[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS or plain?



Friday, July 18, 2003, 7:46:24 PM, Christian wrote:

> Hi,

> You should take the trace in /var/log/syslog:

> Jul 18 14:36:54 ldapserver slapd[1272]: conn=39 fd=12 ACCEPT from 
> IP=XXX.XXX.XXX.XXX:2024 (IP=XXX.XXX.XXX.XXX:389)
> Jul 18 14:36:54 ldapserver slapd[1273]: conn=39 op=0 BIND dn="" method=128


> And convert the value for "method"
 
> # pwd ; grep LDAP_AUTH ldap.h
> ...../openldap-2.1.22/include
> #define LDAP_AUTH_NONE  ((ber_tag_t) 0x00U)     /* no 
> authentication             */
> #define LDAP_AUTH_SIMPLE        ((ber_tag_t) 0x80U)     /* context 
> specific + primitive */
> #define LDAP_AUTH_SASL  ((ber_tag_t) 0xa3U)     /* context specific + 
> constructed */
> #define LDAP_AUTH_KRBV4 ((ber_tag_t) 0xffU)     /* means do both of the 
> following */
> #define LDAP_AUTH_KRBV41        ((ber_tag_t) 0x81U)     /* context 
> specific + primitive */
> #define LDAP_AUTH_KRBV42        ((ber_tag_t) 0x82U)     /* context 
> specific + primitive */
> #define LDAP_AUTH_METHOD_NOT_SUPPORTED  0x07
> #define LDAP_STRONG_AUTH_NOT_SUPPORTED  LDAP_AUTH_METHOD_NOT_SUPPORTED
> #define LDAP_AUTH_UNKNOWN               0x56


Hi, i'm not programmer, don't ask me to look at the source :=)
however, from the code above, i did not see that connection is encrypted or not, it
just say using -x or using strong auth (sasl), cmiiw.
TIA.



> -- Christian


--beast