On 17/01/2022 16:48, Jonathan Valliere wrote:
I think that piece of code is trying to move the concern of configuring
the SSL into a place which doesn’t have enough information about the
state. The Ciphers can be set when the Filter is created. If a special
workflow is needed, you can always extend SSLFilter now which has
convenient override handlers.
Well, I don't think it's necessary in this case.
What we need in LDAP Server is the possibility, on demand, to establish
a crypted session. That means the previous communication was in clear,
and we ask the server to be ready to handle a HS.
That is as simple.
Note that in Apache Directory server we have the possibility to define
the ciphers per configuration, and this is taken into account in the
first part of the 'if'.
I question the second part as it seems to violate the (LDAP StartTLS) RFC.
So bottom line, it's not a MINA issue, but rather a Directory one.
--
Emmanuel Lécharny
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org
