16 Feb
2010
16 Feb
'10
7:29 p.m.
Hello
After exchanging a few private messages with Pierangelo Masarati, I just posted ITD#6475:
When binding using SASL OTP to a replica, the bind works, but the cmusaslsecretOTP attribute is modified on the replica and fail to be propagated to the master. On the next modification, the master will overwrite the replica's updated cmusaslsecretOTP value.
Here is a script that exhibit the behaviour: ftp://ftp.openldap.org/incoming/ldapotp.tgz
That require SASL enabled OpenLDAP, with the OTP plugin installed. The PATH in run.sh must probably be adjusted.
The problem is in sasl_auxprop_store(), who bypass the replication process. The easier fix to me seems to send a referal to the master on any SASL OTP bind, Any other idea?
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org