[Date Prev][Date Next]
incorrect hostname in SASL bind within rebind function (ITS#3298)
Full_Name: Luke Howard
Submission from: (NULL) (220.127.116.11)
ldap_int_sasl_bind() calls ldap_host_connected_to() to determine the currently
connected host, which is passed to ldap_int_sasl_open().
In the case of the GSSAPI SASL mechanism, the SASL library uses this hostname to
determine which ticket to acquire for authenticating. We have a rebind callback
that will do a GSSAPI SASL bind on referral.
ldap_host_connected_to() actually returns the referring host rather than the
referred host, hence the wrong ticket is acquired and the SASL bind eventually
It appears that ld->ld_sb points to the referring host, whereas
ld->ld_defconn->lconn_sb points to the referred host.
See the attached patch for more information, it fixes the problem for me.