Thanks to Rich for reviewing the change. Pushed to master.
$ git merge work
Updating 008edfb..80fb1c7
Fast forward
ldap/servers/slapd/tools/ldclt/ldapfct.c | 53
+++++++++++++++++++----------
ldap/servers/slapd/tools/ldclt/ldclt.use | 2 +-
ldap/servers/slapd/tools/ldclt/ldcltU.c | 4 +-
3 files changed, 38 insertions(+), 21 deletions(-)
$ git push
Counting objects: 19, done.
Delta compression using 2 threads.
Compressing objects: 100% (10/10), done.
Writing objects: 100% (10/10), 1.61 KiB, done.
Total 10 (delta 8), reused 0 (delta 0)
To
ssh://git.fedorahosted.org/git/389/ds.git
008edfb..80fb1c7 master -> master
--noriko
On 01/13/2010 04:38 PM, Noriko Hosoi wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=555189
Fix proposal
https://bugzilla.redhat.com/attachment.cgi?id=383582&action=diff
Description of problem:
ldclt code is not passing the password correctly to ldap_sasl_bind_s.
The server receives NULL credential. Due to the default configuration:
nsslapd-allow-unauthenticated-binds: off
the unauthenticated bind fails.
Fix description
When "-e randombinddnfromfile=file" is given, bind dn and password pair
is retrieved from the file and is supposed to pass to ldap_sasl_bind_s.
Although the password was read from the file, but it was not set to the
berval "cred" which was passed to ldap_sasl_bind_s. Therefore, the
bind operation tried to bind with bind dn and NULL password, which now
fails since it's considered as an unauthenticated bind.
Also, a usage typo is being fixed.
--
389-devel mailing list
389-devel(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-devel