[Date Prev][Date Next]
Re: Kerberos 5 Support for OpenLDAP-release
At 06:13 PM 9/22/99 -0700, Kurt D. Zeilenga wrote:
>At 05:43 PM 9/22/99 -0700, Booker Bense wrote:
>>- I don't know enough of the logic of how ldap_init works to know
>>what the right thing to do here is. I think I could cobble up a patch
>>using ldo_defhost, but I'm not sure that's the correct thing to do.
>Well, if no connection, you could do an ldo_defhost->IP->name, but...
>>I looked at ITS 268, and the more that I think about it the more
>>I'm convinced that the ticket has to be constructed after the
>>connection is opened.
>I agree. ldap_kerberos_bind*() should open connection (if
>necessary) before attempting to generate the ticket. This could
>be done by splitting out the post-init part of ldap_open into a
>subroutine that ldap_open(), ldap_send_initial_result(),
>and ldap_kerberos_bind*() could call.
Give me a few minutes and I should have a commit ready that
should fix the default connection problem.