openldap-...@openldap.org wrote: > https://bugs.openldap.org/show_bug.cgi?id=10065 > > --- Comment #6 from Quanah Gibson-Mount <qua...@openldap.org> --- > Ok, I was incorrect about SASL/EXTERNAL although I swear I was told at one > point it doesn't require cyrus-sasl (which IMHO would be rather nice). > > Generally, the gist here is that it would be useful for the SASL SSF to be > propagated through to the end slapd server when haproxy protocol v2 is > enabled. > > I'd also note we use SASL/PLAIN at my current job, so Howard's definitely > incorrect. > By default, slapd disallows use of SASL/PLAIN. So either your current job isn't using OpenLDAP, or you've explicitly weakened its security properties in your config.
Regardless, support of SASL/PLAIN is certainly not a priority. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/