[Date Prev][Date Next] [Chronological] [Thread] [Top]

SLAPD_SPASSWD functionality not quite finished (ITS#751)

Full_Name: Matt Hoskins
Version: 2.0.3
OS: solaris
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

While trying to get the SASL_SPASSWD feature going (so I can use userPassword: 
{SASL}username style stuff), I noticed that it wasn't working 'cos the code
hasn't quite been finished.

Firstly.. in configure... it has a line which reads:

Which is in the wrong place (or else the bit which sets ol_link_spasswd is in
wrong place). If I remove this line, I can compile in the spasswd support.. 
I think noticed that lutil_passwd_sasl_conn isn't being set (well it's being set
server inside the slap_sasl_init, but server isn't anything). So the call to
sasl_server_new needs to be added in somewhere such that lutil_passwd_sasl_conn
is set somewhere. slap_sasl_init may not be the right place tho', as this goes
before the config file is read (as I understand it), which means that
and global_realm haven't been configured. Either that or slap_sasl_init needs
moving... or something.

I copied and tweaked the calls from slap_sasl_open to create a connection into
slap_sasl_init, moved where slap_sasl_init got called to somewhere after the
config file is read, and authentication seemed to work against a
userPassword: {SASL}username type entry, so hopefully it'll just require you
to do a tidier version of what I did to have it working.