LDAP draft-wahl-ldap-session

Arran Cudbard-Bell a.cudbardb at freeradius.org
Tue Jun 23 20:25:21 CEST 2015 

> On Jun 23, 2015, at 12:59 PM, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
> 
>> 
>> On Jun 23, 2015, at 12:45 AM, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
>> 
>>> 
>>> On 22 Jun 2015, at 16:22, Michael Ströder <michael at stroeder.com> wrote:
>>> 
>>> Arran Cudbard-Bell wrote:
>>>> 
>>>>> On Jun 22, 2015, at 3:38 PM, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
>>>>> 
>>>>> 
>>>>>> On Jun 22, 2015, at 3:25 PM, Michael Ströder <michael at stroeder.com> wrote:
>>>>>> 
>>>>>> HI!
>>>>>> 
>>>>>> Recently I appreciated very much that some LDAP clients send the Session Track
>>>>>> Control [1] along with their LDAP requests. draft-wahl-ldap-session was
>>>>>> written especially with RADIUS in mind. Any chance to see this implemented?
>>>>> 
>>>>> So, what would be the session identifier in the case of Authentication (which is when rlm_ldap is being called)?
>>>> 
>>>> Looks like it'd be username... Weird.
>>>> I guess I can see the point.
>>> 
>>> Yes, I think so.
>>> 
>>>> Are you sure OpenLDAP implements the server portion of this?
>>> 
>>> Yes!
>>> 
>>> I also make use of it in my web2ldap and in a password self-service
>>> application. It's nice to see the browser IP getting logged in syslog and even
>>> in the accesslog DB (when using slapo-accesslog).
>> 
>> OK. Get to testing. v3.1.x branch only. Be sure to run at least 10k requests through it
>> to check for memory leaks.
> 
> Looks like older versions of libldap had a messed up declaration in ldap.h. I've added a work around for it, so if it previously didn't build, it should now.

They didn't constify the formatOID argument, so you need to assign the preprocessor macros to non-const buffers to use them, wow...

It's getting added to the list... Perl, anything related in any way to GNU, and libldap. They all need to die in fire.

-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150623/2b5872c0/attachment.sig>

More information about the Freeradius-Users mailing list