lists.arthurdejong.org
RSS feed

Re: small myldap.c patch

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: small myldap.c patch



On Thu, 2015-08-27 at 12:53 -0700, Robert Brooks wrote:
> My other question next question is, why aren't other tls options set
> in myldap.c, for example tls_ciphers, tls_cacert etc? I see them set 
> in cfg.c...

Some options are set globally (ldap_set_option(NULL,...) in cfg.c and
some on the connection (ldap_set_option(ld,...) in myldap.c because
otherwise they are not always correctly picked up.

I think this also depends on which TLS library is used. The current
situation is a bit magical but at least it works ;)

Some background can be found here:
  https://bugs.debian.org/525605

Kind regards,

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/