Valery Komarov
dbcef31beb
Merge pull request #131 from gringus/master
...
Support for building as dynamic module
9 years ago
Marcin Deranek
c8d8678368
Support for building as dynamic module
9 years ago
Valery Komarov
8517bb05ec
Merge pull request #121 from victorhahncastell/master
...
Verify certificate CN/SAN
9 years ago
Victor Hahn
2e3e8a9e14
Verify certificate CN/SAN
9 years ago
Valery Komarov
d0f2f829f7
Merge pull request #100 from victorhahncastell/master
...
Provide SSL certificate verification
9 years ago
Valery Komarov
256cafe826
Merge pull request #109 from rascal-hats/patch-1
...
Update ngx_http_auth_ldap_module.c - Initialize variable before use.
9 years ago
Valery Komarov
d0058d6930
Merge pull request #89 from denji/darwin
...
darwin requires lber
9 years ago
Valery Komarov
d7d67710c0
Merge pull request #95 from petrovich-ua/master
...
change confuging emergency error message to notice
9 years ago
rascal-hats
878da132fb
Update ngx_http_auth_ldap_module.c
...
Initialize count on line 806. Prevents compilation errors.
```
nginx-auth-ldap/ngx_http_auth_ldap_module.c:815:26: error: variable 'count' may be uninitialized when used here [-Werror,-Wconditional-uninitialized]
cache->num_buckets = count;
^~~~~
nginx-auth-ldap/ngx_http_auth_ldap_module.c:793:27: note: initialize the variable 'count' to silence this warning
ngx_uint_t want, count, i;
^
= 0
```
9 years ago
Victor Hahn
acb13cffaf
Amend documentation
9 years ago
Victor Hahn
6389f806d5
Expose SSL certificate verification as config option
9 years ago
Victor Hahn
65522703ae
Verify remote SSL certificate
9 years ago
Victor Hahn Castell
7802d53f0a
Fix typo
9 years ago
Petrovich
3f7ab7f81f
change confuging emergency error message to notice
9 years ago
Denis Denisov
aaa629866a
darwin requires lber
10 years ago
Valery Komarov
be8ff8eecb
Merge pull request #85 from denji/debug
...
Added some debug
10 years ago
Jakub Podeszwik
e5ec574249
Added some debug
10 years ago
Valery Komarov
928856aa95
Merge pull request #81 from MarkusMattinen/master
...
avoid crashes comparing groups
10 years ago
Valery Komarov
b3f6b86583
Merge pull request #83 from jbq/issue_80
...
Fix #80 LDAP connection failures are silently swallowed
10 years ago
Jean-Baptiste Quenot
bd58ee3c75
Fix #80 LDAP connection failures are silently swallowed
10 years ago
Donald Huang
febe91256f
avoid crashes comparing groups
10 years ago
Valery Komarov
0d6ba9a12e
Merge pull request #79 from sonnius/master
...
Compile cleanly on FreeBSD
10 years ago
sonnius
dab16a5f62
Compile cleanly on FreeBSD
...
Compile cleanly on FreeBSD
FreeBSD 10.1 (tested version) needs the lber during linking.
10 years ago
Valery Komarov
a8b5948e0e
Merge pull request #75 from cryptogopher/master
...
Checking if ldap_server is defined before auth_ldap_servers.
10 years ago
cryptogopher
91f951ecd9
Checking if ldap_server is defined before auth_ldap_servers. Getting segfault without this check.
10 years ago
Valery
b365771d2a
Merge pull request #65 from pweiskircher/master
...
Authentication timeout and segmentation fault fix on multiple, concurrent requests being processed at the same time
10 years ago
Valery
7de94294e6
Merge pull request #66 from amoiseiev/master
...
Treating LDAP_NO_SUCH_OBJECT as soft error, updating example.conf
10 years ago
Valery
8d95546cf2
Merge pull request #68 from lucamilanesio/ldap-configurable-connection-timeout
...
Configurable timeouts on a per-LDAP server basis
10 years ago
Luca Milanesio
8e92526458
Configurable timeouts on a per-LDAP basis
...
Enable configure timeouts for LDAP connections and queries
on ldap_server section.
Example config:
ldap_server myldap {
url ldap://myldap.org/CN=users,CN=accounts,DC=myorg?uid?sub?(objectClass=person);
connections 10;
connect_timeout 30s;
reconnect_timeout 5s;
bind_timeout 15s;
request_timeout 20s;
require valid_user;
}
When timeout settings are not defined, the previous hardcoded values are used as
default : 5s (bind), 10s (connect, reconnect, request).
10 years ago
Andrii Moiseiev
4b7f989831
replacing tabs with spaces to fix example.conf formating
10 years ago
Andrii Moiseiev
c8a1b733c3
replacing tabs with spaces to fix example.conf formating
10 years ago
Andrii Moiseiev
a54a7b8971
replacing tabs with spaces to fix example.conf formating
10 years ago
Andrii Moiseiev
d1dbca7d0d
fixing auth failure issue when CN of user or group doesn't exist
10 years ago
Patrik Weiskircher
95d64f0797
don't return the connection after every LDAP reply.
...
This makes the connection more sticky to one request and prevents auth timeouts and lost requests.
10 years ago
Patrik Weiskircher
a471062903
remove quick and dirty hack to rebind to the search user. it has been implemented correctly already.
10 years ago
Patrik Weiskircher
20f279f0f9
Fix requests that were waiting on a LDAP connection getting lost and timing out after 10 seconds.
10 years ago
Valery
cc76ecbd33
Merge pull request #58 from nyoxi/master
...
Fix: Passed incorrect pointer to SSL handshake handler.
10 years ago
Tomáš Golembiovský
fae9e215c6
Passed incorrect pointer to SSL handshake handler.
10 years ago
Valery
7aa2414c76
Merge pull request #45 from nyoxi/master
...
Removed recursion during ssl handshake (should fix #34 )
10 years ago
Valery
8a2e128ba7
Merge pull request #54 from huangsam/patch-1
...
config: Fix compilation for Linux
10 years ago
Samuel Huang
eaae4dac6f
config: Fix compilation for Linux
...
Attempt to resolve https://github.com/kvspb/nginx-auth-ldap/issues/23
10 years ago
Valery
8f2b5f86f4
Merge pull request #39 from pmenglund/readme
...
updated README
11 years ago
Valery
a8a5cd233e
Merge pull request #41 from davidjb/master
...
Fix authentication for user/group validations - passwords fail to be checked
11 years ago
Valery
687b0a5af0
Merge pull request #37 from prune998/patch-1
...
Update ngx_http_auth_ldap_module.c
11 years ago
Tomáš Golembiovský
930918b6c9
Fixed compilation without SSL ( fixes #22 )
11 years ago
Tomáš Golembiovský
5d82c4a6e5
Removed recursion during ssl handshake (should fix #34 )
11 years ago
David Beitey
0cc183bedd
Fix authentication for user/group validations
...
This fixes issue #40 . User passwords should *always* be checked during authentication (except when a user fails to satisfy given requirements). Previously, the PHASE_CHECK_BIND step of authentication would not check passwords in any LDAP configuration where ``require valid_user`` was not specified (eg using ``require user`` or ``require group``).
11 years ago
Martin Englund
c0a1383220
updated README
11 years ago
Prune
97a992b700
Update ngx_http_auth_ldap_module.c
...
added a rebind as privileged user in the same function as the user bind to reset the connextion to a usable state
11 years ago
Valery
93cd9f094a
Merge pull request #31 from nyoxi/master
...
Several unrelated fixes
11 years ago