You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2013/10/01 18:41:37 UTC
svn commit: r1528143 - in /httpd/httpd/trunk: CHANGES
modules/ldap/util_ldap.c
Author: covener
Date: Tue Oct 1 16:41:37 2013
New Revision: 1528143
URL: http://svn.apache.org/r1528143
Log:
Don't use a hardcoded cn=* in case the subgroup has no CN.
Submitted By: David Hawes <dhawes vt.edu>
Committed By: Eric Covener
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/ldap/util_ldap.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1528143&r1=1528142&r2=1528143&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Oct 1 16:41:37 2013
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) mod_ldap: When looking up sub-groups, use an implicit objectClass=*
+ instead of an explicit cn=* filter. [David Hawes <dhawes vt.edu>]
+
*) mod_ssl: Improve handling of ephemeral DH and ECDH keys by
allowing custom parameters to be configured via SSLCertificateFile,
and by adding standardized DH parameters for 1024/2048/3072/4096 bits.
Modified: httpd/httpd/trunk/modules/ldap/util_ldap.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap.c?rev=1528143&r1=1528142&r2=1528143&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ldap/util_ldap.c (original)
+++ httpd/httpd/trunk/modules/ldap/util_ldap.c Tue Oct 1 16:41:37 2013
@@ -1243,7 +1243,7 @@ start_over:
/* try to do the search */
result = ldap_search_ext_s(ldc->ldap, (char *)dn, LDAP_SCOPE_BASE,
- (char *)"cn=*", subgroupAttrs, 0,
+ NULL, subgroupAttrs, 0,
NULL, NULL, NULL, APR_LDAP_SIZELIMIT, &sga_res);
if (AP_LDAP_IS_SERVER_DOWN(result)) {
ldc->reason = "ldap_search_ext_s() for subgroups failed with server"