Commits (14)
-
f4bfb5e0
-
The spec says that upon StartTLS 'success', both TLS communications is established on the octet following the Start TLS response (and the request)... and that once one starts TLS communications, one can never go back to LDAP without TLS. So if there's a TLS failure (whether as part of TLS nego or later), LDAP communications cannot be continued (without TLS). Only ignoring LDAP errors (rc > 0) ensures that if TLS negotiation fails, we don't attempt to send LDAP operations without TLS.
23af2c36 -
thr_posix.c: In function 'ldap_pvt_thread_set_concurrency': thr_posix.c:96:9: error: implicit declaration of function 'pthread_setconcurrency' return pthread_setconcurrency( n ); ^~~~~~~~~~~~~~~~~~~~~~ pthread_setcanceltype Signed-off-by:
Sergei Trofimovich <slyfox@gentoo.org>
57b7003a -
Ryan Tandy authoredd86caaca
-
Quanah Gibson-Mount authored
Note that with slapd-ldap, the special character "*" actually allows anonymous rather than denies, as is the case with authz-policy
a5b8a41c -
52fad51d
-
7732cb27
-
Ryan Tandy authored
- give authid-rewrite's argument a name - tidy saslauthz.c whitespace (mixed spaces/tabs) - always declare slap_sasl_regexp_destroy: fixes an implicit declaration warning when configured without librewrite - delete dead code: ENABLE_REWRITE implies SLAP_AUTH_REWRITE, so this code is never compiled - make slap_sasl_regexp_rewrite_config static - omit sasl_regexp unused fields when built with librewrite
822ed8c1 -
Ryan Tandy authoredc4db9061
-
Ryan Tandy authored1d562a7a
-
Ryan Tandy authored2b01b8dd
-
Quanah Gibson-Mount authored05e07805
-
Quanah Gibson-Mount authoredbd7675b5
-
Quanah Gibson-Mount authoredda58a21a