Work around brain damage

author Peter Palfrader <peter@palfrader.org>

Fri, 27 Feb 2009 10:35:53 +0000 (11:35 +0100)

committer Peter Palfrader <peter@palfrader.org>

Fri, 27 Feb 2009 10:35:53 +0000 (11:35 +0100)
author Peter Palfrader <peter@palfrader.org>
Fri, 27 Feb 2009 10:35:53 +0000 (11:35 +0100)
committer Peter Palfrader <peter@palfrader.org>
Fri, 27 Feb 2009 10:35:53 +0000 (11:35 +0100)
diff --git a/Util.pm b/Util.pm

index e97a9e9..7f19694 100644 (file)
--- a/Util.pm
+++ b/Util.pm
@@ -349,7 +349,7 @@ sub UpgradeConnection($) {
    my ($ldap) = @_;
    my $mesg = $ldap->start_tls(
                            verify => 'require',
-                          capath => '/etc/ssl/certs/'
+                          cafile => '/etc/ssl/certs/spi-cacert-2008.pem'
                            );
    $mesg->sync;
    if ($mesg->code != LDAP_SUCCESS) {
diff --git a/debian/changelog b/debian/changelog

index 80182f4..0b03853 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+userdir-ldap-cgi (0.3.25) unstable; urgency=low
+
+  * Util.pm: change capath /etc/ssl/certs to
+    cafile /etc/ssl/certs/spi-cacert-2008.pem because the libldap
+    folks thought it was a good idea to remove that feature for lenny.
+    I hate you ldap and gnutls.
+
+ -- Peter Palfrader <weasel@debian.org>  Fri, 27 Feb 2009 11:34:59 +0100
+
  userdir-ldap-cgi (0.3.24) unstable; urgency=low
  
    * Ignore the * in [[*host]] links, and ignore [[- ]] in [[-hostname]]
author	Peter Palfrader <peter@palfrader.org>
	Fri, 27 Feb 2009 10:35:53 +0000 (11:35 +0100)
committer	Peter Palfrader <peter@palfrader.org>
	Fri, 27 Feb 2009 10:35:53 +0000 (11:35 +0100)
Util.pm		patch \| blob \| history
debian/changelog		patch \| blob \| history