Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

Don't assume si_cookieState is always newer

Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

In a standard Refresh present phase, the provider sends no cookie
since it is only listing the entries that existed as of the time
in the cookie the consumer sent. In this case the consumer only
needs to check entryCSNs against its last sent cookie.

Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

libldap doesn't use a connected socket for UDP sessions, but 3rd
parties can, passed in with ldap_init_fd().

Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

A bit uglier but more straightforward.

Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

If substitution parsing fails, would attempt to free a mapping
that hadn't been allocated yet.

Also, on failure, caller in saslauthz would attempt to free a
rwinfo struct that hadn't been allocated.

Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

Just poll for available data, same as Persist mode.
Clarify retry/return states from do_syncrep2

Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

For use with back-ldap/back-meta/syncrepl/etc

Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

Add an option to specify how subjectAlternativeNames should be
handled when validating the names in a server certificate.

Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

Requires OpenSSL 1.0.2 or newer

Howard Chu authored 11 years ago and Quanah Gibson-Mount committed 4 years ago

Update ldap_get_option(3) for LDAP_OPT_X_TLS_ECNAME

Howard Chu authored 4 years ago and Quanah Gibson-Mount committed 4 years ago

and pass error message back to frontend