Re: libldap v3.3 referral bug on kerberized Modify operation

Gordon Good (ggood@netscape.com)
Tue, 09 Jul 1996 13:56:35 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jeff.Hodges@Stanford.EDU: "Re: libldap v3.3 referral bug on kerberized Modify operation"
Previous message: Jeff.Hodges@Stanford.EDU: "libldap v3.3 referral bug on kerberized Modify operation"
Maybe in reply to: Jeff.Hodges@Stanford.EDU: "libldap v3.3 referral bug on kerberized Modify operation"
Next in thread: Jeff.Hodges@Stanford.EDU: "Re: libldap v3.3 referral bug on kerberized Modify operation"

Jeff.Hodges@Stanford.EDU wrote:
>
> I've noticed that it looks like the libldap (i.e. the ldap client-side stub
> code) has a bug wherein if I bind (kerberized) to one of my slapd slaves, and
> attempt a modify, the slave returns a referral to my ldap stub pointing to the
> master. But in the subsequent bind to the master, my DN is left out of the bind
> info, and so I am not authenticated properly and the MOD operation is denied.

Jeff, clients need to use ldap_set_rebind_proc() in this case. See the ldap_bind man page.

I'm not sure if maX.500 does this, but xax500 definitely does not (it predates
ldap_set_rebind_proc's inclusion in the ldap library).

-- 
Gordon Good                          (opinions expressed here are mine, 
Netscape Communications Corp.         not necessarily my employer's)
Mountain View, CA

Next message: Jeff.Hodges@Stanford.EDU: "Re: libldap v3.3 referral bug on kerberized Modify operation"
Previous message: Jeff.Hodges@Stanford.EDU: "libldap v3.3 referral bug on kerberized Modify operation"
Maybe in reply to: Jeff.Hodges@Stanford.EDU: "libldap v3.3 referral bug on kerberized Modify operation"
Next in thread: Jeff.Hodges@Stanford.EDU: "Re: libldap v3.3 referral bug on kerberized Modify operation"