Open ngarratt opened 1 year ago
Thank you for this submission. I intend to include it in the next release. Since you seem to have an interest in this library with GSSAPI/LDAP, I'd love it if you could look at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962968 and comment as to whether your change also fixes that issue.
Active Directory requires maxssf be 0 when using TLS. While it's possible to hand Net::LDAP a client connection instead of a subclass of Authen::SASL, that doesn't work when multiple LDAP servers need to be defined (HOST has to be defined separately for each one). So the workaround of calling client_new and then conn->property{maxssf =>} doesn't work, and that also doesn't support Authen::SASL::XS which currently provides no mechanism to set maxssf