[Date Prev][Date Next]
RE: mutiple sasl_bind within the same ldap session (ITS#2424)
> -----Original Message-----
> From: Igor Brezac [mailto:email@example.com]
> On Sun, 6 Apr 2003, Howard Chu wrote:
> > A way to make this work is to use two SASL Bind requests -
> one with no mech
> > or parameters, simply to shutdown the current SASL session,
> and then the real
> > Bind using the new SASL context. This approach needs to be
> endorsed by both
> > the SASL and LDAP protocol designers.
> > Having spelled this all out, I leave it in your hands.
> The second option appears easier to implement, no changes on
> the server side. Correct?
The server needs to be modified to support this behavior. The changes are
complicated by dependencies on TLS to support SASL/EXTERNAL.
> Or, what is worng with sasl_bind() doing a close
> and then open before it proceeds?
Nothing is wrong with this; that would make the most sense on the client
Feel free to submit patches implementing these changes.