[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using int ldap_sasl_interactive_bind_s with SASL/EXTERNAL and certificate



Mathieu MILLET wrote:
Hi everyone,

I'm trying to add support to SASL/EXTERNAL with certificate to NSSLDAP.

For now, for testing, I'm implementing a very quick client in C.

I'm able to perform starttls and client certificate verification.
But, when using ldap_sasl_interactive_bind_s, I can't figure out what to
pass to arguments server/client controls, sasl interact and<void
*defaults>. the only parameter I have set yet is mechs which equal to
"EXTERNAL".

Does anyone have any documentation on how to perform this type of
authentication ?

For EXTERNAL you don't need to use sasl_interactive_bind. Just use sasl_bind.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/