From 3576aae09ea6a0d594c71d27b0edd3f7e2abd157 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Tue, 10 Jul 2007 22:52:19 +0000
Subject: [PATCH] Update the server's DIGEST-MD5 SASL mechanism handler so that it provides support for parsing the digest-uri element of the request.  By default, no parsing is performed and any digest-uri value will be accepted.  However, if the DIGEST-MD5 SASL mechanism handler is configured with the ds-cfg-server-fqdn attribute, then the digest-uri value will be expected to be "ldap/" followed by the value of that configuration attribute.

---
 opends/src/admin/defn/org/opends/server/admin/std/DigestMD5SASLMechanismHandlerConfiguration.xml |   32 +++++++++++++++++++++++++++++++-
 1 files changed, 31 insertions(+), 1 deletions(-)

diff --git a/opends/src/admin/defn/org/opends/server/admin/std/DigestMD5SASLMechanismHandlerConfiguration.xml b/opends/src/admin/defn/org/opends/server/admin/std/DigestMD5SASLMechanismHandlerConfiguration.xml
index c5866ce..2ba5eed 100644
--- a/opends/src/admin/defn/org/opends/server/admin/std/DigestMD5SASLMechanismHandlerConfiguration.xml
+++ b/opends/src/admin/defn/org/opends/server/admin/std/DigestMD5SASLMechanismHandlerConfiguration.xml
@@ -60,7 +60,7 @@
     <adm:description>
       Specifies the realm that should be used by the server for DIGEST-MD5
       authentication.  If this is not provided, then the server will default
-      to using a set of realm names that correspond to the defined suffixes. 
+      to using a set of realm names that correspond to the defined suffixes.
       Changes to this configuration attribute will take effect immediately.
     </adm:description>
     <adm:default-behavior>
@@ -102,5 +102,35 @@
       </ldap:attribute>
     </adm:profile>
   </adm:property>
+  <adm:property name="server-fqdn" mandatory="false">
+    <adm:synopsis>
+      Specifies the fully-qualified domain name for the system.  This is the
+      value expected to be present in the host field of the digest-uri-value
+      element.
+    </adm:synopsis>
+    <adm:description>
+      Specifies the DNS-resolvable fully-qualified domain name for the system.
+      If this is not provided, then the server will attempt to determine this
+      dynamically.  Changes to this configuration attribute will take effect
+      immediately.
+    </adm:description>
+    <adm:default-behavior>
+      <adm:alias>
+        <adm:synopsis>
+          The server will attempt to dynamically determine the fully-qualified
+          domain name.
+        </adm:synopsis>
+      </adm:alias>
+    </adm:default-behavior>
+    <adm:syntax>
+      <adm:string />
+    </adm:syntax>
+    <adm:profile name="ldap">
+      <ldap:attribute>
+        <ldap:oid>1.3.6.1.4.1.26027.1.1.115</ldap:oid>
+        <ldap:name>ds-cfg-server-fqdn</ldap:name>
+      </ldap:attribute>
+    </adm:profile>
+  </adm:property>
 </adm:managed-object>
 

--
Gitblit v1.10.0