1. 21 Aug, 2020 2 commits
  2. 27 Apr, 2020 2 commits
  3. 23 Apr, 2020 1 commit
    • Isaac Boukris's avatar
      ITS#9189 rework sasl-cbinding support · 3cd50fa8
      Isaac Boukris authored
      Add LDAP_OPT_X_SASL_CBINDING option to define the binding type to use,
      defaults to "none".
      
      Add "tls-endpoint" binding type implementing "tls-server-end-point" from
      RCF 5929, which is compatible with Windows.
      
      Fix "tls-unique" to include the prefix in the bindings as per RFC 5056.
      3cd50fa8
  4. 20 Apr, 2020 2 commits
  5. 12 Apr, 2020 1 commit
  6. 09 Jan, 2020 1 commit
  7. 12 Jun, 2019 1 commit
  8. 11 Jun, 2019 1 commit
  9. 28 Feb, 2019 1 commit
  10. 19 Feb, 2019 1 commit
  11. 15 Feb, 2019 1 commit
  12. 14 Jan, 2019 1 commit
  13. 22 Oct, 2018 1 commit
  14. 22 Mar, 2018 1 commit
  15. 13 Nov, 2017 1 commit
  16. 06 Oct, 2017 2 commits
  17. 26 Sep, 2017 1 commit
  18. 09 Apr, 2017 1 commit
  19. 08 Apr, 2017 1 commit
  20. 03 Jan, 2017 1 commit
  21. 29 Jan, 2016 1 commit
  22. 11 Feb, 2015 1 commit
  23. 25 Jan, 2014 1 commit
  24. 19 Sep, 2013 1 commit
  25. 10 Sep, 2013 1 commit
  26. 09 Sep, 2013 1 commit
  27. 07 Sep, 2013 2 commits
  28. 27 Aug, 2013 1 commit
  29. 02 Jan, 2013 1 commit
  30. 21 Nov, 2012 1 commit
    • Ralf Haferkamp's avatar
      ITS#7428 Use non-blocking IO during SSL Handshake · c728ebf5
      Ralf Haferkamp authored
      If a timeout is set, perform the SSL Handshake using non-blocking IO.  This way
      we can timeout if SSL Handshake gets stuck for whatever reason.
      
      This code is currently hidden behind #ifdefs (LDAP_USE_NON_BLOCKING_TLS) and
      disabled by default as there seem to be some problems using NON-blocking
      I/O during the TLS Handshake when linking against NSS (either a bug in NSS
      itself of in tls_m.c, see discussion on -devel)
      
      This patch adds an additional parameter to ldap_int_poll() in order to indicate
      if we're waiting in order to perform a read or write operation.
      c728ebf5
  31. 01 Jan, 2012 1 commit
  32. 09 Sep, 2011 1 commit
  33. 24 Aug, 2011 1 commit
    • Jan Vcelak's avatar
      ITS#7014 TLS: don't check hostname if reqcert is 'allow' · 3dae953f
      Jan Vcelak authored and Howard Chu's avatar Howard Chu committed
      If server certificate hostname does not match the server hostname,
      connection is closed even if client has set TLS_REQCERT to 'allow'. This
      is wrong - the documentation says, that bad certificates are being
      ignored when TLS_REQCERT is set to 'allow'.
      3dae953f
  34. 10 Jun, 2011 1 commit
  35. 05 Jan, 2011 1 commit