Skip to content

PR: #237 from mmguero-dev #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jul 26, 2022
Merged

PR: #237 from mmguero-dev #1

merged 6 commits into from
Jul 26, 2022

Conversation

@Ericbla
Copy link
Owner

@Ericbla Ericbla commented Jul 26, 2022

Duplicate the PR: fix segfault in ngx_http_auth_ldap_ssl_handshake_handler and add "chain" option for ssl_check_cert kvspb#237
from mmguero-dev to my own fork.

mmguero added 6 commits April 20, 2020 14:54
@mmguero
Revert "Merge pull request kvspb#199 from AVENTER-UG/issue_180"
4e6f698 
This reverts commit bf64cf2, reversing
changes made to f022103.

This change isn't right -- it an LDAP setup when `group_attribute_is_dn
on` is enabled, which is what this section of code
(kvspb@bf64cf2#diff-c05c0daefb48996cbf510b81002b49bcR2230)
is conditionally targeting.  This original PR kvspb#199 changed the underlying
LDAP query (eg `user_val`) from looking up the user's DN as a group
attribute in LDAP (eg set via the `group_attribute` directive in nginx)
to looking up the _group's_ DN, which isn't right and won't work.

This PR reverts the previous change to make this work correctly again.

Fwiw, the originally-referenced issue kvspb#180 seems to be a completely
different issue, relating to escaping and parentheses.
@mmguero
Merge remote-tracking branch 'jcu-eresearch/fix-group-lookup'
0c9d333
@mmguero
Merge branch 'master' of https://github.com/kvspb/nginx-auth-ldap
bbeabad
@mmguero
Allow ssl_check_cert to be on (full verification), off (no verificati…
456514a 
…on) or chain (verify cert chain but not hostname/IP)
@mmguero
testing fix for kvspb#236 segmentation fault in ngx_http_auth_ldap_ss…
3686bd0 
…l_handshake_handler with ssl_check_cert and ssl_ca_dir
@mmguero
fix compiler error
61b70e4
@Ericbla Ericbla merged commit 5cc107c into Ericbla:master Jul 26, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Ericbla @mmguero