Re: Authen::SASL 2.13 infinite loop bug (resend?)

Fri, 12 Feb 2010 16:08:41 -0800 

On Feb 11, 2010, at 4:05 PM, Forrest Cahoon wrote:

> On Thu, Feb 11, 2010 at 2:47 PM, Graham Barr <[email protected]> wrote:
>> 
>> On Feb 11, 2010, at 10:59 AM, Forrest Cahoon wrote:
>> 
>>> Reinstalling 2.13 from CPAN and uncommenting the client_step sub
>>> worked, giving me the same results as I got with 2.12.
>> 
>> I do not understand why you are getting asked for the extra step though, as 
>> it should not happen.
>> 
>> Thats why the debug trace from Net::LDAP would be useful.
> 
> Oh, duh, I was thinking of the debug on SASL, which didn't seem to
> produce any output.  Here's what you're looking for:
> 
> Net::LDAP=HASH(0xc1b4c8) sending:
> 
> 30 2A 02 01 01 60 25 02 01 03 04 14 73 6E 3D 6D 0*...`%.....sn=m
> 73 69 53 63 72 69 70 74 73 2C 64 63 3D 44 54 43 siScripts,dc=DTC
> A3 0A 04 08 45 58 54 45 52 4E 41 4C __ __ __ __ ....EXTERNAL
> 
> 0000   42: SEQUENCE {
> 0002    1:   INTEGER = 1
> 0005   37:   [APPLICATION 0] {
> 0007    1:     INTEGER = 3
> 000A   20:     STRING = 'sn=msiScripts,dc=DTC'
> 0020   10:     [CONTEXT 3] {
> 0022    8:       STRING = 'EXTERNAL'
> 002C     :     }
> 002C     :   }
> 002C     : }
> Net::LDAP=HASH(0xc1b4c8) received:
> 
> 30 2A 02 01 01 61 25 0A 01 0E 04 00 04 1C 53 41 0*...a%.......SA
> 53 4C 28 30 29 3A 20 73 75 63 63 65 73 73 66 75 SL(0): successfu
> 6C 20 72 65 73 75 6C 74 3A 20 87 00 __ __ __ __ l result: ..
> 
> 0000   42: SEQUENCE {
> 0002    1:   INTEGER = 1
> 0005   37:   [APPLICATION 1] {
> 0007    1:     ENUM = 14
> 000A    0:     STRING = ''
> 000C   28:     STRING = 'SASL(0): successful result: '
> 002A    0:     [CONTEXT 7]
> 002C     :   }
> 002C     : }

Thats odd. It is responding that the SASL was a success, then the status code 
14 = LDAP_SASL_BIND_IN_PROGRESS

> Net::LDAP=HASH(0xd312f8) sending:
> 
> 30 2C 02 01 02 60 27 02 01 03 04 14 73 6E 3D 6D 0,...`'.....sn=m
> 73 69 53 63 72 69 70 74 73 2C 64 63 3D 44 54 43 siScripts,dc=DTC
> A3 0C 04 08 45 58 54 45 52 4E 41 4C 04 00 __ __ ....EXTERNAL..
> 
> 0000   44: SEQUENCE {
> 0002    1:   INTEGER = 2
> 0005   39:   [APPLICATION 0] {
> 0007    1:     INTEGER = 3
> 000A   20:     STRING = 'sn=msiScripts,dc=DTC'
> 0020   12:     [CONTEXT 3] {
> 0022    8:       STRING = 'EXTERNAL'
> 002C    0:       STRING = ''

Hm, odd that 2nd STRING was not in the first request. I wonder if thats why

In Net/LDAP.pm the bind sub we have

    $passwd = {
      mechanism   => $sasl_conn->mechanism,
      credentials => (length($initial) ? $initial : undef)
    };

what happens if you change that to be just  credentials => $initial,

Graham

Reply via email to