a bug. Especially since the mapping to "localhost" does not
 have a trustable source for this mapping. 
Bah, never mind.  I had a runaway slapd with old cert info running.  It 
does work in this scenario correctly.

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Re: Additional bug in OpenLDAP TLS code