[389-devel] Commit: Bug 555189 - ldclt: -e randombinddnfromfile fails with LDAP_UNWILLING_TO_PERFORM (53)
Noriko Hosoi
nhosoi at redhat.com
Thu Jan 14 19:03:18 UTC 2010
Thanks to Rich for reviewing the change. Pushed to master.
$ git merge work
Updating 008edfb..80fb1c7
Fast forward
ldap/servers/slapd/tools/ldclt/ldapfct.c | 53
+++++++++++++++++++----------
ldap/servers/slapd/tools/ldclt/ldclt.use | 2 +-
ldap/servers/slapd/tools/ldclt/ldcltU.c | 4 +-
3 files changed, 38 insertions(+), 21 deletions(-)
$ git push
Counting objects: 19, done.
Delta compression using 2 threads.
Compressing objects: 100% (10/10), done.
Writing objects: 100% (10/10), 1.61 KiB, done.
Total 10 (delta 8), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
008edfb..80fb1c7 master -> master
--noriko
On 01/13/2010 04:38 PM, Noriko Hosoi wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=555189
>
> Fix proposal
> https://bugzilla.redhat.com/attachment.cgi?id=383582&action=diff
>
> Description of problem:
> ldclt code is not passing the password correctly to ldap_sasl_bind_s.
>
> The server receives NULL credential. Due to the default configuration:
> nsslapd-allow-unauthenticated-binds: off
> the unauthenticated bind fails.
>
> Fix description
> When "-e randombinddnfromfile=file" is given, bind dn and password pair
> is retrieved from the file and is supposed to pass to ldap_sasl_bind_s.
> Although the password was read from the file, but it was not set to the
> berval "cred" which was passed to ldap_sasl_bind_s. Therefore, the
> bind operation tried to bind with bind dn and NULL password, which now
> fails since it's considered as an unauthenticated bind.
>
> Also, a usage typo is being fixed.
>
>
> --
> 389-devel mailing list
> 389-devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-devel
>
More information about the 389-devel
mailing list