[Bug 1159770] Re: debconf configuration for SSL/TLS is missing in ldap-auth-config
Daniel T Chen
seven.steps at gmail.com
Tue Mar 26 15:35:02 UTC 2013
** Changed in: ldap-auth-client (Ubuntu)
Importance: Undecided => Wishlist
** Changed in: ldap-auth-client (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1159770
Title:
debconf configuration for SSL/TLS is missing in ldap-auth-config
Status in “ldap-auth-client” package in Ubuntu:
Triaged
Bug description:
The file /etc/ldap.conf contains the settings for LDAP authentication.
The recommended way of configuring this file and LDAP authentication,
is through debconf. However, there is no way to specify whether TLS
or SSL must be used for LDAP authentication, and without this setting,
the user passwords will be sent in cleartext over the network.
Release: Ubuntu 12.04.2 LTS
Version: ldap-auth-config: Installed: 0.5.3
Expected: To be able to set up secure LDAP authentication through
debconf
Instead: Configuring that TLS or SSL is required, is not possible.
This also means that it cannot be preseeded during automated installs.
To enable TLS or SSL, the /etc/ldap.conf must contain "ssl start_tls'
or 'ssl on' as appropriate. These are available already in the file,
but currently commented out. These can be failry easily brought under
debconf control, would only require a new question in
control/Templates, and code in control/postinst.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ldap-auth-client/+bug/1159770/+subscriptions
More information about the Ubuntu-sponsors
mailing list