[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL & /usr/lib/sasl/slapd.conf



Hi,

I have been having a few problems with my SASL setup, which I have mostly
resolved, however, I think I may have discovered a bug along the way.

A quick look at the code in servers/slapd/sasl.c suggests that the
sasl_server_init( callbacks, "slapd") call is made, and the
/usr/lib/sasl/slapd.conf should be read.  There is however, some less than
obvious code somehow using the callbacks to resolve pathname.

I did not feel that it was using this file (although the SASL doco
strongly suggests it must).

To test, I set sasl_secprops to none, and thus had PLAIN, and ANONYMOUS
appear as supportedSASLMechanisms.  But the -Y option on ldapsearch refused
to allow either of these, so I could not verify pwcheck_method pam in my
/usr/lib/sasl/slapd.conf:

[root@mistress openldap]# ldapsearch -D "uid=ispman,o=ispman" -b "o=ispman"
-Y PLAIN
ldap_sasl_interactive_bind_s: Unknown authentication method

I am using linux-2.4.12, cyrus-sasl-1.5.27, and openldap-2.0.19

Ch



_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com