Deprecated ldap_int_tls_config in rlm_ldap

John Dennis jdennis at redhat.com
Tue May 7 21:01:47 CEST 2013


On 05/07/2013 02:45 PM, Arran Cudbard-Bell wrote:
>> But more to the point OpenLDAP has addressed the TLS configuration
>> issues a while ago.
>
> Do you know the version? Want to make sure that it's checked in the
> autoconf script.

I don't think you need to check this in autoconf, you're not looking for 
the presence of a function, the correct methodology is to use the 
existing interfaces that have always been there, but pass new constants. 
In the patch you'll see the code is ifdef'ed so it only compiles if the 
constant is in the header file. If the constant is in the header but the 
library still doesn't understand it (not likely) you should get an error 
back which will be logged.

P.S. I'm not sure if you were thinking about falling back to the old 
methodology if you don't find the new mechanism. Don't do that. If the 
new mechanism isn't there for some reason the best approach IMHO would 
be to issue a warning, but don't try to use an internal non-public API 
instead. BTW the "_int_" in the symbol name ldap_int_tls_config stands 
for internal.

-- 
John Dennis <jdennis at redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/


More information about the Freeradius-Devel mailing list