[Fedora-directory-devel] Please review: Bug 469261 - Support server-to-server SASL - console chaining, server cleanup
Rich Megginson
rmeggins at redhat.com
Mon Dec 1 20:45:44 UTC 2008
https://bugzilla.redhat.com/show_bug.cgi?id=469261
Resolves: bug 469261
Bug Description: Support server-to-server SASL - console chaining,
server cleanup
Reviewed by: ???
Files: see diff
Branch: HEAD
Fix Description: There are two sets of diffs here. The first set adds
tls, gssapi, and digest to the chaining database (aka database link)
panels in the console. I had to add support for revert to some of the
code to make the Reset button work without having to retrieve the values
from the server each time. We already store the original values locally
in the _origModel - I added code to allow the use of that in the Reset
button.
The second set of diffs is for the server.
1) I had to add support for "SIMPLE" for bindMechanism - this translates
to LDAP_SASL_SIMPLE for the actual mechanism. This value is NULL, so I
had to add handling for NULL values in the cb config code (slapi_ch_*
work fine with NULL values).
2) Added some more debugging/tracing code
3) The server to server SSL code would only work if the server were
configured to be an SSL server. But for the server to be an SSL client,
it only needs NSS initialized and to have the CA cert. It also needs to
configured some of the SSL settings and install the correct policy. I
changed the server code to do this.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
https://bugzilla.redhat.com/attachment.cgi?id=325289&action=diff
https://bugzilla.redhat.com/attachment.cgi?id=325290&action=diff
More information about the Fedora-directory-devel
mailing list