Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora Directory (http://www.linux-archive.org/fedora-directory/)
-   -   SASL appname (http://www.linux-archive.org/fedora-directory/646312-sasl-appname.html)

Adam Bishop 03-19-2012 10:16 AM

SASL appname
 
Hello,

I'm trying to disable some SASL mechanisms (specifically EXTERNAL) as per the RH documentation:

http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/disabling-sasl-mech.html

It seems that EXTERNAL is not provided by a plugin (as far as I can see?) so I cannot use the first method, of relinking libraries.

I am now trying the second method (creating <appname>.conf with a mech_list), but I am stuck on what to call the .conf file.

Having a quick look at the source code, the SASL appname is not obvious - does anyone know what it is?

Thanks,

Adam Bishop

Janet is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

Adam Bishop 03-19-2012 02:32 PM

SASL appname
 
Following up my own question, I think I've found the right app name, but the settings are not being honoured.

I think "iDS" is the sasl app name:

result = sasl_server_init(ids_sasl_callbacks, "iDS");

This seems to function correctly, as shown by strace:

...
open("/usr/lib64/sasl2/iDS.conf", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=30, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9147794000
read(4, "mech_list: gssapi
", 4096) = 18
...

The contents of the file are:

mech_list: gssapi

However, the settings in that file do not seem to be honoured by 389:

0000: 00 30 50 30 4e 04 17 73 75 70 70 6f 72 74 65 64 .0P0N..supported
0010: 53 41 53 4c 4d 65 63 68 61 6e 69 73 6d 73 31 33 SASLMechanisms13
0020: 04 08 45 58 54 45 52 4e 41 4c 04 0a 44 49 47 45 ..EXTERNAL..DIGE
0030: 53 54 2d 4d 44 35 04 06 47 53 53 41 50 49 04 08 ST-MD5..GSSAPI..
0040: 43 52 41 4d 2d 4d 44 35 04 09 41 4e 4f 4e 59 4d CRAM-MD5..ANONYM
0050: 4f 55 53 OUS

Any ideas what I could be missing?

Thanks,

Adam Bishop

On 19 Mar 2012, at 11:16, Adam Bishop wrote:

> Hello,
>
> I'm trying to disable some SASL mechanisms (specifically EXTERNAL) as per the RH documentation:
>
> http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/disabling-sasl-mech.html
>
> It seems that EXTERNAL is not provided by a plugin (as far as I can see?) so I cannot use the first method, of relinking libraries.
>
> I am now trying the second method (creating <appname>.conf with a mech_list), but I am stuck on what to call the .conf file.
>
> Having a quick look at the source code, the SASL appname is not obvious - does anyone know what it is?
>
> Thanks,
>
> Adam Bishop
>
> Janet is a trading name of The JNT Association, a company limited
> by guarantee which is registered in England under No. 2881024
> and whose Registered Office is at Lumen House, Library Avenue,
> Harwell Oxford, Didcot, Oxfordshire. OX11 0SG
>
> --
> 389 users mailing list
> 389-users@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users


Janet is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users


All times are GMT. The time now is 01:43 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.