[Date Prev][Date Next] [Chronological] [Thread] [Top]

alternative listener and kerberos realm



hi,

My aim was to be able to communicate with slapd (2.3.43) using two
hostnames (using alternative listeners), one HOSTNAME_A in a kerberos
realm REALM_A and the second one, HOSTNAME_B, in realm REALM_B
(according to krb5.conf section [domain_realm]).

[domain_realm]
 HOSTNAME_A = REALM_A
 HOSTNAME_B = REALM_B

slapd is running on a machine called HOSTNAME_A (command uname).

My problem is that slapd only use HOSTNAME_A to create sasl context,
as written in servers/slapd/sasl.c

	sc = sasl_server_new( "ldap", global_host, global_realm,
		iplocalport, ipremoteport, session_callbacks, SASL_SUCCESS_DATA, &ctx );

where global_host is not set according from where the connexion comes
from.

So my questions are:

1- is it a known stuff

2- do you think it is difficult to change this behavior so global_host
   depends on the hostname used to connect to slapd

thank you,
-- 
	David Bonnafous
	Institut de Mathématiques
	Université de Toulouse - France