Permalink
Browse files

Ensure Bind.pm presents the final server response to the SASL module.

In the DIGEST-MD5 case, the final server SASL response is transported
in the final bindResponse indicating LDAP_SUCCESS.

Patch from Paul Kranenburg
  • Loading branch information...
1 parent 99a015e commit 1a3869c239a6482aad3e7e32ae82554d26092104 @gbarr gbarr committed Feb 10, 2008
Showing with 11 additions and 5 deletions.
  1. +11 −5 lib/Net/LDAP/Bind.pm
View
@@ -5,11 +5,12 @@
package Net::LDAP::Bind;
use strict;
-use Net::LDAP qw(LDAP_SASL_BIND_IN_PROGRESS LDAP_DECODING_ERROR LDAP_SUCCESS);
+use Net::LDAP qw(LDAP_SASL_BIND_IN_PROGRESS LDAP_DECODING_ERROR LDAP_SUCCESS
+ LDAP_LOCAL_ERROR);
use Net::LDAP::Message;
use vars qw(@ISA $VERSION);
-$VERSION = "1.02";
+$VERSION = "1.02_1";
@ISA = qw(Net::LDAP::Message);
sub _sasl_info {
@@ -27,6 +28,14 @@ sub decode {
my $sasl = $self->{sasl};
my $ldap = $self->parent;
+ my $resp;
+ if ($bind->{resultCode} == LDAP_SASL_BIND_IN_PROGRESS or
+ ($bind->{resultCode} == LDAP_SUCCESS and $bind->{serverSaslCreds})) {
+ $sasl or $self->set_error(LDAP_LOCAL_ERROR,"no sasl object"), return;
+ ($resp) = $sasl->client_step($bind->{serverSaslCreds})
+ or $self->set_error(LDAP_DECODING_ERROR,"LDAP decode error"), return;
+ }
+
$ldap->{net_ldap_socket} = $sasl->securesocket($ldap->{net_ldap_socket})
if $sasl and $bind->{resultCode} == LDAP_SUCCESS;
@@ -39,9 +48,6 @@ sub decode {
$self->{mesgid} = Net::LDAP::Message->NewMesgID(); # Get a new message ID
- my ($resp) = $sasl->client_step($bind->{serverSaslCreds})
- or $self->set_error(LDAP_DECODING_ERROR,"LDAP decode error"), return;
-
$self->encode(
bindRequest => {
version => $ldap->version,

0 comments on commit 1a3869c

Please sign in to comment.