Quanah Gibson-Mount <[email protected]> writes: > This is expected to be the final testing call for 2.4.45, with an > anticipated release, depending on feedback, during the week of > 2017/05/29. > > For this testing call, we particularly need folks to test OpenLDAP > with startTLS/LDAPS when compiled against OpenSSL (both pre 1.1 series > and with the 1.1 series). There is currenly nothing in the test suite > that covers encrypted connections (Although it's on my todo list). To > build against OpenSSL 1.1 may also require cyrus-sasl HEAD out of the > cyrus-sasl GIT repository, depending on your build options as the > current cyrus-sasl release does not support the OpenSSL 1.1 series. > It can be found at <https://github.com/cyrusimap/cyrus-sasl>. If you > build with GSSAPI and use Heimdal, you will also need the Heimdal > 7.1.0 or later release (as that is where OpenSSL 1.1 support was > added). It can be obtained from <http://h5l.org/>. [...]
All tests succeeded, source built against openssl-1.0.2j, startTLS. ldaps and sasl EXTERNAL showed no failures. ldapwhoami -Y EXTERNAL -Z -H ldap://localhost:9007 SASL/EXTERNAL authentication started SASL username: cn=Dieter Kluenter,ou=Partner,o=AVCI,c=DE SASL SSF: 0 dn:cn=dieter kluenter,ou=partner,o=avci,c=de ldapwhoami -Y EXTERNAL -H ldaps://localhost:9008 SASL/EXTERNAL authentication started SASL username: cn=Dieter Kluenter,ou=Partner,o=AVCI,c=DE SASL SSF: 0 dn:cn=dieter kluenter,ou=partner,o=avci,c=de -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
