Bug#976991: I am stepping up to help with the GnuTLS → OpenSSL switch in OpenLDAP

John Scott jscott at posteo.net
Thu Jul 27 23:17:53 BST 2023


On Thu, 2023-07-27 at 12:25 -0400, Sergio Durigan Junior wrote:
> > > I'll write some TLS autopkgtests, we'll rebuild reverse dependencies
> > > and see how they fare, it'll be great.
> > 
> > That's an excellent first step, thanks for looking into it!
> 
> +1, thanks for helping with this, John.

Thank you for your encouragement! I have sent a merge request here that checks that TLS works, it should work without change for GnuTLS and OpenSSL:
https://salsa.debian.org/openldap-team/openldap/-/merge_requests/8

Note that this only uses TLS for the server-side (what most people think of when they think of TLS), the test could be extended to test client certificates too I suppose but let's do one thing at a time.

I know you just made an upload, obviously there's no hurry to get this in the archive.

I like that working on this package forces me to learn about LDAP one step at a time. If now is not a good time to stage the OpenSSL switch, please let me know if there is other low-hanging fruit to work on. I'm sure you saw my announcement email that I'm putting together an LDAP CURL autopkgtest, and am happy to report that I've also prepared an autopkgtest testing that gpgsm can fetch S/MIME certificates over LDAP. Yay, I love autopkgtests!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-openldap-devel/attachments/20230727/5187d0ac/attachment.sig>


More information about the Pkg-openldap-devel mailing list