A few commits stacking up, so would like to review them for inclusion in an
I think all of the following look good for RE24, but wanted to confirm
specifically on (a) the GnuTLS changes, (b) the cleaner error handling
during connection setup, and (c) the Totp changes.
ITS#9067 fix syntax evaluation of preferredDeliveryMethod
ITS#8753 Set minimum GnuTLS version to 3.2.2
ITS#9071 Document "tls none" for back-ldap
ITS#9069 Do not call gnutls_global_set_mutex()
ITS#9077 slapo-unique Let the loop finish
ITS#9095 insert missing commit at end of slapindex processing
ITS#9091 drop attr mappings added in an aborted txn
ITS#9100 relax domainScope check for absent value
ITS#9112 cleaner error handling during connection setup
Totp: ITS#9055 Introduce a combined password scheme
TotP: ITS#9055 Accept previous token
ITS#9068 fix backslash escaping
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
On Sat, 2 Nov 2019 at 03:32, Quanah Gibson-Mount wrote:
> A few commits stacking up, so would like to review them for inclusion in an
> eventual 2.4.49.
Any chance that ITS#8996 could be included? Back in April, you said
pkg-config support would need to wait for a 2.5 release , but given
the pace of development, that could still be months or years away.
It looks like we currently parse this control, but only to allow logging its contents, and nothing more.
Seems like it would be useful to carry the parsed info along with the o_authz struct, and make it usable
in the ACL engine. This would allow setting ACLs that can distinguish between different applications acting
on behalf of a given user (or service).
Any security downside to this?
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/