mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-12-25 00:59:45 -05:00
Annuaire LDAP
210b156ece
If the olcTLSVerifyClient is set to a value other than "never", the server should request that the client send a client certificate for possible use with client cert auth (e.g. SASL/EXTERNAL). If set to "allow", if the client sends a cert, and there are problems with it, the server will warn about problems, but will allow the SSL session to proceed without a client cert. If set to "try", if the client sends a cert, and there are problems with it, the server will warn about those problems, and shutdown the SSL session. If set to "demand" or "hard", the client must send a cert, and the server will shutdown the SSL session if there are problems. I added a new member of the tlsm context structure - tc_warn_only - if this is set, tlsm_verify_cert will only warn about errors, and only if TRACE level debug is set. This allows the server to warn but allow bad certs if "allow" is set, and warn and fail if "try" is set. |
||
|---|---|---|
| build | ||
| clients | ||
| contrib | ||
| doc | ||
| include | ||
| libraries | ||
| servers | ||
| tests | ||
| .gitattributes | ||
| .gitignore | ||
| aclocal.m4 | ||
| configure | ||
| configure.in | ||
| COPYRIGHT | ||
| INSTALL | ||
| LICENSE | ||
| Makefile.in | ||
| README | ||
OpenLDAP Devel README This software was obtained from the development branch (HEAD) of the OpenLDAP Software Repository. This copy is likely already not current, the development branch changes frequently. These changes include code implementing experimental features and unproven bug fixes. Please do NOT redistribute copies of the development branch. The OpenLDAP Developer's FAQ is available at: <http://www.openldap.org/faq/index.cgi?file=4> Client developers seeking a suitable development platform should use "release" or "stable" versions. <http://www.openldap.org/software/> Contributing See <http://www.openldap.org/devel/contributing.html> for how to contribute code or documentation to OpenLDAP. Use the Issue Tracking System <http://www.openldap.org/its/> to submit contributions. While you are encouraged to coordinate and discuss the development activities on the openldap-devel@openldap.org mailing list prior to submission, it is noted that contributions must be submitted using the Issue Tracking System to be considered. --- $OpenLDAP$ This work is part of OpenLDAP Software <http://www.openldap.org/>. Copyright 1998-2011 The OpenLDAP Foundation. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License. A copy of this license is available in the file LICENSE in the top-level directory of the distribution or, alternatively, at <http://www.OpenLDAP.org/license.html>. OpenLDAP is a registered trademark of the OpenLDAP Foundation.