Howard Chu wrote:
mikbec wrote:
Patch related to "(ITS#6110) GSSAPI signing/encryption for
unsuspectingly applications" is more an enhancement than a bug report.
That's fine, patches are supposed to be tracked in ITS anyway.
However, it seems to me that these patches are duplicating functionality
that's already provided by SASL/GSSAPI. On that basis I'm inclined to
You are right if you think that SASL with GSSAPI support should do that
stuff.
But firstly the SASL/GSSAPI code in openldap seems to support only the
authentication part if you try to connect to something like an MS Active
Directory Controller. After authentication is done successfully it seems
so that integrity and confidential protection part via SASL/GSSAPI will
be switched off.....hmmmmm.