[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: GSSAPI interoperabity with ActiveDirectory (ITS#884)

To: openldap-its@OpenLDAP.org
Subject: Re: GSSAPI interoperabity with ActiveDirectory (ITS#884)
From: Kurt@OpenLDAP.org
Date: Fri, 10 Nov 2000 21:07:39 GMT

At 03:44 PM 11/10/00 +0000, klasen@zdv.uni-tuebingen.de wrote:
>Full_Name: Norbert Klasen
>Version: head
>OS: linux
>URL: 
>Submission from: (NULL) (134.2.217.40)
>
>
>On GSSAPI binds AD sends the BindResponse indicating succes with an empty 
>serverSaslCreds field:
>
>0000 30   18: SEQUENCE {
>0006 02    1:   INTEGER = 4
>0009 61    9:   [APPLICATION 1] {
>000F 0A    1:     ENUM = 0
>0012 04    0:     STRING = ''
>0014 04    0:     STRING = ''
>0016 87    0:     [CONTEXT 7]
>0018        :   }
>0018        : }
>
>However ldap_int_sasl_bind fails on this with LDAP_LOCAL_ERROR. I guess OpenLDAP
>
>expects serverSaslCreds to be absent since this field is optional. My patch
>checks 
>if there really is some data in the last serverSaslCreds and only aborts then.

Please note that the presence of an empty OPTIONAL field is not
semantically the same as the absence of the field.

Prev by Date: Re: OpenLDAP-2.0 bug: incomplete LDAP_RES_SEARCH_REFERENCE?
Next by Date: OpenLDAP-2.0.7 on RedHat 7.0 (ITS#885)
Index(es):
- Chronological
- Thread