]> git.sur5r.net Git - openldap/commit
projects / openldap / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0836855) | patch
ITS#7014 TLS: don't check hostname if reqcert is 'allow'
authorJan Vcelak <jvcelak@redhat.com>
Tue, 9 Aug 2011 13:21:34 +0000 (15:21 +0200)
committerQuanah Gibson-Mount <quanah@openldap.org>
Fri, 28 Oct 2011 02:07:45 +0000 (19:07 -0700)
commit09c5f495a6164391a00e02dc1c7106b264d9ea6e
tree20a08c9dc6a09008814f3554b71c1b1826a749b4tree | snapshot
parent0836855ea6f1f9d10cf77acee01581037a420891commit | diff
ITS#7014 TLS: don't check hostname if reqcert is 'allow'

If server certificate hostname does not match the server hostname,
connection is closed even if client has set TLS_REQCERT to 'allow'. This
is wrong - the documentation says, that bad certificates are being
ignored when TLS_REQCERT is set to 'allow'.
libraries/libldap/tls2.c diff | blob | history
Cloned from git://git.openldap.org/openldap.git