[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4231) failed SASL bind can't fall back to simple

Full_Name: Aaron Richton
Version: 2.3.12
OS: Solaris 9
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

connection.c checkin, and therefore 2.3.12, has:

@@ -2055,6 +2055,8 @@
 	ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
 	ch_free( cb );
+	op->o_callback = NULL;
Apple's OS X "DSLDAPv3" client has some interesting behavior where it tries a
SASL bind and then, if that fails, tries a Simple bind. In 2.3.11, the Simple
bind would succeed even when the SASL bind fails. In 2.3.12, this is no longer
the case. Removing that callback=NULL reverts this behavior. What is the harm of
reverting this patch?