[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SASL/Kerberos V4 & openldap





--On Thursday, October 31, 2002 8:40 AM -0800 "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote:

See <http://www.openldap.org/its/?findid=1120>.

Kurt,

Please note that we are using cyrus-sasl-2.1.9. The issue you refer me to deals with cyrus-sasl-1.*, and its problems with SASL_IP_REMOTE and SASL_IP_LOCAL, which are not part of the cyrus-sasl-2.* series. Given I can do successful authentication with the sample server/client, something else must be the issue here.

--Quanah


At 04:08 AM 2002-10-31, Quanah Gibson-Mount wrote:


--On Wednesday, October 30, 2002 21:24:55 -0800 Howard Chu
<hyc@highlandsun.com> wrote:

This looks like a bug in the SASL KerberosIV mechanism. Have you
actually gotten a successful authentication using the SASL sample
client with the SASL server?

Howard,

Using the SASL sample client & server, I am able to successfully do
Kerberos V4 authentication:


./client -s ldap -m KERBEROS_V4 -p 99 ldap1.Stanford.EDU receiving capability list... recv: {24} PLAIN GSSAPI KERBEROS_V4 PLAIN GSSAPI KERBEROS_V4 send: {11} KERBEROS_V4 send: {1} N recv: {4} [D0][F8]][F1] send: {117} [4][6][0]IR.STANFORD.EDU[0]8([EB]V[C1][84][88][C0][88][C9]_[9D][9C][D4][ 11] [8B]F[94][0][8D]9s[C9]o[1A][DC][A].E[C4]7[DA][A9][C5]?i[CF][A4][B4]H[E3] [97 ]IT[8E]:[ED]}[F8][D2][CC]?[B0][CC][E5][E3][E9]Kb[9C][15]H<s[B5]E[E0][D3] [11 ][CC][CB]/[B2][CA][DD][E4]vAJ|q[A9]\[BC]/[A9]"[E8][14]\[1]V[F5][1D][B6][ C1] [AB]F recv: {8} [98]i?[1E][D6]JM[8C] please enter an authorization id: quanah send: {16} [E]ZK[7][C5][D2][C][8D][D9][AA][C2][A]H[97][15]R successful authentication closing connection

--Quanah

--
Quanah Gibson-Mount
Senior Systems Administrator
ITSS/TSS/Computing Systems
Stanford University




-- Quanah Gibson-Mount Senior Systems Administrator ITSS/TSS/Computing Systems Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html