Sean Gallagher wrote:
On 1/08/2023 3:46 am, Jordan Brown wrote:
On 7/31/2023 9:10 AM, Howard Chu wrote:
The fact that the TLS session is already authenticated is irrelevant. Transport layer and Application layer are separate and independent. If a client wants to be authenticated on the LDAP layer it must request it.
Does the RFC explicitly authorize controlling access based on the client's IP address? Does slapd allow controlling access based on the client's IP address?
Howard is being very literal in his reading of the LDAP RFCs.
RFCs are not poems, they aren't meant to be loosely interpreted.
I've wasted enough time explaining things here. As always, in an all-volunteer open source project, if you want something changed, go change it yourself. Quit trying to browbeat other people into listening to your selfish demands.