[Date Prev][Date Next] [Chronological] [Thread] [Top]

is TLS an EXTERNAL SASL mechanism?



I previously asked the question in subject on -software list.

Netscape browser reports nothing at
ldaps://servername/?supportedsaslmechanisms.
ldapsearch -Z answers Unknown authentication method.
On openldap-software list,
I got suggestion that it is a SASL bug,
but the bug was expected in GSSAPI
module that I disabled since not using Kerberos.

In GDB, I was stepping through ldapsearch 
called with arguments -Z -Y EXTERNAL
I observed that on return from sasl_client_start,
the string mech is empty.
Same without -Y.

Maybe should I try something about configuring SASL,
i.e. write Slapd.conf (don't know how) ?
Or is TLS-as-EXTERNAL simply not implemented yet?

Rafal