On Wed, Jan 26, 2011 at 3:54 AM, Stephen Gallagher <sgallagh(a)redhat.com> wrote:
...snip...
Ok, so now that we know we have a patch to accomplish this... we have
to
ask ourselves this question: are we willing to push this upstream, or
should we stick to the principles we've maintained up to this point?
- --
Stephen Gallagher
I actually agree with JR here. If a user is too lazy to setup ldap
certs for a specific server, they can simply set:
ldap_tls_reqcert = never
If they are too lazy to make their ldap servers support ldaps, they
shouldn't be running an ldap server. This seems most appropriate to
put the patch on bugzilla and then CLOSEDWONTFIX.
--
Jeff Schroeder
Don't drink and derive, alcohol and analysis don't mix.
http://www.digitalprognosis.com