[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5777) slapd should reject BindRequest with 'name' when SASL bind is sent

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5777) slapd should reject BindRequest with 'name' when SASL bind is sent
From: Kurt@OpenLDAP.org
Date: Wed, 29 Oct 2008 15:08:04 GMT

On Oct 29, 2008, at 2:56 AM, michael@stroeder.com wrote:

> I wonder whether it would be worth that slapd rejects a SASL bind  
> request with
> BindRequest.name set (normally used for simple bind) returning a  
> protocolError
> error code.

RFC 4513:
    Clients sending a BindRequest message with the sasl choice selected
    SHOULD send a zero-length value in the name field.  Servers  
receiving
    a BindRequest message with the sasl choice selected SHALL ignore any
    value in the name field.

So, no.

-- Kurt

Prev by Date: Re: (ITS#5777) slapd should reject BindRequest with 'name' when SASL bind is sent
Next by Date: Re: (ITS#5763) libRSAglue bug in OpenLDAP configure script
Index(es):
- Chronological
- Thread