[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: [CONFUSED] OpenLDAP 2.0.x,2.1.x sasl differences wasOpenLDAP sasl authentication from non localhost?

To: "'Edward Rudd'" <eddie@omegaware.com>, "'OpenLDAP'" <openldap-software@OpenLDAP.org>, "'Cyrus-SASL'" <cyrus-sasl@lists.andrew.cmu.edu>
Subject: RE: [CONFUSED] OpenLDAP 2.0.x,2.1.x sasl differences *was*OpenLDAP sasl authentication from non localhost?
From: "Howard Chu" <hyc@symas.com>
Date: Mon, 2 Jun 2003 18:26:45 -0700
Importance: Normal
In-reply-to: <1054599226.5410.43.camel@urkle.vernon.hills>

This is probably because Cyrus 1.5's SASL-DIGEST mech didn't implement
the checks on the Digest-URI field of the handshake. Just a guess, I
haven't looked at it.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support 

> -----Original Message-----
> From: owner-cyrus-sasl@lists.andrew.cmu.edu
> [mailto:owner-cyrus-sasl@lists.andrew.cmu.edu]On Behalf Of Edward Rudd
> Sent: Monday, June 02, 2003 5:14 PM
> To: OpenLDAP; Cyrus-SASL
> Subject: Re: [CONFUSED] OpenLDAP 2.0.x,2.1.x sasl differences
> *was*OpenLDAP sasl authentication from non localhost?
> 
> 
> OK I loaded up another system and put a openldap 2.1.x installation on
> it.. (Vmware is awesome)..  that system can connect to my openldap
> 2.1.19 server fine w/ sasl authentication..
> My RH 7.3 box with openldap 2.0.27 however can only 
> authenticate to the
> 2.1.19 server if I use CRAM-MD5.. if I use DIGEST-MD5 I give me the
> previously mentioned error..  Is this a cyrus issue?? an openldap
> issue?? or what??  
> I thought the SASL protocol was a standard specification and didn't
> change between the 1.5 and 2.1 revisions.. I know the programming API
> changed... But should apps written to a network based sasl 
> protocl work
> with both ???
> 
> at least this sort gets around one issue I'm having.. Now on 
> to getting
> ldapdb to correctly work
> 
> On Mon, 2003-06-02 at 11:53, Edward Rudd wrote:
> > I finally have openldap 2.1.19 up and running and doing sasl
> > authentication. but only from the local machine.. If I try to run
> > ldapsearch on another system and use the -h parameter it 
> fails.. ie..
> > ldapsearch -h devel -U user@dom.tld -b o=MyOrg,c=US
> > I get back this error
> > 
> > ldap_sasl_interactive_bind_s: Invalid credentials
> >         additional info: SASL(-13): authentication failure: client
> > response doesn't match what we generated
> > 
> > Any clue why??
> > 
> > the client machine is running openldap 2.0.27 and cyrus-sasl-1.5.24
> > (stock RH 7.3)
> -- 
> Edward Rudd <eddie@omegaware.com>

References:
- Re: [CONFUSED] OpenLDAP 2.0.x,2.1.x sasl differences *was* OpenLDAP sasl authentication from non localhost?
  - From: Edward Rudd <eddie@omegaware.com>

Prev by Date: Re: [CONFUSED] OpenLDAP 2.0.x,2.1.x sasl differences *was* OpenLDAP sasl authentication from non localhost?
Next by Date: Does Active Directory Service support SSL?
Index(es):
- Chronological
- Thread

RE: [CONFUSED] OpenLDAP 2.0.x,2.1.x sasl differences *was*OpenLDAP sasl authentication from non localhost?

RE: [CONFUSED] OpenLDAP 2.0.x,2.1.x sasl differences wasOpenLDAP sasl authentication from non localhost?