[Date Prev][Date Next]
(ITS#5001) Incorrect SSF display
Full_Name: Quanah Gibson-Mount
Submission from: (NULL) (184.108.40.206)
I was playing with SASL connections on an TLS encrypted connection, and noticed
the SSF displayed is not correct in the SASL part.
Jun 7 12:51:27 ldap-dev1 slapd: conn=4494 fd=29 TLS established
Jun 7 12:51:27 ldap-dev1 slapd: conn=4494 op=4 BIND
dn="uid=quanah,cn=accounts,dc=stanford,dc=edu" mech=GSSAPI ssf=56
I believe that the second line above should really display "sasl_ssf=56", or
probably even better, "sasl_ssf=56 ssf=256", similar to how the first line has
"tls_ssf=256 ssf=256", so that it is clear that there are different security
factors in play here.