Re: POSSIBLE BUG: Cyrus SASL 2.1.22: ldapdb

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Patrick Ben Koetter wrote:
This mail expands on a mail I had sent to cyrus-sasl@xxxxxxxxxxxxxxxxxxxx a
few days ago. I spent the last days testing this and I believe I have found a
bug.

The likelihood that a bug is in the ldapdb code is about zero.

Version:    Cyrus SASL 2.1.22
OS:         CentOS (also tested and verified on Ubuntu and OpenSuse)
Descrition: Entries that successfully can be authenticated using the
            ldapwhoami command can only partially be authenticated using the
            Cyrus SASL ldapdb-plugin.

Steps to reproduce:
(All files are available for download at
<http://www.state-of-mind.de/bugreport_cyrus-sasl-2.1.22.tgz>)

Since you've gone to the trouble of packaging this up, you should also have included an extract from the slapd debug log taken from running the sample- authentication.

1. Install configuration as provided by bugreport_cyrus-sasl-2.1.22.tgz.
2. Use ldapwhoami to verify authentication:

    [root@netinstall ldap]# ldapwhoami -U a -w a
    SASL/DIGEST-MD5 authentication started
    SASL username: a
    SASL SSF: 128
    SASL installing layers
    dn:uid=a,ou=people,dc=example,dc=com
    Result: Success (0)

    [root@netinstall ldap]# ldapwhoami -U b -w b
    SASL/DIGEST-MD5 authentication started
    SASL username: b
    SASL SSF: 128
    SASL installing layers
    dn:uid=b,ou=people,dc=example,dc=com
    Result: Success (0)

Neither of these commands reflects what the ldapdb plugin does. To test that you first need to test e.g.
	ldapwhoami -U proxyuser -X a
--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP     http://www.openldap.org/project/

[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux