[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4488) back-ldap uses proxyAuthz for idassert when protocol is not LDAPv3



This specific idassert issue is now fixed in HEAD; at least one issue
remains: if the client connects LDAPv3 and uses controls, and the proxy
enforces LDAPv2, either controls should not be passed to the remote DSA,
if none of them is critical, or the operation should be rejected.

p.



Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------