[Date Prev][Date Next]
Re: protocol: closing SASL upon Unbind
At 02:31 PM 12/6/2004, Hallvard B Furuseth wrote:
>Kurt D. Zeilenga writes:
>>At 01:59 PM 12/6/2004, Hallvard B Furuseth wrote:
>>>protocol-28 section 4.3 (Unbind Operation) says:
>>>> (...) close the LDAP session as follows:
>>>> - cease exchanges at the LDAP message layer,
>>>> - close the SASL layer (if installed),
>>> No. To do that, one simply closes the connection. As I noted earlier,
>>> [SASL] does not define the operation of closing a SASL layer, it only
>>> defines replacing it with another layer.
>> The SASL mechanism itself may provide a layer closure facility
>> and, if so, it should be used.
>If so, [SASL] should be modified to mention such a facility:
[SASL] leaves most of the details of layers to mechanisms,
and, in general, doesn't preclude layers from providing closure
facilities. If the SASL base specification needs to mention
something here, then I suggest you raise a concern on the
SASL mailing list.
>The application shouldn't need to know that the particilar SASL layer it is
>using has such a facility; the SASL implementation itself should provide
>a "close the current layer" function.
Well, if by SASL implementation, you mean some library providing
some SASL services to a program, then likely, yes, that API
should likely include a close function. That's a good topic
for those designing SASL APIs. In Cyrus SASL, IIRC, the
function is named sasl_dispose().