URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
jhrozek commented:
"""
btw I opened https://pagure.io/SSSD/sssd/issue/3889 to track the additional
hardening. Maybe it would be a nice task for one of the
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
jhrozek commented:
"""
* sssd-1-16:
1a7c6ab6efce3720d27def426aad49ee99eb339d
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
jhrozek commented:
"""
* master:
* 6f113c7ddeaa5c82558e10118b499d22bf7a2b14
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
sumit-bose commented:
"""
thank, I'm fine with the current version, so ACK in Acepted are still valid.
About "If we want to do additional hardening, we can
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
jhrozek commented:
"""
thanks, I added your newest patch version to this PR
"""
See the full comment at
https://github.com/SSSD/sssd/pull/700#issuecomment
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
sumit-bose commented:
"""
Thanks, yes, I'm fine with the changes. However, I just came across
ldap_tls_inplace() which we already use and I guess it more p
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
jhrozek commented:
"""
Thank you, this is nice. I added your patch to the PR, fixed one typo and one
minor style issue. If you're OK with the fixes, I will
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
sumit-bose commented:
"""
ah sorry, I just realized that I didn't paste the latest version of my debug
call. Here it is:
```
diff --git a/src/providers/ld
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
sumit-bose commented:
"""
Thank you, the patches are looking good and worked well in my tests, ACK.
I added the following call while testing the patches to
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
jhrozek commented:
"""
I chose this approach because it only touches the ldap auth code. The other
approach I was considering was to not force off the auth
URL: https://github.com/SSSD/sssd/pull/700
Title: #700: LDAP: Only authenticate the auth connection if we need to look up
user information
jhrozek commented:
"""
I chose this approach because it only touches the ldap auth code. The other
approach I was considering was to not force off the auth
11 matches
Mail list logo