[exim-dev] [Bug 1273] `ldapauth` fails when TLS is enabled

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1273] `ldapauth` fails when TLS is enabled
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1273

Phil Pennock <pdp@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |pdp@???





--- Comment #2 from Phil Pennock <pdp@???> 2012-07-22 07:01:56 ---
Which LDAP server are you using?

The code change you use says to not use TLS if already *authenticated* to the
server; that may be a decent approximation, while the ldap_* options are not
expanded, but I'm reluctant to use it as-is because it means that if those
options become expanded, a configuration which allows anonymous binds without
TLS but is supposed to use TLS for an authenticated bind would avoid TLS and
this would then become a security bug.

Could you include a debug trace showing the lookups failing for you, with
sensitive data anonymised? I'm not in a situation to set up a decent test this
weekend to replicate myself.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email