Roberto Polli wrote: > On Thursday 30 July 2009 01:15:00 Rich Megginson wrote: > >>> but..is it right that in aclplugin.c the function >>> acl_get_proxyauth_dn( pb, &proxy_dn, &errtext ) >>> returns proxy_dn = "" ? >>> >> It is if there is no proxy auth control being sent. >> > but tcpdump states it's sent... > Without walking through the server with the debugger, it's going to be difficult to tell what's going on. The function acl_get_proxyauth_dn() is pretty straightforward - look at the request controls, see if version 1 or version 2 of the proxy auth control was sent, if so, grab the DN from the control value. There is no obvious place in the code where acl_get_proxyauth_dn() would be called conditionally (that is, not called due to some condition). So I'm at a loss to explain how acl_get_proxyauth_dn() could be called at all, with a valid proxy auth control containing a non-empty DN value, and return a NULL or empty DN. > Peace, > R. > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20090729/0df50d23/attachment.bin
