------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=1382
--- Comment #10 from Todd Lyons <tlyons@???> 2013-09-10 19:58:35 ---
I've assembled a more specific description of the issues involving this option
and the ways in which it is not working:
1) The ldap_require_cert doesn't override the URI TLS setting. Commenting out
the tls_option somewhat nullifies that.
2) The LDAP_OPT_X_TLS_REQUIRE_CERT setting is a global setting, so it should be
using NULL instead of an ldap handle.
3) The start_tls function has a rebinding issue which you have not yet seen
because you haven't gotten it to work right in the first place.
#1 should be addressed by the patch in my gist (previous comment)
#2 is fixed by using NULL for the ldap handle in the ldap_set_options() for the
setting that controls 'certificate required'.
#3 appears to be fixed by the patch in bug 1375. This bug poster has not used
his system in a way yet which will tickle this bug.
Just wanted to clarify all the different issues that these various patches and
test are actually addressing.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email