A ref change was pushed to the OpenLDAP (openldap.git) repository. It will be available in the public mirror shortly.
The branch, OPENLDAP_REL_ENG_2_4 has been updated via 31f9d83062f56e8160d194c2d261e9f9eb976fbe (commit) via 5a0a678691a15c33599b0f5206d1d82f69cafe87 (commit) via c304c44c1d9120834bf35ededd3ab32f839ec268 (commit) via ca45e62bd98eff5f98960bb16e4ff41f377abd44 (commit) via 7e528ae8022664b550410cdbe23690719d1a66a7 (commit) from 89b9f0291aa36cc58c537b659fd30d44a298a4bf (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 31f9d83062f56e8160d194c2d261e9f9eb976fbe Author: Quanah Gibson-Mount quanah@openldap.org Date: Tue Jun 21 17:54:02 2011 -0700
ITS#6817
commit 5a0a678691a15c33599b0f5206d1d82f69cafe87 Author: Howard Chu hyc@openldap.org Date: Tue Jun 21 17:05:53 2011 -0700
ITS#6817 fix RE24 build breakage
Should SLAP_AUTH_DN be #defined in release now?
commit c304c44c1d9120834bf35ededd3ab32f839ec268 Author: Quanah Gibson-Mount quanah@openldap.org Date: Tue Jun 21 17:51:41 2011 -0700
ITS#6862 ITS#6975
commit ca45e62bd98eff5f98960bb16e4ff41f377abd44 Author: Rich Megginson rmeggins@redhat.com Date: Tue Jun 21 15:58:49 2011 -0700
ITS#6862 MozNSS - workaround PR_SetEnv bug
commit 7e528ae8022664b550410cdbe23690719d1a66a7 Author: Rich Megginson rmeggins@redhat.com Date: Mon Jun 20 18:28:48 2011 -0600
ITS#6975 MozNSS - allow cacertdir in most cases
OpenLDAP built with OpenSSL allows most any value of cacertdir - directory is a file, directory does not contain any CA certs, directory does not exist - users expect if they specify TLS_REQCERT=never, no matter what the TLS_CACERTDIR setting is, TLS/SSL will just work. TLS_CACERT, on the other hand, is a hard error. Even if TLS_REQCERT=never, if TLS_CACERT is specified and is not a valid CA cert file, TLS/SSL will fail. This patch makes CACERT errors hard errors, and makes CACERTDIR errors "soft" errors. The code checks CACERT first and, even though the function will return an error, checks CACERTDIR anyway so that if the user sets TRACE mode they will get CACERTDIR processing messages.
-----------------------------------------------------------------------
Summary of changes: CHANGES | 3 +++ libraries/libldap/tls_m.c | 27 +++++++++++++++------------ servers/slapd/back-ldap/bind.c | 7 ++++--- 3 files changed, 22 insertions(+), 15 deletions(-)
-
openldap-commit2develīŧ OpenLDAP.org