On Tue, Jul 23, 2013 at 11:53 AM, Albe Laurenz <laurenz.albe@wien.gv.at> wrote:
> Magnus Hagander wrote:
>> In that case, doesn't this patch break Windows? We no longer do the
>> anonymous bind on Windows, since it's now in the #ifdef HAVE_LIBLDAP.
>>
>> Don't we need to keep the ldap_simple_bind() call in the Windows case,
>> or break it up so the call to ldap_sasl_bind_s() is moved outside the
>> #ifdef? At least I can't find anything in the docs that indicate that
>> ldap_connect() on Windows would actually call that for us - only the
>> other way around?
>
>
> This patch works for the Windows case, because ldap_connect performs
> an anonymous bind, see
> http://msdn.microsoft.com/en-us/library/windows/desktop/aa366171%28v=vs.85%29.aspx
>
> If the call to ldap_connect succeeds, the client is connected
> to the LDAP server as an anonymous user. The session handle
> should be freed with a call to ldap_unbind when it is no longer required.
>
>> I'm going to set this patch as returned with feedback for now, but
>> please feel free to comment on above and possibly resubmit if
>> necessary before the CF and I'll see if I can deal with it before the
>> next CF anyway, as it's a bug fix.
>
> The patch should still be good, but if we keep the deprecated
> OpenLDAP API, it might be more consistent to use ldap_simple_bind_s
> instead of ldap_sasl_bind_s.
>
> If you agree, I'll change that.
Sorry, you got this one in just as my vacation started.
Yes, I agree with that. So please do.
-- Magnus HaganderMe: http://www.hagander.net/Work: http://www.redpill-linpro.com/