-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This is a rebased version of the patch that applies on top of the recent changes that went into 1.2.
On Fri, Apr 30, 2010 at 05:42:46PM +0200, Jakub Hrozek wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This is a rebased version of the patch that applies on top of the recent changes that went into 1.2. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkva+nYACgkQHsardTLnvCU0mwCeI3089fLmEpEiMyJ33MFSY/uA +d4AoKW2vzUrQmu/ZVZOddLrCWSXKjJH =/zHm -----END PGP SIGNATURE-----
There is a warning about 'new blank line at EOF', I think it is from src/man/include/service_discovery.xml.
+#define SSS_LDAP_ID_SRV "ldap" +#define SSS_LDAP_AUTH_SRV "ldaps"
the auth provider does an explicit StartTLS. So I think ldap is safe here in both cases. But it might be useful to have an option to change the default from "ldap" to "ldaps"?
bye, Sumit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/03/2010 03:16 PM, Sumit Bose wrote:
On Fri, Apr 30, 2010 at 05:42:46PM +0200, Jakub Hrozek wrote: This is a rebased version of the patch that applies on top of the recent changes that went into 1.2.
There is a warning about 'new blank line at EOF', I think it is from src/man/include/service_discovery.xml.
Fixed
+#define SSS_LDAP_ID_SRV "ldap" +#define SSS_LDAP_AUTH_SRV "ldaps" +
the auth provider does an explicit StartTLS. So I think ldap is safe here in both cases. But it might be useful to have an option to change the default from "ldap" to "ldaps"?
OK, I have added a new ldap_dns_service option with the default of "ldap", which is now used for both auth and id but can trivially be reset to just about anything (the obvious use-case, of course being "ldaps")
A new patch is attached.
On Tue, May 04, 2010 at 01:40:03PM +0200, Jakub Hrozek wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/03/2010 03:16 PM, Sumit Bose wrote:
On Fri, Apr 30, 2010 at 05:42:46PM +0200, Jakub Hrozek wrote: This is a rebased version of the patch that applies on top of the recent changes that went into 1.2.
There is a warning about 'new blank line at EOF', I think it is from src/man/include/service_discovery.xml.
Fixed
+#define SSS_LDAP_ID_SRV "ldap" +#define SSS_LDAP_AUTH_SRV "ldaps"
the auth provider does an explicit StartTLS. So I think ldap is safe here in both cases. But it might be useful to have an option to change the default from "ldap" to "ldaps"?
OK, I have added a new ldap_dns_service option with the default of "ldap", which is now used for both auth and id but can trivially be reset to just about anything (the obvious use-case, of course being "ldaps")
A new patch is attached.
ACK, but please add <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/service_discovery.xml" /> to sssd-ldap.5.xml before committing it.
bye, Sumit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkvgB5MACgkQHsardTLnvCXtDgCggc6nx3QPsYweCQo6UqHfdbuY rj8AoJfOi6bbNJZkjLSAQynfiHrzpYvO =RsXG -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/04/2010 06:43 PM, Sumit Bose wrote:
ACK, but please add <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/service_discovery.xml" /> to sssd-ldap.5.xml before committing it.
bye, Sumit
sorry, a new patch that also addresses this is attached
On 05/04/2010 01:28 PM, Jakub Hrozek wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/04/2010 06:43 PM, Sumit Bose wrote:
ACK, but please add <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/service_discovery.xml" /> to sssd-ldap.5.xml before committing it.
bye, Sumit
sorry, a new patch that also addresses this is attached
Ack.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/05/2010 04:55 PM, Stephen Gallagher wrote:
On 05/04/2010 01:28 PM, Jakub Hrozek wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/04/2010 06:43 PM, Sumit Bose wrote:
ACK, but please add <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/service_discovery.xml" /> to sssd-ldap.5.xml before committing it.
bye, Sumit
sorry, a new patch that also addresses this is attached
Ack.
David did a manpage review for us (off-list) and had some very good suggestions. The attached patch contains the same code as the previous revision, just the documentation has been corrected.
On 05/07/2010 08:31 AM, Jakub Hrozek wrote:
David did a manpage review for us (off-list) and had some very good suggestions. The attached patch contains the same code as the previous revision, just the documentation has been corrected.
Ack. (Verified with interdiff)
On 05/07/2010 08:34 AM, Stephen Gallagher wrote:
On 05/07/2010 08:31 AM, Jakub Hrozek wrote:
David did a manpage review for us (off-list) and had some very good suggestions. The attached patch contains the same code as the previous revision, just the documentation has been corrected.
Ack. (Verified with interdiff)
Pushed to master and sssd-1-2.
sssd-devel@lists.fedorahosted.org