A ref change was pushed to the OpenLDAP (openldap.git) repository. It will be available in the public mirror shortly.
The branch, OPENLDAP_REL_ENG_2_4 has been updated via ff09609f3e133bb0fda3bee1c5d691db149110f7 (commit) via 0fbe92dcdfc37b79dfe910c39e7989d24b26d171 (commit) via a8cf2fb10047794c83873f5ff5c125ecd0e53168 (commit) via 49e7fb84cd6e92936ece5459dfd71a3f5b644c8d (commit) via 9db93a138932ddbe68f2a4215d136383d4f3dc46 (commit) via 9b777110ffe5b3f37ce4d9e13cd1d3c4130b5a89 (commit) via 0b70535007ee1121597a860f0b1aa3755551c0ee (commit) via 36839b3ea1aea81d199792d0c7002730880ae8c9 (commit) via 738d62fa4163706924ac3db3227944211190da86 (commit) via 5b2625c5509e8c57b29d59d6669c6adf78aec393 (commit) via 07aa06b4aca389fdc8b93ad968787a262720a7fd (commit) via cac7a95b5a9918959ff316ef878b6513e9cebc7b (commit) via dae0dac07e4ff54de975860ae1a99643f46d7b43 (commit) via f53258cf2f78b99adde56d9a9f4697a9f9c06823 (commit) via 0568ddb0395eb907273017ddde70175a62ce7d1f (commit) via f465c18c45d1d1a97e0db0153b21eaf8792f1c85 (commit) via 1292dc90e933184ffadb3213f0a342c916d9b81d (commit) via 99421d328d1f8c60169c1b7f13130d4d55b825c1 (commit) via 73d483243c1b09adcc209f1a19281c3cb0c3e440 (commit) via 9733303d999aab403086f65664a5afa245519145 (commit) via 2ea49579c4833bc178c169ec575d6bd135fb9660 (commit) via 3ce6a2d0c86725a5f4205ec001a86a5f86a5db75 (commit) via 70dbc04d6674c9dcc948e1c6e79f2e7c3a69006f (commit) via a50b39d8036ac9276cc1ce00d3823f67cd91c16e (commit) from 66928d6b992575c019995d2225e8441bfb83ec9f (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit ff09609f3e133bb0fda3bee1c5d691db149110f7 Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:47:24 2017 -0700
ITS#7389
commit 0fbe92dcdfc37b79dfe910c39e7989d24b26d171 Author: Jan Vcelak jvcelak@redhat.com Date: Fri Sep 14 14:24:29 2012 +0200
ITS#7389 - MozNSS: load certificates from certdb, fallback to PEM
If TLS_CACERT pointed to a PEM file and TLS_CACERTDIR was set to NSS certificate database, the backend assumed that the certificate is always located in the certificate database. This assumption might be wrong.
This patch makes the library to try to load the certificate from NSS database and fallback to PEM file if unsuccessfull.
commit a8cf2fb10047794c83873f5ff5c125ecd0e53168 Author: Ian Puleston ipuleston@SonicWALL.com Date: Thu Sep 18 18:48:50 2014 -0700
ITS#8167 Fix non-blocking TLS with referrals
commit 49e7fb84cd6e92936ece5459dfd71a3f5b644c8d Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:45:11 2017 -0700
ITS#8687
commit 9db93a138932ddbe68f2a4215d136383d4f3dc46 Author: Quanah Gibson-Mount quanah@openldap.org Date: Fri Sep 22 14:25:20 2017 -0700
ITS#8687 - EGD is disabled by default in OpenSSL 1.1. We need to comment out this block if it is not detected. Particularly affects cross compilation.
commit 9b777110ffe5b3f37ce4d9e13cd1d3c4130b5a89 Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:43:29 2017 -0700
ITS#8583
commit 0b70535007ee1121597a860f0b1aa3755551c0ee Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Jul 5 13:14:54 2017 -0700
ITS#8583 - Fix C++ LDAP Control structure
commit 36839b3ea1aea81d199792d0c7002730880ae8c9 Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:41:57 2017 -0700
ITS#8578
commit 738d62fa4163706924ac3db3227944211190da86 Author: sca+openldap@andreasschulze.de sca+openldap@andreasschulze.de Date: Fri Sep 1 16:31:52 2017 -0700
ITS#8578 - remove unused-variables in RE24 testing call (2.4.45)
commit 5b2625c5509e8c57b29d59d6669c6adf78aec393 Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:40:07 2017 -0700
ITS#8404
commit 07aa06b4aca389fdc8b93ad968787a262720a7fd Author: Nadezhda Ivanova nivanova@symas.com Date: Tue Sep 12 17:14:30 2017 +0300
ITS#8404 Fix an assertion failure during modify of olcDbRewrite in back-meta
commit cac7a95b5a9918959ff316ef878b6513e9cebc7b Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:39:03 2017 -0700
ITS#8121
commit dae0dac07e4ff54de975860ae1a99643f46d7b43 Author: Quanah Gibson-Mount quanah@openldap.org Date: Sun Apr 23 15:30:07 2017 -0700
ITS#8121 - Note ldap_sasl_bind and ldap_sasl_bind_s can be used to make simple binds via the LDAP_SASL_SIMPLE mechanism
commit f53258cf2f78b99adde56d9a9f4697a9f9c06823 Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:37:48 2017 -0700
ITS#7520
commit 0568ddb0395eb907273017ddde70175a62ce7d1f Author: Ted C. Cheng tedcheng@symas.com Date: Thu Feb 5 17:19:39 2015 -0800
ITS#7520 - back-ldap omit-unknown-schema changes
commit f465c18c45d1d1a97e0db0153b21eaf8792f1c85 Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:36:00 2017 -0700
ITS#7374
commit 1292dc90e933184ffadb3213f0a342c916d9b81d Author: Jan Vcelak jvcelak@redhat.com Date: Wed Aug 29 16:23:52 2012 +0200
ITS#7374 - MozNSS: better file name matching for hashed CA certificate directory
CA certificate files in OpenSSL compatible CACERTDIR were loaded if the file extension was '.0'. However the file name should be 8 letters long certificate hash of the certificate subject name, followed by a numeric suffix which is used to differentiate between two certificates with the same subject name.
Wit this patch, certificate file names are matched correctly (using regular expressions).
commit 99421d328d1f8c60169c1b7f13130d4d55b825c1 Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:34:13 2017 -0700
ITS#7373
commit 73d483243c1b09adcc209f1a19281c3cb0c3e440 Author: Jan Vcelak jvcelak@redhat.com Date: Tue Aug 28 16:57:54 2012 +0200
ITS#7373 - TLS: do not reuse tls_session if hostname check fails
If multiple servers are specified, the connection to the first one succeeds, and the hostname verification fails, *tls_session is not dropped, but reused when connecting to the second server.
This is a problem with Mozilla NSS backend because another handshake cannot be performed on the same file descriptor. From this reason, hostname checking was moved into ldap_int_tls_connect() before connection error handling.
commit 9733303d999aab403086f65664a5afa245519145 Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:29:45 2017 -0700
ITS#7100
commit 2ea49579c4833bc178c169ec575d6bd135fb9660 Author: Ondřej Kuzník ondra@mistotebe.net Date: Sun Nov 22 18:32:43 2015 +0000
ITS#7100 Update entryTtl behaviour to match RFC 2589
commit 3ce6a2d0c86725a5f4205ec001a86a5f86a5db75 Author: Ondřej Kuzník ondra@mistotebe.net Date: Sun Nov 22 18:31:30 2015 +0000
ITS#7100 Test for entryTtl reflecting time to live
commit 70dbc04d6674c9dcc948e1c6e79f2e7c3a69006f Author: Quanah Gibson-Mount quanah@openldap.org Date: Wed Oct 11 12:28:36 2017 -0700
ITS#5048
commit a50b39d8036ac9276cc1ce00d3823f67cd91c16e Author: Quanah Gibson-Mount quanah@openldap.org Date: Thu Sep 7 08:44:28 2017 -0700
ITS#5048 - index on entryCSN is mandatory
-----------------------------------------------------------------------
Summary of changes: CHANGES | 16 +++++++-- contrib/ldapc++/src/LDAPControl.cpp | 5 +-- doc/man/man3/ldap_bind.3 | 6 ++++ doc/man/man5/slapd-ldap.5 | 7 ++++ doc/man/man5/slapo-syncprov.5 | 2 +- libraries/libldap/add.c | 2 +- libraries/libldap/extended.c | 1 - libraries/libldap/modify.c | 2 +- libraries/libldap/os-local.c | 2 +- libraries/libldap/tls2.c | 40 +++++++++++----------- libraries/libldap/tls_m.c | 68 +++++++++++++++++++++++++------------ libraries/libldap/tls_o.c | 6 ++-- servers/slapd/back-ldap/back-ldap.h | 3 +- servers/slapd/back-ldap/config.c | 27 +++++++++++++++ servers/slapd/back-ldap/distproc.c | 3 ++ servers/slapd/back-ldap/search.c | 34 +++++++++++++++---- servers/slapd/back-ldif/ldif.c | 1 - servers/slapd/back-mdb/id2entry.c | 6 +--- servers/slapd/back-mdb/index.c | 2 +- servers/slapd/back-mdb/init.c | 1 - servers/slapd/back-mdb/monitor.c | 4 ++- servers/slapd/back-mdb/search.c | 2 -- servers/slapd/back-mdb/tools.c | 2 -- servers/slapd/back-meta/config.c | 62 +++++++++++++++++++++++++++++---- servers/slapd/overlays/dds.c | 67 ++++++++++++++++++++++++++++++++++++ servers/slapd/overlays/syncprov.c | 3 +- servers/slapd/syncrepl.c | 5 +-- tests/progs/slapd-mtread.c | 4 +-- tests/scripts/defines.sh | 1 + tests/scripts/test046-dds | 32 +++++++++++++++-- 30 files changed, 326 insertions(+), 90 deletions(-)