On Fri, Apr 30, 2010 at 05:42:46PM +0200, Jakub Hrozek wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This is a rebased version of the patch that applies on top of the recent changes that went into 1.2. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkva+nYACgkQHsardTLnvCU0mwCeI3089fLmEpEiMyJ33MFSY/uA +d4AoKW2vzUrQmu/ZVZOddLrCWSXKjJH =/zHm -----END PGP SIGNATURE-----
There is a warning about 'new blank line at EOF', I think it is from src/man/include/service_discovery.xml.
+#define SSS_LDAP_ID_SRV "ldap" +#define SSS_LDAP_AUTH_SRV "ldaps"
the auth provider does an explicit StartTLS. So I think ldap is safe here in both cases. But it might be useful to have an option to change the default from "ldap" to "ldaps"?
bye, Sumit