[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SLAPD_SPASSWD functionality not quite finished (ITS#751)



I've committed changes to OPENLDAP_REL_ENG_2 which should
resolve this issue.  Please test.  Thanks.

        Kurt

At 01:23 PM 9/19/00 +0000, matt@nipltd.com wrote:
>Full_Name: Matt Hoskins
>Version: 2.0.3
>OS: solaris
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (194.193.44.21)
>
>
>While trying to get the SASL_SPASSWD feature going (so I can use userPassword: 
>{SASL}username style stuff), I noticed that it wasn't working 'cos the code
>hasn't quite been finished.
>
>Firstly.. in configure... it has a line which reads:
>ol_link_spasswd=no
>
>Which is in the wrong place (or else the bit which sets ol_link_spasswd is in
>the
>wrong place). If I remove this line, I can compile in the spasswd support.. 
>However
>I think noticed that lutil_passwd_sasl_conn isn't being set (well it's being set
>to
>server inside the slap_sasl_init, but server isn't anything). So the call to
>sasl_server_new needs to be added in somewhere such that lutil_passwd_sasl_conn
>is set somewhere. slap_sasl_init may not be the right place tho', as this goes
>off
>before the config file is read (as I understand it), which means that
>global_host
>and global_realm haven't been configured. Either that or slap_sasl_init needs
>moving... or something.
>
>I copied and tweaked the calls from slap_sasl_open to create a connection into
>slap_sasl_init, moved where slap_sasl_init got called to somewhere after the
>config file is read, and authentication seemed to work against a
>userPassword: {SASL}username type entry, so hopefully it'll just require you
>guys
>to do a tidier version of what I did to have it working.