A ref change was pushed to the OpenLDAP (openldap.git) repository. It will be available in the public mirror shortly.
The branch, OPENLDAP_REL_ENG_2_4 has been updated via e3d46f2fc822fc4c506e49bfcadc44664ea4c7f5 (commit) via e5d6c331d7bc02d1104dd33498de5a14c4798e6f (commit) via a46a93461516098ecdcc82148dc6aafb694cbf5a (commit) via a5e31932a56540cf94a4deeab164fc24b4a9ad68 (commit) via bfaa79f4109bb8961af32769c48a2f55c4e25f62 (commit) via 9e68ff52b703d32b1a6c517dd7fdff1386cb7e82 (commit) via 09c5f495a6164391a00e02dc1c7106b264d9ea6e (commit) via 0836855ea6f1f9d10cf77acee01581037a420891 (commit) from 291fcdc6726a826ae71ea4194ffeccc391fdb206 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit e3d46f2fc822fc4c506e49bfcadc44664ea4c7f5 Author: Quanah Gibson-Mount quanah@openldap.org Date: Thu Oct 27 19:14:38 2011 -0700
ITS#7014 ITS#7022 ITS#7023 ITS#7028
commit e5d6c331d7bc02d1104dd33498de5a14c4798e6f Author: Jan Vcelak jvcelak@redhat.com Date: Wed Aug 24 19:21:35 2011 +0200
ITS#7028 man: ldap_sync(3) ldap_sync_destroy type
commit a46a93461516098ecdcc82148dc6aafb694cbf5a Author: Jan Vcelak jvcelak@redhat.com Date: Wed Aug 24 19:19:09 2011 +0200
ITS#7028 man: slapo-unique(5) quoting keywords
commit a5e31932a56540cf94a4deeab164fc24b4a9ad68 Author: Francis Swasey Frank.Swasey@uvm.edu Date: Thu Aug 18 12:01:35 2011 -0400
ITS#7023 document TLSCACertificateFile in the man page as it is in the Admin Guide
commit bfaa79f4109bb8961af32769c48a2f55c4e25f62 Author: Howard Chu hyc@openldap.org Date: Wed Aug 24 15:37:52 2011 -0700
ITS#7022 cleanup prev commit
commit 9e68ff52b703d32b1a6c517dd7fdff1386cb7e82 Author: Rich Megginson rmeggins@redhat.com Date: Tue Aug 16 12:01:16 2011 -0600
ITS#7022 NSS_Init* functions are not thread safe
The NSS_InitContext et. al, and their corresponding shutdown functions, are not thread safe. There can only be one thread at a time calling these functions. Protect the calls with a mutex. Create the mutex using a PR_CallOnce to ensure that the mutex is only created once and not used before created. Move the registration of the nss shutdown callback to also use a PR_CallOnce. Removed the call to SSL_ClearSessionCache() because it is always called at shutdown, and we must not call it more than once.
commit 09c5f495a6164391a00e02dc1c7106b264d9ea6e Author: Jan Vcelak jvcelak@redhat.com Date: Tue Aug 9 15:21:34 2011 +0200
ITS#7014 TLS: don't check hostname if reqcert is 'allow'
If server certificate hostname does not match the server hostname, connection is closed even if client has set TLS_REQCERT to 'allow'. This is wrong - the documentation says, that bad certificates are being ignored when TLS_REQCERT is set to 'allow'.
commit 0836855ea6f1f9d10cf77acee01581037a420891 Author: Howard Chu hyc@openldap.org Date: Wed Aug 24 14:57:36 2011 -0700
More abandon paranoia
-----------------------------------------------------------------------
Summary of changes: CHANGES | 5 +++ doc/man/man3/ldap_sync.3 | 2 +- doc/man/man5/slapd.conf.5 | 7 +++- doc/man/man5/slapo-unique.5 | 8 ++++- libraries/libldap/tls2.c | 3 +- libraries/libldap/tls_m.c | 80 +++++++++++++++++++++++++++++++++++++++---- servers/slapd/operation.c | 3 ++ 7 files changed, 97 insertions(+), 11 deletions(-)
-
openldap-commit2develīŧ OpenLDAP.org