[Date Prev][Date Next] [Chronological] [Thread] [Top]

GSSAPI signing/encryption for unsuspectingly applications (its not a bug)

To: openldap-devel@openldap.org
Subject: GSSAPI signing/encryption for unsuspectingly applications (its not a bug)
From: mikbec <mikbec@web.de>
Date: Wed, 13 May 2009 22:07:35 +0200
User-agent: Thunderbird 2.0.0.21 (Windows/20090302)

Patch related to "(ITS#6110) GSSAPI signing/encryption for
unsuspectingly applications" is more an enhancement than a bug report.

Please have a look at patch onftp://ftp.openldap.org/incoming/mike-becher-090512.libraries-libldap.patchor ITS report onhttp://www.openldap.org/its/index.cgi/Incoming?id=6110;selectid=6110


In short that patch:

1) adds call of ldap_gssapi_bind_s() at the beginning ofldap_sasl_interactive_bind_s() which can be turn on or off by an GSSAPIOPTION (manual update of ldap.conf (5) included) to provide GSSAPIsigning/encryption for applications that use (and only know)ldap_sasl_interactive_bind_s(),2) adds the missed implementation of "switch off" functionality of allother GSSAPI OPTIONS.

3) corrects one string length problem in guess_service_principal() and
4) corrects one hostname resolving problem in guess_service_principal().

Sorry for that kind of announcement but I hope now it is on the rightmailing list.


best regards
 Mike

Follow-Ups:
- Re: GSSAPI signing/encryption for unsuspectingly applications (its not a bug)
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: current RE24 experience
Next by Date: Re: GSSAPI signing/encryption for unsuspectingly applications (its not a bug)
Index(es):
- Chronological
- Thread