[Date Prev][Date Next]
SASL_SUCCESS_DATA should be set (ITS#2202)
Full_Name: Luke Howard
Submission from: (NULL) (220.127.116.11)
In servers/slapd/sasl.c, when calling sasl_server_new(), you should pass
SASL_SUCCESS_DATA as the second-last argument.
Why? Some SASL mechanisms appear to send a final response with the last token.
For example, Microsoft's GSS-SPNEGO mechanism appears not to do the SASL SSF
negotiation, and so the final SPNEGO "accept completed" token is returned in a
successful LDAP BindResponse PDU.