https://bugs.openldap.org/show_bug.cgi?id=9543
Issue ID: 9543
Summary: Patch : Customize CN check on TLS
Product: OpenLDAP
Version: unspecified
Hardware: i386
OS: Other
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: libraries
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Created attachment 821
--> https://bugs.openldap.org/attachment.cgi?id=821&action=edit
Patch on master
Hi,
I added a feature that allow to customize the domain name on TLS hostname
verification. With it, we can use an IP that comes from our DNS resolver.
It is mainly used when we want launch test units with a private server where
the IP and domains are private.
In our case, we use our own dns resolver (internal code) which give us an IP
that is passed to LDAP. As we know the domain name but not LDAP, we pass it to
it for checking (it's not an ignore option)
Here is the commit from our repository (based from 2.4):
https://gitlab.linphone.org/BC/public/external/openldap/-/commit/a4fef2181ce9bdcb5dfafb598be6c1dc5d2aebab
Here is the branch from the HEAD of your current master (one commit, parent
60b7dc731ce9f2424a4a56d78ae99270a3c6239c)
https://gitlab.linphone.org/BC/public/external/openldap/-/tree/feature/hostname_check
Here is the branch from the HEAD of OPENLDAP_REL_ENG_2_4 (one commit, parent
faf2c4e78641f69df3fdea5f97ddb058946f2051)
https://gitlab.linphone.org/BC/public/external/openldap/-/tree/feature/hostname_check_2_4
I attached the diff on master
Regards
--
You are receiving this mail because:
You are on the CC list for the issue.
