Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Register
  • Sign in
  • O OpenLDAP
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
    • Locked files
  • Bugzilla
    • Bugzilla
  • Merge requests 6
    • Merge requests 6
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Terraform modules
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Jobs
  • Commits
Collapse sidebar
  • openldap
  • OpenLDAP
  • Merge requests
  • !9
The source project of this merge request has been removed.

ITS#8675 - Fix tools to not continue on TLS error

Merged Quanah Gibson-Mount requested to merge (removed):its8675 into master Mar 26, 2020
  • Overview 2
  • Pipelines 0
  • Changes 1

The spec says that upon StartTLS 'success', both TLS communications is established on the octet following the Start TLS response (and the request)... and that once one starts TLS communications, one can never go back to LDAP without TLS. So if there's a TLS failure (whether as part of TLS nego or later), LDAP communications cannot be continued (without TLS).

Only ignoring LDAP errors (rc > 0) ensures that if TLS negotiation fails, we don't attempt to send LDAP operations without TLS.

Assignee
Assign to
Reviewers
Request review from
Time tracking
Source branch: its8675