1. 25 Aug, 2020 1 commit
  2. 21 Aug, 2020 2 commits
  3. 27 Apr, 2020 2 commits
  4. 23 Apr, 2020 1 commit
    • Isaac Boukris's avatar
      ITS#9189 rework sasl-cbinding support · 3cd50fa8
      Isaac Boukris authored
      Add LDAP_OPT_X_SASL_CBINDING option to define the binding type to use,
      defaults to "none".
      
      Add "tls-endpoint" binding type implementing "tls-server-end-point" from
      RCF 5929, which is compatible with Windows.
      
      Fix "tls-unique" to include the prefix in the bindings as per RFC 5056.
      3cd50fa8
  5. 20 Apr, 2020 2 commits
  6. 12 Apr, 2020 1 commit
    • Howard Chu's avatar
      ITS#8650 loop on incomplete TLS handshake · 735e1ab1
      Howard Chu authored
      Always retry ldap_int_tls_connect() if it didn't complete,
      regardless of blocking or non-blocking socket. Code from
      ITS#7428 was wrong to only retry for async.
      735e1ab1
  7. 09 Jan, 2020 1 commit
  8. 12 Jun, 2019 1 commit
  9. 11 Jun, 2019 1 commit
  10. 28 Feb, 2019 1 commit
  11. 19 Feb, 2019 1 commit
  12. 15 Feb, 2019 1 commit
  13. 14 Jan, 2019 1 commit
  14. 22 Oct, 2018 1 commit
  15. 22 Mar, 2018 1 commit
  16. 13 Nov, 2017 1 commit
  17. 06 Oct, 2017 2 commits
  18. 26 Sep, 2017 1 commit
  19. 09 Apr, 2017 1 commit
  20. 08 Apr, 2017 1 commit
  21. 03 Jan, 2017 1 commit
  22. 29 Jan, 2016 1 commit
  23. 11 Feb, 2015 1 commit
  24. 25 Jan, 2014 1 commit
  25. 19 Sep, 2013 1 commit
  26. 10 Sep, 2013 1 commit
  27. 09 Sep, 2013 1 commit
  28. 07 Sep, 2013 2 commits
  29. 27 Aug, 2013 1 commit
  30. 02 Jan, 2013 1 commit
  31. 21 Nov, 2012 1 commit
    • Ralf Haferkamp's avatar
      ITS#7428 Use non-blocking IO during SSL Handshake · c728ebf5
      Ralf Haferkamp authored
      If a timeout is set, perform the SSL Handshake using non-blocking IO.  This way
      we can timeout if SSL Handshake gets stuck for whatever reason.
      
      This code is currently hidden behind #ifdefs (LDAP_USE_NON_BLOCKING_TLS) and
      disabled by default as there seem to be some problems using NON-blocking
      I/O during the TLS Handshake when linking against NSS (either a bug in NSS
      itself of in tls_m.c, see discussion on -devel)
      
      This patch adds an additional parameter to ldap_int_poll() in order to indicate
      if we're waiting in order to perform a read or write operation.
      c728ebf5
  32. 01 Jan, 2012 1 commit
  33. 09 Sep, 2011 1 commit
  34. 24 Aug, 2011 1 commit
    • Jan Vcelak's avatar
      ITS#7014 TLS: don't check hostname if reqcert is 'allow' · 3dae953f
      Jan Vcelak authored and Howard Chu's avatar Howard Chu committed
      If server certificate hostname does not match the server hostname,
      connection is closed even if client has set TLS_REQCERT to 'allow'. This
      is wrong - the documentation says, that bad certificates are being
      ignored when TLS_REQCERT is set to 'allow'.
      3dae953f
  35. 10 Jun, 2011 1 commit