A ref change was pushed to the OpenLDAP (openldap.git) repository. It will be available in the public mirror shortly. The branch, master has been updated via 4b9d680f5593aa3af78aa3785897e41f4e645c60 (commit) via e422c3c919090ff8ae4720af160ad9bb301c6bff (commit) via 27ca42b5550abef1a8ca523f617ee2042cd0a337 (commit) via 6546ecd39cfc1eff0ed195d6331915b022b6cf36 (commit) via a7aac14d2a0eeafc6972b39b367b2427928c4a4d (commit) via 3dae953fd6648f655c6bc67702fad4debbe59c40 (commit) from fdb3443366d1b71f60955f565307bf5232cacb8e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4b9d680f5593aa3af78aa3785897e41f4e645c60 Author: Jan Vcelak <jvcelak(a)redhat.com&gt; Date: Wed Aug 24 19:21:35 2011 +0200 ITS#7028 man: ldap_sync(3) ldap_sync_destroy type commit e422c3c919090ff8ae4720af160ad9bb301c6bff Author: Jan Vcelak <jvcelak(a)redhat.com&gt; Date: Wed Aug 24 19:19:09 2011 +0200 ITS#7028 man: slapo-unique(5) quoting keywords commit 27ca42b5550abef1a8ca523f617ee2042cd0a337 Author: Francis Swasey <Frank.Swasey(a)uvm.edu&gt; Date: Thu Aug 18 12:01:35 2011 -0400 ITS#7023 document TLSCACertificateFile in the man page as it is in the Admin Guide commit 6546ecd39cfc1eff0ed195d6331915b022b6cf36 Author: Howard Chu <hyc(a)openldap.org&gt; Date: Wed Aug 24 15:37:52 2011 -0700 ITS#7022 cleanup prev commit commit a7aac14d2a0eeafc6972b39b367b2427928c4a4d Author: Rich Megginson <rmeggins(a)redhat.com&gt; Date: Tue Aug 16 12:01:16 2011 -0600 ITS#7022 NSS_Init* functions are not thread safe The NSS_InitContext et. al, and their corresponding shutdown functions, are not thread safe. There can only be one thread at a time calling these functions. Protect the calls with a mutex. Create the mutex using a PR_CallOnce to ensure that the mutex is only created once and not used before created. Move the registration of the nss shutdown callback to also use a PR_CallOnce. Removed the call to SSL_ClearSessionCache() because it is always called at shutdown, and we must not call it more than once. commit 3dae953fd6648f655c6bc67702fad4debbe59c40 Author: Jan Vcelak <jvcelak(a)redhat.com&gt; Date: Tue Aug 9 15:21:34 2011 +0200 ITS#7014 TLS: don't check hostname if reqcert is 'allow' If server certificate hostname does not match the server hostname, connection is closed even if client has set TLS_REQCERT to 'allow'. This is wrong - the documentation says, that bad certificates are being ignored when TLS_REQCERT is set to 'allow'. ----------------------------------------------------------------------- Summary of changes: doc/man/man3/ldap_sync.3 | 2 +- doc/man/man5/slapd.conf.5 | 7 +++- doc/man/man5/slapo-unique.5 | 8 ++++- libraries/libldap/tls2.c | 3 +- libraries/libldap/tls_m.c | 80 +++++++++++++++++++++++++++++++++++++++---- 5 files changed, 89 insertions(+), 11 deletions(-) --- http://www.openldap.org/devel/gitweb.cgi?p=openldap.git