[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#6595) Patch - Mozilla NSS - delay token auth until needed

To: openldap-its@OpenLDAP.org
Subject: (ITS#6595) Patch - Mozilla NSS - delay token auth until needed
From: rmeggins@redhat.com
Date: Tue, 20 Jul 2010 18:56:35 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Rich Megginson
Version: 2.4.23
OS: Fedora
URL: ftp://ftp.openldap.org/incoming/openldap-2.4.23-initauthtoken.patch
Submission from: (NULL) (76.113.111.209)


The code was doing all of the authentications to all of the tokens during the
init phase.  This was causing problems with NSS cert/key clients, prompting for
the cert/key db password, when it isn't needed, since it is only needed to get
private key information.  The patch is to just remove the token authentication
during init.  The code already authenticates to the token when private key
information is needed e.g. running in TLS/SSL server mode, or using client cert
auth.

This patch file is derived from OpenLDAP Software. All of the 
modifications to OpenLDAP Software represented in the following 
patch(es) were developed by Red Hat. Red Hat has not assigned rights 
and/or interest in this work to any party. I, Rich Megginson am 
authorized by Red Hat, my employer, to release this work under the 
following terms.

Red Hat hereby place the following modifications to OpenLDAP Software 
(and only these modifications) into the public domain. Hence, these 
modifications may be freely used and/or redistributed for any purpose 
with or without attribution and/or other notice.

Prev by Date: Re: (ITS#6592) slapadd allows objects with objectClass doublets
Next by Date: (ITS#6598) EXOP to return number of children of a (sub)tree
Index(es):
- Chronological
- Thread