[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL interoperability fix (ITS#2994)

To: openldap-its@OpenLDAP.org
Subject: SASL interoperability fix (ITS#2994)
From: lukeh@padl.com
Date: Wed, 3 Mar 2004 22:50:56 GMT

Full_Name: Luke Howard
Version: HEAD
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (165.228.130.11)


Some SASL clients require that serverSaslCreds be provided when the last token
returned by the server is zero length. Presently OpenLDAP omits
serverSaslCreds.

(This is obviously only an issue for mechanisms such as GSSAPI that return a
zero length token on the last leg of the authentication.)

The following patch fixes this:

cvs server: Diffing .
Index: sasl.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/sasl.c,v
retrieving revision 1.165.2.12
diff -u -r1.165.2.12 sasl.c
--- sasl.c      17 Jan 2004 19:32:20 -0000      1.165.2.12
+++ sasl.c      3 Mar 2004 22:42:27 -0000
@@ -1625,7 +1625,7 @@
                }
 
                /* Must send response using old security layer */
-               if (response.bv_len) rs->sr_sasldata = &response;
+               rs->sr_sasldata = &response;
                send_ldap_sasl( op, rs );
 
                /* Now dispose of the old security layer.

Prev by Date: Re: syncRepl fails to replicate new trees (ITS#2948)
Next by Date: Re: SASL interoperability fix (ITS#2994)
Index(es):
- Chronological
- Thread