[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL interoperability fix (ITS#2994)
Sounds like something which should be discussed by LDAPBIS...
Kurt
At 02:04 PM 3/4/2004, lukeh@PADL.COM wrote:
>FWIW Cyrus SASL returns a zero-length string, not NULL, on the last
>leg of a GSS-API authentication.
>
>If we are to respect the difference between the two, shouldn't slapd
>only return serverSaslCreds if the SASL library returns NULL?
>
>I tested some alternative server implementations of the GSSAPI
>SASL mechanism:
>
>- Active Directory returns serverSaslCreds with length zero
>
>- PADL GSS-SASL doesn't return serverSaslCreds (as far as I can
> tell from the code, I didn't actually look at a packet trace)
>
>Did this ever come up in the working group?
>
>We should find out what Sun DS 5.2 does for GSSAPI...
>
>-- Luke