mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-31 06:15:37 +00:00
Code Issues Releases Wiki Activity

TLS_CACERT is now an alias for TLS_CACERTFILE. OpenLDAP uses TLS_CACERT,

Browse Source 
not TLS_CACERTFILE in its ldap.conf.  Other LDAP client code, such as
nss_ldap, uses TLS_CACERTFILE.  Also document why you should avoid
disabling TLS_CHECKPEER is possible.
This commit is contained in:
Todd C. Miller
2010-07-08 09:02:03 -04:00
parent 5b1420b6d4
commit 432d27573d
4 changed files with 113 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/ldap.c
View File

@@ -183,6 +183,8 @@ static struct ldap_config_table ldap_conf_table[] = {
#ifdef LDAP_OPT_X_TLS_CACERTFILE
{ "tls_cacertfile", CONF_STR, FALSE, LDAP_OPT_X_TLS_CACERTFILE,
&ldap_conf.tls_cacertfile },
{ "tls_cacert", CONF_STR, FALSE, LDAP_OPT_X_TLS_CACERTFILE,
&ldap_conf.tls_cacertfile },
#endif
#ifdef LDAP_OPT_X_TLS_CACERTDIR
{ "tls_cacertdir", CONF_STR, FALSE, LDAP_OPT_X_TLS_CACERTDIR,