--On Saturday, April 25, 2009 11:14 PM +0200 Arthur de Jong
<adej...@debian.org> wrote:
Subject: libldap-2.4-2: setting LDAP_OPT_X_TLS_REQUIRE_CERT is not
handled correctly Package: libldap-2.4-2
Version: 2.4.15-1.1
Severity: important
I've been busy tracking down a LDAP/TLS related bug in my package
(#521617) and found that the correct certificate checks are not done
correctly if I only set the LDAP_OPT_X_TLS_REQUIRE_CERT option on a
connection:
tls_reqcert=LDAP_OPT_X_TLS_NEVER;
ldap_set_option(NULL,LDAP_OPT_X_TLS_REQUIRE_CERT,&tls_reqcert);
There have been numerous changes to how libldap uses TLS entirely since
2.4.11, and several fixes specific to GnuTLS as well. I would advise you
use the very latest from CVS HEAD rather than poking at 2.4.11. IIRC,
there is one GnuTLS fix not currently in the RE24 code, which is why I
suggest using HEAD atm. I'll be syncing up RE24 likely in the next week or
so.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
