[email protected] wrote: > Full_Name: Rich Megginson > Version: 2.4.23 > OS: Fedora > URL: ftp://ftp.openldap.org/incoming/openldap-2.4.23-initauthtoken.patch > Submission from: (NULL) (76.113.111.209) > > > The code was doing all of the authentications to all of the tokens during the > init phase. This was causing problems with NSS cert/key clients, prompting > for > the cert/key db password, when it isn't needed, since it is only needed to get > private key information. The patch is to just remove the token authentication > during init. The code already authenticates to the token when private key > information is needed e.g. running in TLS/SSL server mode, or using client > cert > auth. > > This patch file is derived from OpenLDAP Software. All of the > modifications to OpenLDAP Software represented in the following > patch(es) were developed by Red Hat. Red Hat has not assigned rights > and/or interest in this work to any party. I, Rich Megginson am > authorized by Red Hat, my employer, to release this work under the > following terms. > > Red Hat hereby place the following modifications to OpenLDAP Software > (and only these modifications) into the public domain. Hence, these > modifications may be freely used and/or redistributed for any purpose > with or without attribution and/or other notice. > > Committed to HEAD.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
