I am trying to use perl-ldap V0.32.02 (and perl-5.6.1) with SASL-EXTERNAL with LDAPS
and
certificates, but can't seem to get the SASL EXTERNAL method activated or recognized
(on
SunOneDS-5.2p2). This connectivity has been verified using JXplorer-3.1rc3, which is
able
to establish the SASL EXTERNAL method.
Other perl-ldap connections without SASL are working just fine.
Relevant code snippets:
my $sasl = Authen::SASL->new('EXTERNAL');
$ldapconn = Net::LDAPS->new($ldaphost, port => $ldapport, onerror => 'die',
clientcert => "<path>/sslclient.cert.pem",
clientkey => "<path>/sslclient.privkey.pem",
verify => 'require', capath => "$capath");
my $ldapbind = $ldapconn->bind(anonymous=>'empty', sasl=>$sasl, version=>3);
The SSL connection and certificate exchange and authentication work just
fine. The BIND authentication, however, never uses the SASL External method:
[22/Oct/2004:02:21:46 -0500] conn=33 op=0 msgId=1 - BIND dn="" method=128 version=3
[22/Oct/2004:02:21:46 -0500] conn=33 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0
etime=0 dn=""
