Re: Authen::SASL::Cyrus and Net::LDAP

Thu, 08 Jul 2004 17:20:57 -0700



--On Thursday, July 08, 2004 4:50 PM -0700 Larry Lile <[EMAIL PROTECTED]> wrote:

compiled against. 

Right.  But my question goes more to the fact that Net::LDAP.pm calls

    $sasl_conn->property(
      sockname => $ldap->{net_ldap_socket}->sockname,
      peername => $ldap->{net_ldap_socket}->peername,
    );

That seems correct for SASLv1, but not for SASLv2.  Net::LDAP is
unaware of the SASL version.

So should Net::LDAP be aware of the SASL version and call
something like this when the SASL version is 2?

    $sasl_conn->property(
      iplocalport => $ldap->{net_ldap_host},
      ipremoteport => $ldap->{net_ldap_peer}),
    );


No, Net::LDAP doesn't need to be aware about the SASL bits at all.

You are confusing the sockname from SASL v1 with the internal sockname defined inside of Cyrus.so, which is created from the Cyrus.xs file from Authen::SASL::Cyrus (Patrick's version), which defines sockname based on the version of SASL, so that Net::LDAP doesn't have to have this knowledge.

See code below:

static
int PropertyNumber(char *name)
{
 if (!strcasecmp(name, "user"))          return SASL_USERNAME;
 else if (!strcasecmp(name, "ssf"))      return SASL_SSF;
 else if (!strcasecmp(name, "maxout"))   return SASL_MAXOUTBUF;
 else if (!strcasecmp(name, "optctx"))   return SASL_GETOPTCTX;
#ifdef SASL2
 else if (!strcasecmp(name, "realm"))    return SASL_DEFUSERREALM;
 else if (!strcasecmp(name, "iplocalport"))  return SASL_IPLOCALPORT;
 else if (!strcasecmp(name, "ipremoteport"))  return SASL_IPREMOTEPORT;
 else if (!strcasecmp(name, "service"))  return SASL_SERVICE;
 else if (!strcasecmp(name, "serverfqdn"))  return SASL_SERVERFQDN;
 else if (!strcasecmp(name, "authsource"))  return SASL_AUTHSOURCE;
 else if (!strcasecmp(name, "mechname"))  return SASL_MECHNAME;
 else if (!strcasecmp(name, "authuser"))  return SASL_AUTHUSER;
 else if (!strcasecmp(name, "sockname")) return SASL_IP_LOCAL;
 else if (!strcasecmp(name, "peername")) return SASL_IP_REMOTE;
#else
 else if (!strcasecmp(name, "realm"))    return SASL_REALM;
 else if (!strcasecmp(name, "iplocal"))  return SASL_IP_LOCAL;
 else if (!strcasecmp(name, "sockname")) return SASL_IP_LOCAL;
 else if (!strcasecmp(name, "ipremote")) return SASL_IP_REMOTE;
 else if (!strcasecmp(name, "peername")) return SASL_IP_REMOTE;
#endif


--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

Reply via email to