search

mumble-voip / mumble-scripts

Mumble scripts is a place for gathering various scripts written for the Mumble VoIP application.
https://www.mumble.info
48 stars 33 forks source link

StartTLS support without cert for LDAP authenticator #12

Closed poinck closed 8 years ago

poinck commented 8 years ago

This change will add an option to enable StartTLS without cert check for the LDAP authenticator. The default is not to use StartTLS. You can enable it by uncommenting the line use_start_tls = true in "LDAPAuth.ini".

hacst commented 8 years ago

Neat. From what I can tell from the documentation this should work just fine. Apart from the things I commented on this should be ready to merge.

About the not checking certificates part: Is there a specific reason why you didn't make it an option to check the cert? Just not the way you intend to use it or are there some other limitations someone tackling this in the future should be aware of?

poinck commented 8 years ago

I can't test StartTLS with certificates, so I decided not to implement something that I could not test.

I will see to the things you commented. Thx for evaluating my changes.

poinck commented 8 years ago

What do you think of my corrections; any objections?

hacst commented 8 years ago

No objection. Sorry about missing your correction.

Squashed and merged with very minor modification (pulled out ldap_trace variable to be able to improve related comment) as 5a227f4 StartTLS support without cert for LDAP authenticator

Thanks a lot for your work on this feature!