On Wed, Jan 3, 2018 at 5:31 AM, Peter Eisentraut
<peter.eisentraut@2ndquadrant.com> wrote:
> On 12/26/17 15:53, Peter Eisentraut wrote:
>> This patch looks reasonable to me. I have also seen occasional requests
>> for this in the field.
>>
>> If someone could test this on Windows, I think we could move ahead with it.
Thanks for looking at this.
> A small point on the test changes. You change the test under
> "diagnostic message", but I'm not sure why. Do the changes invalidate
> the existing test?
Yeah. In master, I was relying on the server rejecting ldaptls=1
requests due to lack of configured certificate in order to generate a
diagnostic message. Now that there is a certificate, I needed to find
another way to get requests rejected with a diagnostic message. I
have added a brief note to the commit message about this.
> We should probably also add another "note" call to introduce the LDAPS
> tests section.
I realised that I should probably also include a new test for
ldaptls=1, so that we can see that both ways of doing TLS are working.
I added that test, and added a "note" to label the whole section as
"TLS". Please see attached.
--
Thomas Munro
http://www.enterprisedb.com