[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap_bind



Hi all,

In libraries/libldap/bind.c the ldap_bind client call is
implemented as a switch statement on the authmethod
parameter, which (if HAVE_KERBEROS isn't defined) has
only one case. This case calls the ldap_simple_bind
function, which then hard codes the value of authmethod
to LDAP_AUTH_SIMPLE.

This seems like it's arse about to me. Why not implement
the less general routine as a call to the more general,
with the arguments hard coded appropriately?

Is there any reason why the client library needs to be
particularly aware of the bind method in use, or refuse
to allow unknown bind methods? I can see that there might
be problems if the credential is anything other than a
NULL terminated string, but why prevent a client from
sending a strange authmethod to the server, which might
well support it, and is surely capable of returning
LDAP_AUTH_UNKNOWN or LDAP_UNWILLING_TO_PERFORM if it's
not in the mood?

Bernard.
---
Bernard Gardner
UUNET Asia Pacific Operations

Email:  Bernard.Gardner@au.uu.net
Phone:  +61 2 94332124
Mobile: +61 4 12207040
Fax:    +61 2 94375888
Mail:   39 Herbert St., St Leonards, NSW, Australia, 2065