my ($ldap) = @_;
my $mesg = $ldap->start_tls(
verify => 'require',
- capath => '/etc/ssl/certs/'
+ cafile => '/etc/ssl/certs/spi-cacert-2008.pem'
);
$mesg->sync;
if ($mesg->code != LDAP_SUCCESS) {
+userdir-ldap-cgi (0.3.25) unstable; urgency=low
+
+ * Util.pm: change capath /etc/ssl/certs to
+ cafile /etc/ssl/certs/spi-cacert-2008.pem because the libldap
+ folks thought it was a good idea to remove that feature for lenny.
+ I hate you ldap and gnutls.
+
+ -- Peter Palfrader <weasel@debian.org> Fri, 27 Feb 2009 11:34:59 +0100
+
userdir-ldap-cgi (0.3.24) unstable; urgency=low
* Ignore the * in [[*host]] links, and ignore [[- ]] in [[-hostname]]