[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#3845) support for SASL binds with plaintext rootpw

To: openldap-its@OpenLDAP.org
Subject: (ITS#3845) support for SASL binds with plaintext rootpw
From: jtownsend@opendarwin.org
Date: Thu, 7 Jul 2005 16:06:45 GMT

Full_Name: Jason Townsend
Version: 2.2.19 and HEAD
OS: 10.4.1
URL: http://www.opendarwin.org/~jtownsend/patches/rootpwsasl/servers-slapd-sasl.patch
Submission from: (NULL) (24.7.116.24)


If there is a plaintext rootpw configured, then it is possible to hand that to
SASL through the auxprop callback in order to allow a SASL bind against that
account to work. In Mac OS X Server/Open Directory this is used to allow a
replication identity and password to be set up simply with rootpw/rootdn without
requiring another record to be added to the database. This way slurpd can
perform a secure authentication rather than a simple bind.

This patch was originally made against 2.2.19 and then ported it to HEAD.

http://www.opendarwin.org/~jtownsend/patches/rootpwsasl/servers-slapd-sasl.patch

Prev by Date: Re: (ITS#3755) OpenLDAP breaks strict aliasing rules
Next by Date: Re: (ITS#3845) support for SASL binds with plaintext rootpw
Index(es):
- Chronological
- Thread