openldap

mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-21 03:10:25 +08:00

History

Kurt Zeilenga 23af2c36e2 ITS#8675 - Fix tools to not continue on TLS error The spec says that upon StartTLS 'success', both TLS communications is established on the octet following the Start TLS response (and the request)... and that once one starts TLS communications, one can never go back to LDAP without TLS. So if there's a TLS failure (whether as part of TLS nego or later), LDAP communications cannot be continued (without TLS). Only ignoring LDAP errors (rc > 0) ensures that if TLS negotiation fails, we don't attempt to send LDAP operations without TLS.	2020-03-26 18:45:00 +00:00
..
tools	ITS#8675 - Fix tools to not continue on TLS error	2020-03-26 18:45:00 +00:00
Makefile.in	Happy New Year!	2020-01-09 16:50:21 +00:00

Kurt Zeilenga 23af2c36e2 ITS#8675 - Fix tools to not continue on TLS error

The spec says that upon StartTLS 'success', both TLS communications is
established on the octet following the Start TLS response (and the
request)... and that once one starts TLS communications, one can never
go back to LDAP without TLS. So if there's a TLS failure (whether as
part of TLS nego or later), LDAP communications cannot be continued
(without TLS).

Only ignoring LDAP errors (rc > 0) ensures that if TLS negotiation
fails, we don't attempt to send LDAP operations without TLS.

2020-03-26 18:45:00 +00:00

tools

ITS#8675 - Fix tools to not continue on TLS error

2020-03-26 18:45:00 +00:00

Makefile.in

Happy New Year!

2020-01-09 16:50:21 +00:00