Package: shelldap
Version: 1.4.0-4
Severity: normal
Hello,
when calling shelldap repeatedly it sometimes fails for me and sometimes
succeeds in entering the shell:
user@host:~# shelldap
LDAP bind error: No password, did you mean noauth or anonymous ?
user@host:~# shelldap
~ >
The problem is that in /usr/share/perl5/Net/LDAP.pm in the bind() method
the iteration through %ptype happens in different orderings. If
password => simple
is hit first it dies with the above error message. If however
sasl => sasl
is tried first, it succeeds.
The following patch makes it work for me:
diff --git a/shelldap b/shelldap
index 68dde20cc8de..5a18f23799f0 100755
--- a/shelldap
+++ b/shelldap
@@ -770,7 +770,6 @@ You may try connecting insecurely, or install the module
and try again.\n} if $@
#
if ( $sasl_conn ) {
$rv = $ldap->bind( $conf->{'binddn'},
- password => $conf->{'bindpass'},
sasl => $sasl_conn
);
}
I *think* you never need a password when using sasl, but I'm not 100%
confident, so I'm not tagging with "patch". I didn't try with shelldap
1.5.0-2 from sid, but there also both sasl and password are passed, so I
expect the problem to still exist there.
Best regards
Uwe
-- System Information:
Debian Release: 10.0
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages shelldap depends on:
ii libalgorithm-diff-perl 1.19.03-2
ii libnet-ldap-perl 1:0.6500+dfsg-1
ii libterm-readkey-perl 2.38-1
ii libterm-readline-gnu-perl 1.36-1
ii libterm-shell-perl 0.10-1
ii libyaml-syck-perl 1.31-1+b1
ii perl 5.28.1-6
Versions of packages shelldap recommends:
pn libio-socket-ssl-perl <none>
Versions of packages shelldap suggests:
ii libauthen-sasl-perl 2.1600-1
-- no debconf information
