> On Fri, Mar 19, 2010 at 1:27 PM, <[email protected]> wrote: >>> Hi, >>> >>> I am still trying to make an sasl bind. Now I use ldap_sasl_bind_s >>> with 'CRAM-MD5'. The server sends a 'LDAP_SASL_BIND_IN_PROGRESS' back, >>> but as far as I can see the server cred are empty. How do I make the >>> next call with ldap_sasl_bind_s? >>> >>> In the documentation I have seen that the use of ldap_sasl_bind is not >>> recommended as client use, instead the ldap_sasl_interactive_bind_s >>> should be preferred. Has anyone a working example of how to use this >>> method, or some api doc? I have no clue how to set 'flags' the >>> LDAP_SASL_INTERACT_PROC, an the 'defaults' params.. >> >> You first say that you're using ldap_sasl_bind_s(), and then you note >> that >> ldap_sasl_bind() is not recommended. Do you realize that despite some >> similarities in the name, the two functions are profoundly different? >> By >> no means ldap_sasl_bind_s() can return LDAP_SASL_BIND_IN_PROGRESS. > > Yes, I know that those methods behave differently - as I have read in > the docs, I just search for the simplest alternative as possible for > ldap_simple_bind, since I have seen that the ldap_simple_bind methods > are deprecated. > > Nevertheless ldap_sasl_bind_s returns LDAP_SASL_BIND_IN_PROGRESS which > I understand as a challenge which should be returned back to the > server. This one seems to had a similiar issue: http://bit.ly/awT4D4 > > But I think I have to look at the examples for better understanding - > thx for the tip!
ldap_sasl_bind_s() can be used, passing LDAP_SASL_SIMPLE, in lieu of ldap_simple_bind_s(). ldap_sasl_interactive_bind_s(), only need to be used for those methods that require multiple steps; LDAP_SASL_BIND_IN_PROGRESS indicates that a further step is expected, which never happens when performing a simple bind. See the code snippet in slap_client_connect(), in servers/slapd/config.c for a complete example of how both functions can be used in the most complete form. p.
