[EMAIL PROTECTED] wrote: > Full_Name: Steve Langasek > Version: 2.4.7 > OS: Debian > URL: http://people.ubuntu.com/~vorlon/sasl-cleartext-strncasecmp.patch > Submission from: (NULL) (2001:4830:1244:0:219:d2ff:fe76:2acb) > > > A regression was introduced in revision 1.239 of servers/slapd/sasl.c. > Previously, sasl_ap_lookup() would check for a leading string of {CLEARTEXT} > and > trim it from the userPassword value returned to SASL; but in revision 1.239, > the > strncasecmp() was replaced with ber_bvstrcasecmp() which instead looks for an > exact match of the whole string, causing passwords to be handed back to SASL > with the leading "{CLEARTEXT}" attached. > > The referenced patch is verified to correct this regression.
Thanks, this is now fixed in HEAD. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
