------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=1382
--- Comment #8 from Todd Lyons <tlyons@???> 2013-09-10 19:44:49 ---
Based on the comments in:
http://www.openldap.org/lists/openldap-software/200706/msg00164.html
"The LDAP_OPT_X_TLS_REQUIRE_CERT option can only be set globally and not for
particular LDAP handles. So, you need to invoke ldap_set_option() with a NULL
first argument"
Applying this small change fixes the issue for the bug poster:
<cannonball> Ok, let's test #2 first. change this line:
<cannonball> ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &cert_option);
<cannonball> to
<cannonball> ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &cert_option);
<alxgomz> VICTORY!!! :)
<alxgomz> first setting the option to a NULL handle fixes the issue
<alxgomz> my network dump shows a nice and complete TLS traffic :)
<cannonball> Good job finding that (obscure) openldap post which said exactly
what the error was.
It is unknown if this change needs to be wrapped with #ifdef only for OpenLDAP.
Phil, do you know if other ldap servers behave the same?
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email