Subject: | SASL & GSSAPI error |
Date: | Tue, 14 May 2013 14:03:34 -0400 |
To: | bug-Authen-SASL [...] rt.cpan.org |
From: | Craig Huckabee <huck [...] spawar.navy.mil> |
platform: RHEL6 x86_64
When using GSSAPI/SASL with Net::LDAP to perform a simple search on
RHEL6 x86_64, we get an error:
substr outside of string at /usr/share/perl5/Authen/SASL/Perl.pm line
284, <DATA> line 522.
This happens with the RedHat supplied Authen::SASL rpm as well as with
Authen::SASL 2.16 built from CPAN.
Target LDAP server shows the connection being made and the search being run.
Short example script that displays the error:
run kinit to get Kerberos credentials, then run:
#!/usr/bin/perl
use strict;
use warnings;
use Net::LDAP;
use Authen::SASL;
my $ldapbase = "dc=bar,dc=com";
my ( $name ) = @ARGV ;
print $name , "\n";
my $sasl = Authen::SASL->new(mechanism => 'GSSAPI' ) || die "$@";
my $ldap = Net::LDAP->new('myldap.bar.com') || die "$@";
my $msg = $ldap->bind( sasl => $sasl );
ldap_search($name);
sub ldap_search {
my ( $search ) = @_;
$msg = $ldap->search(
base => $ldapbase,
scope => "sub",
filter => "(|(uid=*$search*)(cn=*$search*))",
attr => ["uid"],
);
my %ldap_users;
for my $entry ( $msg->entries) {
my $uid = $entry->get_value( 'uid' );
$ldap_users{$uid} = $uid;
}
return %ldap_users;
}
Example output:
[root@ds-test huck]# ./testkrb.pl test
test
substr outside of string at /usr/share/perl5/Authen/SASL/Perl.pm line
284, <DATA> line 522.
Message body not shown because it is not plain text.