[Date Prev][Date Next] [Chronological] [Thread] [Top]

Stat logging for SASL BIND (ITS#2017)

Full_Name: Andrew Findlay
Version: HEAD 9 Aug 2002
OS: FreeBSD 4.6
URL: ftp://ftp.openldap.org/incoming/andrew-findlay-020809-a.diff
Submission from: (NULL) (

The stat log does not currently record the identity of clients binding with
Even with simple non-SASL bind, the record reflects the *request* rather than
the authenticated result, and it is not possible to see how strong the
authentication was.

The diff I have supplied for servers/slapd/bind.c shows the sort of data I am
thinking of, and has been tested with DIGEST-MD5. I feel that there must be a
better place to handle this though: some more general code sitting on the end of
the bind process that can interpret and log all the success and failure cases.
Such code could satisfy ITS#1809 as well.