1. 09 Jun, 2017 8 commits
  2. 16 May, 2017 1 commit
  3. 15 May, 2017 1 commit
  4. 09 May, 2017 1 commit
  5. 04 May, 2017 3 commits
  6. 27 Apr, 2017 2 commits
  7. 26 Apr, 2017 4 commits
  8. 25 Apr, 2017 2 commits
  9. 14 Apr, 2017 2 commits
  10. 13 Apr, 2017 2 commits
  11. 10 Apr, 2017 1 commit
  12. 03 Apr, 2017 1 commit
  13. 29 Mar, 2017 1 commit
    • Guus der Kinderen's avatar
      OF-1305: Make escaping of multibyte characters in LDAP search optional. (#767) · 27dcea60
      Guus der Kinderen authored
      A new property (ldap.encodeMultibyteCharacters) is introduced that controls if multibyte characters in LDAP search queries are escaped.
      
      Escaping of these characters started with the fix for OF-830, which appears to have caused OF-1305. Although I can't say that escaping of characters is wrong (per RFC 4515), it does cause real-world problems.
      
      This fix defaults to not encoding again (reverting back to the behavior pre OF-830, without affecting other changes made in OF-830).
      27dcea60
  14. 19 Mar, 2017 2 commits
  15. 24 Feb, 2017 4 commits
  16. 18 Feb, 2017 3 commits
  17. 17 Feb, 2017 2 commits
    • Dave Cridland's avatar
      OF-1195 Correct SCRAM supported logic · 17d50e8a
      Dave Cridland authored
      17d50e8a
    • Dave Cridland's avatar
      OF-1278 Do not be such an idiot while recursing (#751) · 166b17c3
      Dave Cridland authored
      * OF-1278 Recurse more sensibly in SCRAM code
      
      Previously, we called setPassword if (and only if) there was a plaintext password present AND the configuration was for SCRAM hashed passwords only.
      
      However, we would then retest to see if there was a salt present, and then recurse, if there was a plaintext password present.
      
      This meant that if there were pre-existing users (with only plaintext or encrypted passwords) but with no SCRAM information, and the userInfo.salt was unset, recursion would continue indefinitely.
      
      * OF-1278 Recurse more sensibly in SCRAM code
      
      This patch further proofs against infinite recursion, and is more aggressive about SCRAMming pre-existing users.
      
      Recursion is now prevented from being more than one deep, as designed.
      166b17c3