[Date Prev][Date Next] [Chronological] [Thread] [Top]


Howard Chu writes:
>> Still I also believe ldap_sasl_bind() is misnamed if it
>> should be used for simple bind from now on.
> Quibbling over this function name seems a bit pointless, unless
> someone here is really going to put the energy into drafting a new API
> spec.

My quibble is just that ldap_simple_bind() should be kept.
We can add new functions instead, like the one you suggest:

> typedef struct LDAP_SASL_parms {
> 	LDAP_CONST char *mechs;

Why plural "mechs"?

> 	unsigned flags;

Used for what?  They don't seem necessary in the BindRequest
definition in the protocol spec.

> 	void *interactCtx;

How will these be used?

> } LDAP_SASL_parms;
> ldap_bind(LDAP *ld, LDAP_CONST char *id, LDAP_CONST char *cred, int
> authmethod,
> 	LDAPControl **sctrls, LDAPControl **cctrls, void *extra)

Call it ldap_bind_ext() or something, don't reuse an old name.

> If authmethod == LDAP_AUTH_SASL then id/cred are SASL ID and password,
> otherwise they are LDAP DN and password. "extra" is LDAP_SASL_parms *
> for a SASL bind. etc...

How about:  Drop authmethod.  If extra != NULL, it is SASL.
Otherwise it's simple bind.

OTOH, simple bind will soon need an extra argument which says
whether or not to apply SASLprep.