[Date Prev][Date Next]
SASL and GSSAPI (ITS#2944)
Full_Name: Seth Hettich
OS: Linux (RH9)
Submission from: (NULL) (220.127.116.11)
When using SASL/GSSAPI you get:
sb_sasl_pkt_length: received illegal packet length of 65548 bytes
sb_sasl_read: failed to decode packet: generic failure
ldap_result: Can't contact LDAP server (81)
from ldapsearch when doing a search that returns a lot of data (> 65548 bytes
I see several problems:
* openldap needs to "chunk" up it's data when using SASL security layer, only
at most 65548 bytes at a time to the SASL layer.
* When using TLS, you should turn off the SASL security layer (I see code to do
but it's not complete). This would give a workaround to the 1st problem.