April 2016 - 389-devel - Fedora Mailing-Lists

Please review: lib389 build requires are on a single line

by William Brown

https://fedorahosted.org/389/ticket/48794 https://fedorahosted.org/389/attachment/ticket/48794/0001-Ticket-48794-li... build-requires-are-on-a-single-l.patch -- Sincerely, William Brown Software Engineer Red Hat, Brisbane

8 years

1
0
0 / 0

Please review (take n+1): [389 Project] #47536: Allow usage of OpenLDAP libraries that don't use NSS for crypto

by Noriko Hosoi

https://fedorahosted.org/389/ticket/47536 https://fedorahosted.org/389/attachment/ticket/47536/0001-Ticket-47536-Al... git patch file (master) -- another revision -- instead of checking with "OpenSSL", check with "Not MozNSS" for non-Fedora/RHEL platforms

8 years

1
0
0 / 0

Please review 47968: Disable journald with configure by default

by William Brown

https://fedorahosted.org/389/ticket/47968 https://fedorahosted.org/389/attachment/ticket/47968/0001-Ticket-47968-Di... journald-logs-by-default.patch -- Sincerely, William Brown Software Engineer Red Hat, Brisbane

8 years

1
0
0 / 0

Please review, svrcore fix coverity issues 6 through 10

by William Brown

https://pagure.io/svrcore/pull-request/11 Patch bundle to fix coverity issues discovered during build processes. -- Sincerely, William Brown Software Engineer Red Hat, Brisbane

8 years

2
2
0 / 0

Please review: 3 tickets -- #47536, #48492, #48784

by Noriko Hosoi

8 years

1
0
0 / 0

Rest389: Gssapi should not specify realm name

by William Brown

https://fedorahosted.org/389/ticket/48790 https://fedorahosted.org/389/attachment/ticket/48790/0001-Ticket-48790-gs... should-accept-different-realm-na.patch -- Sincerely, William Brown Software Engineer Red Hat, Brisbane

8 years

1
0
0 / 0

Please review (take 2): [389 Project] #48492: heap corruption at schema replication.

by Noriko Hosoi

https://fedorahosted.org/389/ticket/48492 https://fedorahosted.org/389/attachment/ticket/48492/0001-Ticket-48492-he... git patch file (master) -- additinal fixes for the crash and better nsslapd-enquote-sup-oc support The previous patch did not solve a case if a replicated schema contains EQUALITY, ORDERING or SUBSTR. Also, there were some weak part in the error handling when parsing a schema failed, which could case the server crash.

8 years

1
0
0 / 0

Subscribing for notification when an entry changes using SOAP

by anteneh assen

I need an application, which uses the directory server for storage, to be able to subscribe for notification when a specific kind entry/attribute/sub-tree is changed by another application(the application could be same kind of application or not). The application would use SOAP to send subscription request and receive the response. After the application has successfully subscribed for notification the DS should send a notification to the app using SOAP. Is it possible to write code to implement this feature and if yes how hard would it be? thank you

8 years

2
1
1 / 0

Please review (Take 2): [389 Project] #48784: Make the SSL version set to the client library configurable.

by Noriko Hosoi

https://fedorahosted.org/389/ticket/48784 https://fedorahosted.org/389/attachment/ticket/48784/0001-Ticket-48784-Ma... git patch file (master) -- revised based upon the reviews by William (Thanks!) * Fixed a typo in an error message. * Changed the return type of getSSLVersionRangeOL to void since there is no need to check it. Regarding the min value of SSL version range, please see the comments below. On 04/06/2016 12:35 PM, 389 Project wrote: > Comment (by nhosoi): > > The answer from the security team. > > On 04/04/2016 10:26 PM, Huzaifa Sidhpurwala wrote: > > Currently, we are not aware of any attacks which are feasible against a > > proper implementation of TLS 1.0 (openssl, nss, gnutls we ship). However > > that being said, the safest option is always to use the highest version > > available ie TLS 1.2 and fall back to lower versions only, if you cant > > use 1.2. > > > > > > The above is general advice in all cases. If you have a special case in > > mind, let me know and we can discuss. > > > > My answer is based on the bits of information i got from the mail i was > > copied on :) > > This is the access log snippet of the replication. As you see, even > though the min value is TLS1.0 (or even setting to SSL3), the higherst > available version is picked. So, we may not have to worry too much about > it. > {{{ > [..] conn=3 TLS1.2 128-bit AES-GCM; client CN=test.localdomain0,OU=389 > Directory Server; issuer CN=CAcert > [..] conn=3 TLS1.2 client bound as uid=repl_mgr1,cn=config > }}} >

8 years

1
0
0 / 0

Please review: 48447, initddir should accept no

by William Brown

https://fedorahosted.org/389/ticket/48447 https://fedorahosted.org/389/attachment/ticket/48447/0001-Ticket-48447-wi... dir-should-accept-no.patch -- Sincerely, William Brown Software Engineer Red Hat, Brisbane

8 years

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-devel April 2016