Bug 1817054

Summary: RFE: support for Channel Bindings in SASL/GSSAPI
Product: Red Hat Enterprise Linux 8 Reporter: Simo Sorce <ssorce>
Component: cyrus-saslAssignee: Simo Sorce <ssorce>
Status: CLOSED ERRATA QA Contact: Ivan Nikolchev <inikolch>
Severity: medium Docs Contact: Jacob Taylor Valdez <jvaldez>
Priority: high    
Version: 8.3CC: inikolch, lmanasko, pasik, szidek
Target Milestone: rcKeywords: FutureFeature, Triaged
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
.*Cyrus* `SASL` now supports channel bindings with the `SASL/GSSAPI` and `SASL/GSS-SPNEGO` plug-ins This update adds support for channel bindings with the `SASL/GSSAPI` and `SASL/GSS-SPNEGO` plug-ins. As a result, when used in the `openldap` libraries, this feature enables *Cyrus* `SASL` to maintain compatibility with and access to Microsoft Active Directory and Microsoft Windows systems which are introducing mandatory channel binding for LDAP connections.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 01:47:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Simo Sorce 2020-03-25 13:41:11 UTC 
Cyrus SASL needs to support Channel Bindigns with SASL/GSSAPI and SASL/GSS-SPNEGO plugins for Windows AD compatibility.
Comment 7 Simo Sorce 2020-07-22 18:13:04 UTC 
Done,
HTH.

This change has landed in an errata long ago, so it will make beta.

Let me know if you need any more info.

Simo.
Comment 9 Simo Sorce 2020-07-27 13:11:18 UTC 
Sounds good to me
Comment 11 Simo Sorce 2020-07-27 17:04:05 UTC 
Uhm re-reading I would change the following:
  plug-ins in the `openldap` libraries. As a result, *Cyrus* `SASL` maintains
to:
  plug-ins. As a result, when used in the `openldap` libraries, this feature allows to retain
Comment 13 Simo Sorce 2020-07-27 17:45:38 UTC 
Looks good
Comment 16 errata-xmlrpc 2020-11-04 01:47:40 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: cyrus-sasl security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4497