Closed poinck closed 8 years ago
Neat. From what I can tell from the documentation this should work just fine. Apart from the things I commented on this should be ready to merge.
About the not checking certificates part: Is there a specific reason why you didn't make it an option to check the cert? Just not the way you intend to use it or are there some other limitations someone tackling this in the future should be aware of?
I can't test StartTLS with certificates, so I decided not to implement something that I could not test.
I will see to the things you commented. Thx for evaluating my changes.
What do you think of my corrections; any objections?
No objection. Sorry about missing your correction.
Squashed and merged with very minor modification (pulled out ldap_trace variable to be able to improve related comment) as 5a227f4 StartTLS support without cert for LDAP authenticator
Thanks a lot for your work on this feature!
This change will add an option to enable StartTLS without cert check for the LDAP authenticator. The default is not to use StartTLS. You can enable it by uncommenting the line
use_start_tls = true
in "LDAPAuth.ini".