warnquota: Added StartTLS support

An option called LDAP_TLS has been added to warnquota.conf which controls whether the LDAP connection uses StartTLS. The option supports the following values never - Don't ask for a certificate allow - Ask for certificate, proceed if valid try - Ask for certificate, proceed if valid or not given demand - Ask for certificate, proceed only if given and valid Signed-off-by: Ian Allison <iana@pims.math.ca> Signed-off-by: Jan Kara <jack@suse.cz>
author: Ian Allison <iana@pims.math.ca> 2015-10-08 21:16:35 -0700
committer: Jan Kara <jack@suse.cz> 2015-12-16 18:15:52 +0100
commit: 833b7029954bcb29d23766d0d50558388ace519e (patch)
tree: 8c7a6a23932f479031e4dbf9b0acb3c4646cc4f8 /warnquota.conf
parent: 50dd12cfdbffea08b01a95ebfbc6eeb1d648c592 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/warnquota.conf b/warnquota.conf
index 59d4f5f..b06f81f 100644
--- a/warnquota.conf
+++ b/warnquota.conf
@@ -60,6 +60,12 @@ GROUP_SIGNATURE	= See you!|			Your admin|
 # Otherwise you should specify LDAP_HOST and LDAP_PORT
 # LDAP_HOST = ldap
 # LDAP_PORT = 389
+# LDAP_TLS = false (false|never|allow|try|demand) use StarTLS
+#   false - don't use starTLS
+#   never - don't ask for a certificate
+#   allow - request certificate, proceed even if not verified
+#   try - request certificate, terminate if bad, proceed if not sent
+#   demand - request certificate, proceed only if verified
 # LDAP_BINDDN = uid=ReadOnlyUser,o=YourOrg
 # LDAP_BINDPW = YourReadOnlyUserPassword
 # LDAP_BASEDN = YourSearchBase
author	Ian Allison <iana@pims.math.ca>	2015-10-08 21:16:35 -0700
committer	Jan Kara <jack@suse.cz>	2015-12-16 18:15:52 +0100
commit	833b7029954bcb29d23766d0d50558388ace519e (patch)
tree	8c7a6a23932f479031e4dbf9b0acb3c4646cc4f8 /warnquota.conf
parent	50dd12cfdbffea08b01a95ebfbc6eeb1d648c592 (diff)