|
|
adf540 |
From f7027b3118ea90d616d0ddeeb348f15ba91cd08b Mon Sep 17 00:00:00 2001
|
|
|
adf540 |
From: Jan Synacek <jsynacek@redhat.com>
|
|
|
adf540 |
Date: Wed, 13 Nov 2013 13:34:06 +0100
|
|
|
adf540 |
Subject: [PATCH] Fix client manpage
|
|
|
adf540 |
|
|
|
adf540 |
---
|
|
|
adf540 |
doc/man/man5/ldap.conf.5 | 18 ++++++++----------
|
|
|
adf540 |
1 file changed, 8 insertions(+), 10 deletions(-)
|
|
|
adf540 |
|
|
|
adf540 |
diff --git a/doc/man/man5/ldap.conf.5 b/doc/man/man5/ldap.conf.5
|
|
|
adf540 |
index 7f5bc64..bef0672 100644
|
|
|
adf540 |
--- a/doc/man/man5/ldap.conf.5
|
|
|
adf540 |
+++ b/doc/man/man5/ldap.conf.5
|
|
|
adf540 |
@@ -431,8 +431,8 @@ The environment variable RANDFILE can also be used to specify the filename.
|
|
|
adf540 |
This parameter is ignored with GnuTLS and Mozilla NSS.
|
|
|
adf540 |
.TP
|
|
|
adf540 |
.B TLS_REQCERT <level>
|
|
|
adf540 |
-Specifies what checks to perform on server certificates in a TLS session,
|
|
|
adf540 |
-if any. The
|
|
|
adf540 |
+Specifies what checks to perform on server certificates in a TLS session.
|
|
|
adf540 |
+The
|
|
|
adf540 |
.B <level>
|
|
|
adf540 |
can be specified as one of the following keywords:
|
|
|
adf540 |
.RS
|
|
|
adf540 |
@@ -441,19 +441,17 @@ can be specified as one of the following keywords:
|
|
|
adf540 |
The client will not request or check any server certificate.
|
|
|
adf540 |
.TP
|
|
|
adf540 |
.B allow
|
|
|
adf540 |
-The server certificate is requested. If no certificate is provided,
|
|
|
adf540 |
-the session proceeds normally. If a bad certificate is provided, it will
|
|
|
adf540 |
+The server certificate is requested. If a bad certificate is provided, it will
|
|
|
adf540 |
be ignored and the session proceeds normally.
|
|
|
adf540 |
.TP
|
|
|
adf540 |
.B try
|
|
|
adf540 |
-The server certificate is requested. If no certificate is provided,
|
|
|
adf540 |
-the session proceeds normally. If a bad certificate is provided,
|
|
|
adf540 |
-the session is immediately terminated.
|
|
|
adf540 |
+The server certificate is requested. If a bad certificate is provided, the
|
|
|
adf540 |
+session is immediately terminated.
|
|
|
adf540 |
.TP
|
|
|
adf540 |
.B demand | hard
|
|
|
adf540 |
-These keywords are equivalent. The server certificate is requested. If no
|
|
|
adf540 |
-certificate is provided, or a bad certificate is provided, the session
|
|
|
adf540 |
-is immediately terminated. This is the default setting.
|
|
|
adf540 |
+These keywords are equivalent and semantically same as
|
|
|
adf540 |
+.BR try .
|
|
|
adf540 |
+This is the default setting.
|
|
|
adf540 |
.RE
|
|
|
adf540 |
.TP
|
|
|
adf540 |
.B TLS_CRLCHECK <level>
|
|
|
adf540 |
--
|
|
|
adf540 |
1.8.3.1
|
|
|
adf540 |
|