diff options
author | Ian Allison <iana@pims.math.ca> | 2015-10-08 21:16:35 -0700 |
---|---|---|
committer | Jan Kara <jack@suse.cz> | 2015-12-16 18:15:52 +0100 |
commit | 833b7029954bcb29d23766d0d50558388ace519e (patch) | |
tree | 8c7a6a23932f479031e4dbf9b0acb3c4646cc4f8 /warnquota.conf | |
parent | 50dd12cfdbffea08b01a95ebfbc6eeb1d648c592 (diff) |
warnquota: Added StartTLS support
An option called LDAP_TLS has been added to warnquota.conf which
controls whether the LDAP connection uses StartTLS. The option supports
the following values
never - Don't ask for a certificate
allow - Ask for certificate, proceed if valid
try - Ask for certificate, proceed if valid or not given
demand - Ask for certificate, proceed only if given and valid
Signed-off-by: Ian Allison <iana@pims.math.ca>
Signed-off-by: Jan Kara <jack@suse.cz>
Diffstat (limited to 'warnquota.conf')
-rw-r--r-- | warnquota.conf | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/warnquota.conf b/warnquota.conf index 59d4f5f..b06f81f 100644 --- a/warnquota.conf +++ b/warnquota.conf @@ -60,6 +60,12 @@ GROUP_SIGNATURE = See you!| Your admin| # Otherwise you should specify LDAP_HOST and LDAP_PORT # LDAP_HOST = ldap # LDAP_PORT = 389 +# LDAP_TLS = false (false|never|allow|try|demand) use StarTLS +# false - don't use starTLS +# never - don't ask for a certificate +# allow - request certificate, proceed even if not verified +# try - request certificate, terminate if bad, proceed if not sent +# demand - request certificate, proceed only if verified # LDAP_BINDDN = uid=ReadOnlyUser,o=YourOrg # LDAP_BINDPW = YourReadOnlyUserPassword # LDAP_BASEDN = YourSearchBase |