On Fri, Feb 27, 2009 at 09:35:39AM -0800, Quanah Gibson-Mount wrote:
> If you are unable to test this patch at this time, I can do some testing on
> my systems using OpenLDAP 2.4.15 & Postfix 2.5.6.
The patch is working for me, please confirm that it is working for you
also. It is simple enough that the only possible isue is a misreading
of the new OpenLDAP 2.4 API or implementation bugs in OpenLDAP.
The new Postfix code itself is obviously correctly trying set up
connection specific SSL parameters, so the question is only whether
there is some additional subtle steps needed to make this happen.
So far it looks like the changes in the patch are a correct interpretation
of the LDAP API:
- Set TLS parameters for the current LDAP handle, not the NULL
(global) handle.
- After all the parameters are in place, request a dedicated SSL
context for the current LDAP handle.
Provided this is the right approach, we are good to go.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
