[python-ldap] SASL + REALM

Martin Pfeifer martin.pfeifer at gmail.com
Sun Mar 23 19:54:52 CET 2014

Hi there,

i had a similar problem using SASL. After digging in the python-ldap code
and the header files of cyrus-sasl and openldap to understand what is going
on i found that the constant ldap.sasl.CB_GETREALM in python-ldap is set to
0x4007 but the sasl.h states that the callback id of CB_GETREALM is 0x4008.
I reassigned ldap.sasl.CB_GETREALM with 0x4008 in my script and that did
the trick. As of my understanding this is a bug in python-ldap and needs

Best regards
Martin Pfeifer

snippet from sasl.h
#define SASL_CB_GETREALM (0x4008) /* realm to attempt authentication in */

snippet from python-ldap/Lib/ldap/sasl.py
These are the SASL callback id's , as defined in sasl.h
CB_USER        = 0x4001
CB_AUTHNAME    = 0x4002
CB_LANGUAGE    = 0x4003
CB_PASS        = 0x4004
CB_GETREALM    = 0x4007 <-- this should be 0x4008
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20140323/6702d9f7/attachment.html>

More information about the python-ldap mailing list