[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL OTP and syncrepl

To: openldap-devel@openldap.org
Subject: SASL OTP and syncrepl
From: manu@netbsd.org (Emmanuel Dreyfus)
Date: Wed, 17 Feb 2010 04:29:44 +0100
User-agent: MacSOUP/2.7 (unregistered for 1124 days)

Hello

After exchanging a few private messages with Pierangelo Masarati, I just
posted ITD#6475:

> When binding using SASL OTP to a replica, the bind works, but the
> cmusaslsecretOTP attribute is modified on the replica and fail to be
> propagated to the master. On the next modification, the master will
> overwrite the replica's updated cmusaslsecretOTP value.
>
>  Here is a script that exhibit the behaviour:
> ftp://ftp.openldap.org/incoming/ldapotp.tgz

> That require SASL enabled OpenLDAP, with the OTP plugin installed. The
> PATH in run.sh must probably be adjusted.

The problem is in sasl_auxprop_store(), who bypass the replication
process. The easier fix to me seems to send a referal to the master on
any SASL OTP bind, Any other idea?
 
-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org

Follow-Ups:
- Re: SASL OTP and syncrepl
  - From: David Hawes <dhawes@vt.edu>
- Re: SASL OTP and syncrepl
  - From: Pierangelo Masarati <masarati@aero.polimi.it>

Prev by Date: syncprov mmr propagation
Next by Date: Re: SASL OTP and syncrepl
Index(es):
- Chronological
- Thread