> HI! > > Disclaimer: I'm not a C programmer. > > I'd like to evaluate response controls (e.g. ppolicy) also when doing a > SASL > bind. I'm using python-ldap which in turn uses OpenLDAP C API's function > ldap_sasl_interactive_bind_s(). But currently there's no way to extract > the > server's response controls. The server I'm testing with is returning the > ppolicy response control and others. > > I looked at clients/tools/common.c but it seems to me it also uses > ldap_sasl_interactive_bind_s() and no response controls are extracted. > > Do I have to use ldap_get_option(ld,LDAP_OPT_SERVER_CONTROLS) separately? > Does > that work?
Not sure about that. In clients/tools/common.c there is an example of using ldap_sasl_interactive_bind() asynchronously that purposely allows to extract controls information from the (last) response (e.g. related to ppolicy) since it gives access to the result of calling ldap_result(). Not sure about how this could be integrated in python-ldap; my suggestion, without looking at the code, would be to add/modify python-ldap's call to ldap_sasl_interactive_bind_s() to optionally give access to all results (resultCode, diagnostics, controls). p.
