Bug#977123: Aw: Re: Re: Bug#977123: ldapadd: simple authentication works without setting of -x
Quanah Gibson-Mount
quanah at symas.com
Tue Dec 15 19:55:09 GMT 2020
--On Tuesday, December 15, 2020 11:45 AM -0800 Quanah Gibson-Mount
<quanah at symas.com> wrote:
>
>
> --On Tuesday, December 15, 2020 7:06 PM +0100 Werner.Heuser at web.de wrote:
>
>> Hi Quanah,
>>
>> I just did a fresh install on another Debian 10 system and tried
>>
>> ldapdelete -D "cn=admin,dc=nodomain" -W "cn=admin,dc=nodomain" -n -v
>> ldap_initialize( <DEFAULT> )
>> Enter LDAP Password:
>> !deleting entry "cn=admin,dc=nodomain"
>
> Hi Werner,
>
> I was able to reproduce the behavior with ldapdelete, thanks. I'll
> consult with upstream, since it's not a Debian specific issue.
Hi Werner,
There is no bug here. If the -D option is supplied to the ldap utilities,
it immediately implies a simple bind, and the -x option is not required.
You can see this in the source code:
if (authmethod == -1 && protocol > LDAP_VERSION2) {
#ifdef HAVE_CYRUS_SASL
if ( binddn != NULL ) {
authmethod = LDAP_AUTH_SIMPLE;
} else {
authmethod = LDAP_AUTH_SASL;
}
#else
authmethod = LDAP_AUTH_SIMPLE;
#endif
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
More information about the Pkg-openldap-devel
mailing list