Guilhem Moulin wrote: > On Wed, 29 Aug 2018 at 01:14:51 +0100, Howard Chu wrote: >> Thanks for the report. Looks like this has been present since commit >> 113727ba. Fixed now in git master > > Thanks for the quick fix! Not sure why rc's value is preserved here but > set to LDAP_INAPPROPRIATE_AUTH in all other failing cases, though. But > that doesn't seem to matter beside debug logs now showing a return value > other than 48, disclosing the actual reason of the failure; for instance > > <== slap_sasl_authorized: return 16 > SASL Proxy Authorize [conn=1022]: proxy authorization disallowed (16) > > for a missing authTo under authz-policy "all". > Probably not a bad thing overall, but for consistency it's now patched to set INAPPROPRIATE_AUTH as with the other cases.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
