]> git.sur5r.net Git - openldap/commit
projects / openldap / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9d39e1e) | patch
Changed default tls_opt_require_cert value to LDAP_OPT_X_TLS_DEMAND; force
authorHoward Chu <hyc@openldap.org>
Sat, 4 May 2002 00:05:48 +0000 (00:05 +0000)
committerHoward Chu <hyc@openldap.org>
Sat, 4 May 2002 00:05:48 +0000 (00:05 +0000)
commit0390a171b9b3f77a0781ae54c696e099ea4918fd
tree2d5f6c3229c8e8338c1fd1b34c08fcb0d2570627tree | snapshot
parent9d39e1e67244b70d0e10893e623dd5afdd9f207bcommit | diff
Changed default tls_opt_require_cert value to LDAP_OPT_X_TLS_DEMAND; force
a fatal error when TLS server cert verification fails.

Changed ldap_pvt_tls_check_hostname to return LDAP_SUCCESS when no cert is
found: this can now only occur if tls_opt_require_cert was explicitly set
to NEVER or ALLOW.

In tls_verify_cb, added a text translation of the verification error code
to the debug message.
libraries/libldap/tls.c diff | blob | history
Cloned from git://git.openldap.org/openldap.git