Fix, the TLSVerifyClient option was not evaluated correctly and could never

be turned off. (It defaults to off, so if you never mentioned it, it would
stay off. But if you tried "TLSVerifyClient 0" it would turn on.)

diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index a0adcb7728a53a72a93bf138af78deb9683ef063..c736fa70583e830d61ac51d8d235235019a604d2 100644 (file)
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -1080,9 +1080,10 @@ read_config( const char *fname )
                        if ( rc )
                                return rc;
                } else if ( !strcasecmp( cargv[0], "TLSVerifyClient" ) ) {
+                       i = atoi(cargv[1]);
                        rc = ldap_pvt_tls_set_option( NULL,
                                                      LDAP_OPT_X_TLS_REQUIRE_CERT,
-                                                     cargv[1] );
+                                                     &i );
                        if ( rc )
                                return rc;