On 10.06.2018 17:51, Ryan Tandy wrote: > I never did get around to re-asking GnuTLS upstream about adding a > workaround on their end, but I suspect there's no point; after all > libldap is doing the very things their documentation explicitly says a > library should never do.
GnuTLS upstream really isn't at fault, they'll most likely tell us that libldap is doing the wrong thing. Maybe debian and other distros patching this convinces openldap upstream to fix this or add a compile-time option to turn off this behaviour.
