HI!
It seems I've never passed a DN to SASL bind functions.
Could someone please elaborate on a valid use-case for argument dn of libldap function ldap_sasl_bind_s()?
Thanks in advance.
Ciao, Michael.
Michael Ströder wrote:
HI!
It seems I've never passed a DN to SASL bind functions.
Could someone please elaborate on a valid use-case for argument dn of libldap function ldap_sasl_bind_s()?
I suppose it is only exposed since the protocol message still carries it, even though it is always empty. The client could legally put anything it wants in there; a proper server would still just ignore the DN though.
Thanks in advance.
Ciao, Michael.
On 8/18/19 6:35 PM, Howard Chu wrote:
Michael Ströder wrote:
It seems I've never passed a DN to SASL bind functions.
Could someone please elaborate on a valid use-case for argument dn of libldap function ldap_sasl_bind_s()?
I suppose it is only exposed since the protocol message still carries it, even though it is always empty. The client could legally put anything it wants in there; a proper server would still just ignore the DN though.
Thanks. Understood.
I assume the same applies to parameter who of ldap_sasl_interactive_bind_s().
Ciao, Michael.
Michael Ströder wrote:
On 8/18/19 6:35 PM, Howard Chu wrote:
Michael Ströder wrote:
It seems I've never passed a DN to SASL bind functions.
Could someone please elaborate on a valid use-case for argument dn of libldap function ldap_sasl_bind_s()?
I suppose it is only exposed since the protocol message still carries it, even though it is always empty. The client could legally put anything it wants in there; a proper server would still just ignore the DN though.
Thanks. Understood.
I assume the same applies to parameter who of ldap_sasl_interactive_bind_s().
Yes, same thing.
Ciao, Michael.
On 8/18/19 11:26 PM, Howard Chu wrote:
Michael Ströder wrote:
On 8/18/19 6:35 PM, Howard Chu wrote:
Michael Ströder wrote:
It seems I've never passed a DN to SASL bind functions.
Could someone please elaborate on a valid use-case for argument dn of libldap function ldap_sasl_bind_s()?
I suppose it is only exposed since the protocol message still carries it, even though it is always empty. The client could legally put anything it wants in there; a proper server would still just ignore the DN though.
I assume the same applies to parameter who of ldap_sasl_interactive_bind_s().
Yes, same thing.
Hmm, it seems one cannot simply pass NULL or "" as value for argument dn to ldap_sasl_interactive_bind_s(). What's the correct solution?
Ciao, Michael.
Michael Ströder wrote:
On 8/18/19 11:26 PM, Howard Chu wrote:
Michael Ströder wrote:
On 8/18/19 6:35 PM, Howard Chu wrote:
Michael Ströder wrote:
It seems I've never passed a DN to SASL bind functions.
Could someone please elaborate on a valid use-case for argument dn of libldap function ldap_sasl_bind_s()?
I suppose it is only exposed since the protocol message still carries it, even though it is always empty. The client could legally put anything it wants in there; a proper server would still just ignore the DN though.
I assume the same applies to parameter who of ldap_sasl_interactive_bind_s().
Yes, same thing.
Hmm, it seems one cannot simply pass NULL or "" as value for argument dn to ldap_sasl_interactive_bind_s(). What's the correct solution?
Eh? The OpenLDAP clients use NULL.
Ciao, Michael.
openldap-technical@openldap.org
-
Howard Chu -
Michael Ströder