Full_Name: Luke Howard Version: 2.2.15 OS: Linux URL: http://www.padl.com/~lukeh/sasl.diff Submission from: (NULL) (203.13.32.92) ldap_int_sasl_bind() calls ldap_host_connected_to() to determine the currently connected host, which is passed to ldap_int_sasl_open(). In the case of the GSSAPI SASL mechanism, the SASL library uses this hostname to determine which ticket to acquire for authenticating. We have a rebind callback that will do a GSSAPI SASL bind on referral. ldap_host_connected_to() actually returns the referring host rather than the referred host, hence the wrong ticket is acquired and the SASL bind eventually fails. It appears that ld->ld_sb points to the referring host, whereas ld->ld_defconn->lconn_sb points to the referred host. See the attached patch for more information, it fixes the problem for me.
moved from Incoming to Software Bugs
changed notes
changed state Open to Test
changed state Test to Release
Please test OPENLDAP_REL_ENG_2_2. Thanks, Kurt
changed state Release to Closed
moved from Software Bugs to Archive.Software Bugs
fixed in HEAD/re22