A ref change was pushed to the OpenLDAP (openldap.git) repository.
It will be available in the public mirror shortly.
The branch, master has been updated
via 4b9d680f5593aa3af78aa3785897e41f4e645c60 (commit)
via e422c3c919090ff8ae4720af160ad9bb301c6bff (commit)
via 27ca42b5550abef1a8ca523f617ee2042cd0a337 (commit)
via 6546ecd39cfc1eff0ed195d6331915b022b6cf36 (commit)
via a7aac14d2a0eeafc6972b39b367b2427928c4a4d (commit)
via 3dae953fd6648f655c6bc67702fad4debbe59c40 (commit)
from fdb3443366d1b71f60955f565307bf5232cacb8e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4b9d680f5593aa3af78aa3785897e41f4e645c60
Author: Jan Vcelak <jvcelak(a)redhat.com>
Date: Wed Aug 24 19:21:35 2011 +0200
ITS#7028 man: ldap_sync(3) ldap_sync_destroy type
commit e422c3c919090ff8ae4720af160ad9bb301c6bff
Author: Jan Vcelak <jvcelak(a)redhat.com>
Date: Wed Aug 24 19:19:09 2011 +0200
ITS#7028 man: slapo-unique(5) quoting keywords
commit 27ca42b5550abef1a8ca523f617ee2042cd0a337
Author: Francis Swasey <Frank.Swasey(a)uvm.edu>
Date: Thu Aug 18 12:01:35 2011 -0400
ITS#7023 document TLSCACertificateFile in the man page as it is in the Admin Guide
commit 6546ecd39cfc1eff0ed195d6331915b022b6cf36
Author: Howard Chu <hyc(a)openldap.org>
Date: Wed Aug 24 15:37:52 2011 -0700
ITS#7022 cleanup prev commit
commit a7aac14d2a0eeafc6972b39b367b2427928c4a4d
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Tue Aug 16 12:01:16 2011 -0600
ITS#7022 NSS_Init* functions are not thread safe
The NSS_InitContext et. al, and their corresponding shutdown functions,
are not thread safe. There can only be one thread at a time calling
these functions. Protect the calls with a mutex. Create the mutex
using a PR_CallOnce to ensure that the mutex is only created once and
not used before created. Move the registration of the nss shutdown
callback to also use a PR_CallOnce. Removed the call to
SSL_ClearSessionCache() because it is always called at shutdown, and we must
not call it more than once.
commit 3dae953fd6648f655c6bc67702fad4debbe59c40
Author: Jan Vcelak <jvcelak(a)redhat.com>
Date: Tue Aug 9 15:21:34 2011 +0200
ITS#7014 TLS: don't check hostname if reqcert is 'allow'
If server certificate hostname does not match the server hostname,
connection is closed even if client has set TLS_REQCERT to 'allow'. This
is wrong - the documentation says, that bad certificates are being
ignored when TLS_REQCERT is set to 'allow'.
-----------------------------------------------------------------------
Summary of changes:
doc/man/man3/ldap_sync.3 | 2 +-
doc/man/man5/slapd.conf.5 | 7 +++-
doc/man/man5/slapo-unique.5 | 8 ++++-
libraries/libldap/tls2.c | 3 +-
libraries/libldap/tls_m.c | 80 +++++++++++++++++++++++++++++++++++++++----
5 files changed, 89 insertions(+), 11 deletions(-)
---
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git