diff -Naurb openldap-jldap/com/novell/ldap/Connection.java openldap-jldap-saslwrap/com/novell/ldap/Connection.java --- openldap-jldap/com/novell/ldap/Connection.java 2009-07-06 02:43:38.000000000 -0400 +++ openldap-jldap-saslwrap/com/novell/ldap/Connection.java 2009-07-07 23:06:35.000000000 -0400 @@ -736,6 +737,66 @@ LDAPException.CONNECT_ERROR, null,new IOException()); } +public com.novell.security.sasl.SaslClient sasl = null; + +class SaslInputStream extends InputStream +{ + + InputStream in; + com.novell.security.sasl.SaslClient saslClient; + byte[] b; + byte[] buf = null; + int bi = 0; + + SaslInputStream(InputStream in, com.novell.security.sasl.SaslClient saslClient) + { + this.in = in; + this.saslClient = saslClient; + b = new byte[1]; + } + + public int read() throws IOException + { + read(b, 0, 1); + return b[0] & 0xFF; + } + public int read(byte[] dst) throws IOException + { + return read(dst, 0, dst.length); + } + public int read(byte[] dst, int off, int len) throws IOException + { + if (buf == null || bi == buf.length) { + byte[] tmp = new byte[4]; + int n; + +if (buf == null) { + // off by one error somewhere + tmp[0] = (byte)0x00; + in.read(tmp, 1, 3); +} else { + in.read(tmp); +} + n = ((tmp[0] & 0xFF) << 24) | ((tmp[1] & 0xFF) << 16) | ((tmp[2] & 0xFF) << 8) | (tmp[3] & 0xFF); + + tmp = new byte[n]; + for (int i = 0; i < n; ) + i += in.read(tmp, i, n - i); + +System.out.println("n=" + n); + buf = saslClient.unwrap(tmp, 0, n); + bi = 0; + } + + if (len > (buf.length - bi)) + len = buf.length - bi; + + System.arraycopy(dst, off, buf, bi, len); + + return len; + } +} + /** * Writes an LDAPMessage to the LDAP server over a socket. * @@ -768,6 +829,23 @@ throw new IOException("Output stream not initialized"); } byte[] ber = msg.getASN1Object().getEncoding(encoder); + +if (sasl != null) { + ber = sasl.wrap(ber, 0, ber.length); + byte[] tmp = new byte[4 + ber.length]; + tmp[0] = (byte)((ber.length >> 24) & 0xFF); + tmp[1] = (byte)((ber.length >> 16) & 0xFF); + tmp[2] = (byte)((ber.length >> 8) & 0xFF); + tmp[3] = (byte)(ber.length & 0xFF); + System.arraycopy(ber, 0, tmp, 4, ber.length); + ber = tmp; + + if (!(in instanceof SaslInputStream)) + in = new SaslInputStream(in, sasl); +} + +System.out.println("length=" + ber.length); + myOut.write(ber, 0, ber.length); myOut.flush(); } catch( IOException ioe) { diff -Naurb openldap-jldap/com/novell/ldap/LDAPConnection.java openldap-jldap-saslwrap/com/novell/ldap/LDAPConnection.java --- openldap-jldap/com/novell/ldap/LDAPConnection.java 2009-07-06 02:02:13.000000000 -0400 +++ openldap-jldap-saslwrap/com/novell/ldap/LDAPConnection.java 2009-07-07 21:17:02.000000000 -0400 @@ -1793,7 +1793,7 @@ clientResponse = saslClient.evaluateChallenge(new byte[0]); } - while(!saslClient.isComplete()) + while(clientResponse != null) { try { @@ -1801,6 +1801,10 @@ clientResponse, saslClient.getMechanismName(), bindProps); + if (replyBuf.length == 0) + replyBuf = null; + + clientResponse = null; if(replyBuf!=null) { @@ -1811,8 +1815,7 @@ } clientResponse = saslClient.evaluateChallenge( replyBuf); - } - else + } else if (!saslClient.isComplete()) { if( Debug.LDAP_DEBUG) { Debug.trace( Debug.saslBind, name + @@ -1839,6 +1842,7 @@ if( Debug.LDAP_DEBUG) { Debug.trace( Debug.saslBind, name + "saslBind Complete"); } +conn.sasl = saslClient; } catch (SaslException eSasl) {