[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Kerberos 5 Support for OpenLDAP-release
At 05:43 PM 9/22/99 -0700, Booker Bense wrote:
>- I don't know enough of the logic of how ldap_init works to know
>what the right thing to do here is. I think I could cobble up a patch
>using ldo_defhost, but I'm not sure that's the correct thing to do.
Well, if no connection, you could do an ldo_defhost->IP->name, but...
>I looked at ITS 268, and the more that I think about it the more
>I'm convinced that the ticket has to be constructed after the
>connection is opened.
I agree. ldap_kerberos_bind*() should open connection (if
necessary) before attempting to generate the ticket. This could
be done by splitting out the post-init part of ldap_open into a
subroutine that ldap_open(), ldap_send_initial_result(),
and ldap_kerberos_bind*() could call.