Re: (ITS#6757) SASL canonicalize doesn't work as documented

31 Dec 2010


      I get similar behaviour using Cyrus SASL's sample-client and sample-server:
...
Negotiation complete
Username: student@REALM3.WS.NSRC.ORG
Realm: (NULL)
SSF: 56
...
Now, in sample-server.c, the displayed realm comes from
result = sasl_getprop(conn, SASL_DEFUSERREALM, (const void **)&data);
which suggests this is intended to be the default realm, not the realm of
the user connecting. And clearly the username does include the Kerberos
realm.
But I'm having difficulty finding the corresponding OpenLDAP code to extract
the realm.  Is it making use of session callbacks, and expects Cyrus to call
slap_sasl_canonicalize (SASL_CB_CANON_USER) with the user_realm parameter?
Regards,
Brian.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Re: (ITS#6757) SASL canonicalize doesn't work as documented