Re: [squid-users] squid_ldap_group + TLS

From: Dieter Kluenter <dieter@dont-contact.us>
Date: 16 Jan 2003 20:32:09 +0100

Am Mit, 2003-01-15 um 20.33 schrieb Henrik Nordstrom:
> Dieter Kluenter wrote:
>
> > while reading the source code of squid_ldap_group I found hints for an
> > option -Z start_tls, is that an undocumented feature or is TLS not
> > working yet?
>
> If is just that I forgot to update the manpage when merging the TLS
> support from squid_ldap_auth. It should work if your binary accepts the
> option.
>
> > I would prefer TLS based connections to my directory server, as I
> > allready realise with Samba and Sendmail.
>
> Try it, and then report back here if it works or not.

Got squid_ldap_group working with TLS and openldap-2.1.3
but squid_ldap_auth complaints "unknown option "Z".
>
> In the pipeline there is also a patch waiting to get processed which
> adds support for ldaps:// connections using some OpenLDAP specific LDAP
> API extensions..

ldaps:// is a holdover from LDAPv2 and not compatible to LDAPv3
STARTTLS, see documentation of openldap.2.1.x

-Dieter

-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter@schevolution.com
http://www.schevolution.com/tour
Received on Thu Jan 16 2003 - 12:32:18 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:42 MST