[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
SASL_SUCCESS_DATA should be set (ITS#2202)
Full_Name: Luke Howard
Version: HEAD
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (165.228.130.11)
In servers/slapd/sasl.c, when calling sasl_server_new(), you should pass
SASL_SUCCESS_DATA as the second-last argument.
Why? Some SASL mechanisms appear to send a final response with the last token.
For example, Microsoft's GSS-SPNEGO mechanism appears not to do the SASL SSF
negotiation, and so the final SPNEGO "accept completed" token is returned in a
successful LDAP BindResponse PDU.