Jaunty uses a newer libgnutls option. The slapd.conf man page (and slapd-conf man page) still says you can find cipher names for TLSCipherSuite (and olcTLSCipherSuite) by running "gnutls-cli -l" but names output by that command are not accepted as options for TLSCipherSuite. This is a bug in the documentation.
If you look through the libgnutls source code (file gnutls26-2.4.2/lib/gnutls_priority.c function gnutls_priority_init() ) reveals option names. As an example, this syntax is accepted by slapd if you use slapd.conf on Jaunty: TLSCipherSuite SECURE256:SECURE128 but OpenLDAP on Hardy could use TLSCipherSuite TLS_RSA_AES_256_CBC_SHA1:TLS_RSA_ARCFOUR_MD5 and now slapd on Jaunty will not start if you try that despite what the manual page says about TLSCipherSuite accepting ciphers that "gnutls-cli -l" outputs. -- Wrong documentation for TLSCipherSuite https://bugs.launchpad.net/bugs/317401 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
