[Date Prev][Date Next]
openldap+sasl+gsi, sasl.c bugs (ITS#530)
Full_Name: mei-hui su
Version: development tree
OS: solaris 2.7
Submission from: (NULL) (126.96.36.199)
We managed to make this setup to work on solaris 2.7 (which is
wonderful for us),
slapd with shell backend(development tree) + Cyrus sasl(1.5.15) +
During the process, we found couple of small bugs in client
library's sasl.c and server's sasl.c.
As a side note,
Base on the sample example supplied in Cyrus SASL's tar ball,
authentication is 'userid' using the callback id of SASL_CB_USER
authorization is 'authid' using the callback id of SASL_CB_AUTHNAME
And according to the RFC 2222 7.2.2, on the server side, the call
to GSS_Accept_sec_context might not result in an output_token when
GSS_S_COMPLETE is returned. In either case, server needs to call 'step'
again and it will generate a 4 octets data that should then be sent
to the client.
patch can be found at