Bug 577219 - Authconfig should disallow setting both ldaps and TLS
Authconfig should disallow setting both ldaps and TLS
Product: Fedora
Classification: Fedora
Component: authconfig (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2010-03-26 09:41 EDT by Stephen Gallagher
Modified: 2011-09-08 04:41 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Stephen Gallagher 2010-03-26 09:41:53 EDT
Description of problem:
Right now, it is possible to save a configuration with
LDAP Server: ldaps://ldap.example.com
'Use TLS to encrypt connections' checked. This is an invalid configuration. It is only possible to set one form of encryption or the other at a time.

Version-Release number of selected component (if applicable):

How reproducible:
Every time

Steps to Reproduce:
1. Start authconfig
2. Choose LDAP for User Account Database and Authentication Method
3. Enter 'ldaps://ldap.example.com' for the LDAP server
4. Check 'Use TLS to encrypt connections'
Actual results:
The 'apply' button is selectable, and authconfig will save an sssd.conf file with the options:
ldap_uri = ldaps://ldap.example.com
ldap_id_use_start_tls = True

This will result in an unusable configuration (the LDAP server will reject the connection)

Expected results:
The 'apply' button should be grayed-out, and warning text similar to that which warns that one or the other of ldaps or TLS must be used should inform the user that it is invalid to use both.

Additional info:
Comment 1 Tomas Mraz 2010-03-26 09:58:51 EDT
I'd like to postpone it to F14 as this requires adding a new translatable string - for the warning.
Comment 2 Stephen Gallagher 2010-03-29 08:58:10 EDT
I suppose that's reasonable. It's not likely that someone will attempt to do both.
Comment 3 Bug Zapper 2010-07-30 07:12:13 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 14 development cycle.
Changing version to '14'.

More information and reason for this action is here:

Note You need to log in before you can comment on or make changes to this bug.