https://bugzilla.novell.com/show_bug.cgi?id=757715
https://bugzilla.novell.com/show_bug.cgi?id=757715#c1
--- Comment #1 from Ludwig Nussel 2012-04-18 12:00:08 CEST ---
The code in libraries/libldap/tls_o.c (or libraries/libldap/tls.c) has a rather
weird logic. It tries to set the specified cafile/cadir and if that fails uses
openssl's defaults (SSL_CTX_set_default_verify_paths). So if nothing is
specified it doesn't use any cafile/cadir. I think the code should be modified
to use defaults if nothing is specified and fail if an explicitly specified
cafile/cadir cannot be loaded.
That way no config change is needed at all (although adding an example line
can't hurt either).
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.