8 Aug
2017
8 Aug
'17
11:11 a.m.
On 7 August 2017 at 11:37, Quanah Gibson-Mount quanah@symas.com wrote:
--On Saturday, August 05, 2017 3:05 PM -0400 David Hawes dhawes@gmail.com wrote:
With ITS #8568 [1], I notice that the first SASL EXTERNAL (using TLS client auth) bind on a connection succeeds, but subsequent SASL EXTERNAL binds on the same connection fail with:
slapd[31088]: conn=1009 op=3 RESULT tag=97 err=48 text=SASL(-15): mechanism too weak for this user: mech EXTERNAL is too weak
Please file an ITS for this, thanks. I would think the expected behavior for SASL/EXTERNAL is the SASL SSF matches the TLS SSF, given it's a TLS encrypted connection.
ITS filed:
http://www.openldap.org/its/index.cgi/Incoming?id=8708;selectid=8708