Joe, After the TLS connection is established you need to set channel binding information to enable the secure -PLUS variants. sasl_channel_binding_t cb; // must be alive during authentication process. std::string sBinding; cb.name = "tls-server-end-point"; sBinding = m_sockData.GetTlsEndpoint(); cb.critical = true; cb.data = sBinding.data(); cb.len = sBinding.size(); sasl_setprop(conn, SASL_CHANNEL_BINDING, &cb); The draft of "IVI-6.5: SASL Mechanism Specification" shows an example of the implementation: GetTlsEndpoint() -Guido Quoting joseph.c...@non.keysight.com:
Could someone help point me how to enable SCRAM-SHA-256-PLUS when building the library? Here's what I've been doing: 1. successfully built and installed the library from the source code master branch. 2. run the newly built "pluginviewer -c", and it shows "SCRAM-SHA-256", but no "-PLUS" 3. also in my client side source code, calling "sasl_listmech() shows "SCRAM-SHA-256" as well, but no "-PLUS" 4. calling sasl_client_start() with "SCRAM-SHA-256-PLUS" returns un-successful What am I missing? Is there some other build config and/or runtime plugins needed to make the "-PLUS" enabled? Or do I need to supply client side application setups when calling sasl_clinet_init() and sasl_clinet_new()? --JC
------------------------------------------ Cyrus: Devel Permalink: https://cyrus.topicbox.com/groups/devel/T7a577e10324a8d04-Meba4a7f139238616b78a3e9d Delivery options: https://cyrus.topicbox.com/groups/devel/subscription
