Hi,
I'm an openldap beginner and I've been experimenting with some simple openldap
examples. Essentially, I had some sample code that tried to initiate an
asynchronous bind to a slapd. My program made calls to the library using the
following functions in this order.
ldap_initialize(...);
ldap_sasl_bind(..., LDAP_SASL_SIMPLE, ...);
ldap_result(...);
// check ldap_result return code == -1 and result pointer != NULL
ldap_parse_sasl_bind_result(...);
// check ldap_parse_sasl_bind_result return code
ldap_unbind_ext(...);
The code appears to work with a correct DN and password. But strangely enough I
didn't get any errors either when I supplied an incorrect password. When I
inspect the packet traffic between the client and the slapd, the slapd responds
as expected to the two binds (invalid credentials -> incorrect password) and
(success -> correct password).
I spent hours debugging to no avail and then finally decided to try out
ldapwhoami which catches the invalid credentials... Looking at the source code
for ldapwhoami revealed that ldapwhoami uses ldap_parse_result when binding
with ldap_sasl_bind(LDAP_SASL_SIMPLE). This practice wasn't immediately obvious
to me.
My questions:
1. Does ldap_parse_sasl_bind_result work for processing responses to
ldap_sasl_bind(LDAP_SASL_SIMPLE)?
2. If the answer to (1.) is in fact no, wouldn't it be more intuitive to get
ldap_parse_sasl_bind_result to also handle the LDAP_SASL_SIMPLE case?
3. Is there a simple way to determine whether or not a response received in
ldap_result is a bind response to LDAP_SASL_SIMPLE or do I have to store my
bind request type and correlate this using the message id when the response
returns?
Thanks,
Lawrence
_________________________________________________________________
Reinvent how you stay in touch with the new Windows Live Messenger.
http://go.microsoft.com/?linkid=9650731
