https://bugs.openldap.org/show_bug.cgi?id=10065
--- Comment #3 from [email protected] --- (In reply to Quanah Gibson-Mount from comment #1) > Pretty much everything in this report is incorrect and is not how things > function. I suggest reading the slapd.conf(5) man page in better detail. This is not helpful. I have put a lot of detail into the report. A little detail in the reply is not unreasonable. I reject the assertion that "everything" is incorrect. > I would note that the EXTERNAL SASL mechanism has nothing to do with > cyrus-sasl. cyrus-sasl decides if EXTERNAL will be offered. That's something. > An olcSecurity: tls=X would mandate TLS encryption on the connection, i.e., > it would apply to simply binds as well as SASL mechanisms. Yes, I didn't read that paragraph very carefully. I was trying to work out how slapd got the ssf for TLS and mistakenly thought that was it. I had to read the code more to find the calls to openssl. sorry. -- You are receiving this mail because: You are on the CC list for the issue.
