handle tls_reqcert option consistently with other options

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1305 ef36b2f9-881f-0410-afb5-c4e39611909c
author: Arthur de Jong <arthur@arthurdejong.org> 2010-11-07 17:06:07 +0000
committer: Arthur de Jong <arthur@arthurdejong.org> 2010-11-07 17:06:07 +0000
commit: 4b03a41e450adf7a3e983bdcee3ed159f9932d5b (patch)
tree: fb8b1ebbe9d108733ad61f081b3922151e892589
parent: 1a5069a02be8b8c242eebda7cecf72a7fbcd34b0 (diff)
2 files changed, 6 insertions, 4 deletions
diff --git a/debian/nslcd.config b/debian/nslcd.config
index 02c2a30..611f767 100644
--- a/debian/nslcd.config
+++ b/debian/nslcd.config
@@ -235,6 +235,8 @@ do
     then
       # ask whether to do certificate validation
       db_input high nslcd/ldap-reqcert || true
+    else
+      db_set nslcd/ldap-reqcert ""
     fi
     # ask the question, go to the next question or back
     state="done"
diff --git a/debian/nslcd.postinst b/debian/nslcd.postinst
index 358d749..e51cd5f 100644
--- a/debian/nslcd.postinst
+++ b/debian/nslcd.postinst
@@ -210,16 +210,16 @@ then
   then
     cfg_disable ssl
   fi
+  # rename any tls_checkpeer options
+  sed -i 's/^tls_checkpeer/tls_reqcert/i' "$CONFFILE"
   # set tls_reqcert option
   db_get nslcd/ldap-reqcert
   if [ -n "$RET" ]
   then
-    # rename any tls_checkpeer options
-    sed -i 's/^tls_checkpeer/tls_reqcert/i' "$CONFFILE"
     # set tls_reqcert option
     cfg_set tls_reqcert "$RET"
-    # clear debconf value so that this option is only set if the question is asked
-    db_set nslcd/ldap-reqcert ""
+  else
+    cfg_disable tls_reqcert
   fi
   # we're done
   db_stop
author	Arthur de Jong <arthur@arthurdejong.org>	2010-11-07 17:06:07 +0000
committer	Arthur de Jong <arthur@arthurdejong.org>	2010-11-07 17:06:07 +0000
commit	4b03a41e450adf7a3e983bdcee3ed159f9932d5b (patch)
tree	fb8b1ebbe9d108733ad61f081b3922151e892589
parent	1a5069a02be8b8c242eebda7cecf72a7fbcd34b0 (diff)