Merge branch 'master' into live

389ds doesn't like case-insensitive matches for 7-bit ASCII strings

app/controllers/web_key_directory_controller.rb

@@ -6,7 +6,7 @@ class WebKeyDirectoryController < WellKnownController
     if params[:l].blank?
       # TODO store hashed username in db if existing implementations trigger
       # this a lot
-      msg = "WKD request with \"l\" param omitted for hu: #{params[:hashed_username]})"
+      msg = "WKD request with \"l\" param omitted for hu: #{params[:hashed_username]}"
       Sentry.capture_message(msg) if Setting.sentry_enabled?
       http_status :bad_request and return
     end

app/views/settings/_account.html.erb

@@ -52,7 +52,7 @@
   <section class="!pt-8 sm:!pt-12">
     <h3>OpenPGP</h3>
     <ul role="list">
-      <% example_link = link_to "example", "https://accounts.kosmos.org/.well-known/openpgpkey/hu/yuca4ky39mhwkjo78qb8zjgbfj1hg3yf.txt?l=jimmy",
+      <% example_link = link_to "example", "https://kosmos.org/.well-known/openpgpkey/hu/yuca4ky39mhwkjo78qb8zjgbfj1hg3yf.txt?l=jimmy",
           target: "_blank", class: "text-gray-500 underline" %>
       <%= render FormElements::FieldsetComponent.new(
             title: "Public key",

extras/strfry/ldap-policy.ts

@@ -63,9 +63,10 @@ export class LdapPolicy implements NPolicy {
         out['accept'] = false;
         out['msg'] = 'Only members can publish notes on this relay';
       }
-    } catch (ex) {
+    } catch (e) {
       out['accept'] = false;
       out['msg'] = 'Auth service temporarily unavailable';
+      console.warn(`[ldap-policy] Auth service temporarily unavailable: ${e.message}`)
     } finally {
       await client.unbind();
       return ['OK', id, out['accept'], out['msg']];

schemas/ldap/nostr_key.ldif

@@ -4,6 +4,6 @@ add: attributeTypes
 attributeTypes: ( 1.3.6.1.4.1.61554.1.1.2.1.21
   NAME 'nostrKey'
   DESC 'Nostr public key'
-  EQUALITY caseIgnoreMatch
+  EQUALITY caseExactIA5Match
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   SINGLE-VALUE )