.>Your patch doesn't do _quite_ what I need it to though. I need to allow
the
>user to configure the mapping from subject DN to LDAP DN, etc. I'll be
>submitting my patch when it gets working as well. We should try and merge
the
>two so we don't have a billion patches for LDAP verification floating
around,
>kind of like the LDAP auth modules for apache. :)
Ok, of course. What I'm trying to do now is to control access on Apache
directory with SSLRequire, depending on env var status i set in my patch,
OCSP_LDAP_RESPONSE, but SSLRequire doesn't work and still denies access. I
saw that the cause is that I set the env var value after SSLRequire check.
Any idea about that ?
>
>One thing I plan on adding to this is the ability to specify the search
base
>based on the attribute/value pairs in the subject DN. You would basically
have
>a printf-like format string for your search base, like:
>
>uid=%{CN}, OU=%{OU}, OU=People, O=%{O}, C=US
I tried to perform ldap search on der attribute like usercertificate;binary,
but I can't do that with LDAPv2 search filter... any suggestion ?
>
>Thanks for the pointers!
>
You're welcome !
Andrea
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
