hyc@OpenLDAP.org wrote:

Update of /repo/OpenLDAP/pkg/ldap/servers/slapd

Modified Files: schema_init.c 1.395 -> 1.396

Log Message: Use liblber for certificate Validation, Normalization

These functions are no longer dependent on HAVE_TLS. I've only tested with X509v3 certificates, it probably needs a shakedown with X509v1 and X509v2 certs.

Along with the other changes to integrate GNUtls support, I've changed the ldap_X509dn2bv function to expect a DER format berval for input. We no longer use OpenSSL-specific X509_NAME structures anywhere.