Re: SASL EXTERNAL binds and sasl-secprops minssf > 0

7 Aug 2017


      --On Saturday, August 05, 2017 3:05 PM -0400 David Hawes dhawes@gmail.com 
wrote:
...
With ITS #8568 [1], I notice that the first SASL EXTERNAL (using TLS
client auth) bind on a connection succeeds, but subsequent SASL
EXTERNAL binds on the same connection fail with:
slapd[31088]: conn=1009 op=3 RESULT tag=97 err=48 text=SASL(-15):
mechanism too weak for this user: mech EXTERNAL is too weak
Please file an ITS for this, thanks.  I would think the expected behavior 
for SASL/EXTERNAL is the SASL SSF matches the TLS SSF, given it's a TLS 
encrypted connection.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
http://www.symas.com

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: SASL EXTERNAL binds and sasl-secprops minssf > 0