]> git.sur5r.net Git - openldap/commitdiff
Expose sasl flags to -lldap (so they can be quiet)
authorKurt Zeilenga <kurt@openldap.org>
Mon, 17 Jul 2000 21:23:59 +0000 (21:23 +0000)
committerKurt Zeilenga <kurt@openldap.org>
Mon, 17 Jul 2000 21:23:59 +0000 (21:23 +0000)
Fix interactive and automatic modes.  Quiet needs work.

clients/tools/ldapdelete.c
clients/tools/ldapmodify.c
clients/tools/ldapmodrdn.c
clients/tools/ldappasswd.c
clients/tools/ldapsearch.c
include/ldap.h
include/lutil_ldap.h
libraries/libldap/cyrus.c
libraries/libldap/ldap-int.h
libraries/libldap/sasl.c
libraries/liblutil/sasl.c

index ef9f94245f4d86de86dda46896ef8b97239b4eb7..1f7ec530eca9dd1cc35fdec3e0fef87fb94ec02a 100644 (file)
@@ -27,7 +27,7 @@ static char   *ldaphost = NULL;
 static int     ldapport = 0;
 static int     prune = 0;
 #ifdef HAVE_CYRUS_SASL
-static unsigned sasl_flags = LUTIL_SASL_AUTOMATIC;
+static unsigned sasl_flags = LDAP_SASL_AUTOMATIC;
 static char    *sasl_mech = NULL;
 static char *sasl_realm = NULL;
 static char    *sasl_authc_id = NULL;
@@ -142,6 +142,28 @@ main( int argc, char **argv )
                }
            ldaphost = strdup( optarg );
            break;
+       case 'I':
+#ifdef HAVE_CYRUS_SASL
+               if( version == LDAP_VERSION2 ) {
+                       fprintf( stderr, "%s: -I incompatible with version %d\n",
+                               prog, version );
+                       return EXIT_FAILURE;
+               }
+               if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) {
+                       fprintf( stderr, "%s: incompatible previous "
+                               "authentication choice\n",
+                               prog );
+                       return EXIT_FAILURE;
+               }
+               authmethod = LDAP_AUTH_SASL;
+               version = LDAP_VERSION3;
+               sasl_flags = LDAP_SASL_INTERACTIVE;
+               break;
+#else
+               fprintf( stderr, "%s: was not compiled with SASL support\n",
+                       prog );
+               return( EXIT_FAILURE );
+#endif
        case 'k':       /* kerberos bind */
 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
                if( version > LDAP_VERSION2 ) {
@@ -265,7 +287,8 @@ main( int argc, char **argv )
                }
                authmethod = LDAP_AUTH_SASL;
                version = LDAP_VERSION3;
-               sasl_flags = LUTIL_SASL_QUIET;
+               sasl_flags = LDAP_SASL_QUIET;
+               break;
 #else
                fprintf( stderr, "%s: was not compiled with SASL support\n",
                        prog );
@@ -507,7 +530,7 @@ main( int argc, char **argv )
                        }
                }
                
-               defaults = lutil_sasl_defaults( ld, sasl_flags,
+               defaults = lutil_sasl_defaults( ld,
                        sasl_mech,
                        sasl_realm,
                        sasl_authc_id,
@@ -516,7 +539,7 @@ main( int argc, char **argv )
 
                rc = ldap_sasl_interactive_bind_s( ld, binddn,
                        sasl_mech, NULL, NULL,
-                       lutil_sasl_interact, defaults );
+                       sasl_flags, lutil_sasl_interact, defaults );
 
                if( rc != LDAP_SUCCESS ) {
                        ldap_perror( ld, "ldap_sasl_interactive_bind_s" );
index e5a2af05f24a99f923a21056ff1de083e371d766..a57c5852e50fb7b1ea22c2914a1763fe7619fbee 100644 (file)
@@ -39,7 +39,7 @@ static struct berval passwd = { 0, NULL };
 static char    *ldaphost = NULL;
 static int     ldapport = 0;
 #ifdef HAVE_CYRUS_SASL
-static unsigned sasl_flags = LUTIL_SASL_AUTOMATIC;
+static unsigned sasl_flags = LDAP_SASL_AUTOMATIC;
 static char *sasl_realm = NULL;
 static char    *sasl_authc_id = NULL;
 static char    *sasl_authz_id = NULL;
@@ -200,6 +200,28 @@ main( int argc, char **argv )
                }
            ldaphost = strdup( optarg );
            break;
+       case 'I':
+#ifdef HAVE_CYRUS_SASL
+               if( version == LDAP_VERSION2 ) {
+                       fprintf( stderr, "%s: -I incompatible with version %d\n",
+                               prog, version );
+                       return EXIT_FAILURE;
+               }
+               if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) {
+                       fprintf( stderr, "%s: incompatible previous "
+                               "authentication choice\n",
+                               prog );
+                       return EXIT_FAILURE;
+               }
+               authmethod = LDAP_AUTH_SASL;
+               version = LDAP_VERSION3;
+               sasl_flags = LDAP_SASL_INTERACTIVE;
+               break;
+#else
+               fprintf( stderr, "%s: was not compiled with SASL support\n",
+                       prog );
+               return( EXIT_FAILURE );
+#endif
        case 'k':       /* kerberos bind */
 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
                if( version > LDAP_VERSION2 ) {
@@ -323,7 +345,8 @@ main( int argc, char **argv )
                }
                authmethod = LDAP_AUTH_SASL;
                version = LDAP_VERSION3;
-               sasl_flags = LUTIL_SASL_QUIET;
+               sasl_flags = LDAP_SASL_QUIET;
+               break;
 #else
                fprintf( stderr, "%s: was not compiled with SASL support\n",
                        prog );
@@ -571,7 +594,7 @@ main( int argc, char **argv )
                        }
                }
                
-               defaults = lutil_sasl_defaults( ld, sasl_flags,
+               defaults = lutil_sasl_defaults( ld,
                        sasl_mech,
                        sasl_realm,
                        sasl_authc_id,
@@ -580,7 +603,7 @@ main( int argc, char **argv )
 
                rc = ldap_sasl_interactive_bind_s( ld, binddn,
                        sasl_mech, NULL, NULL,
-                       lutil_sasl_interact, defaults );
+                       sasl_flags, lutil_sasl_interact, defaults );
 
                if( rc != LDAP_SUCCESS ) {
                        ldap_perror( ld, "ldap_sasl_interactive_bind_s" );
index 101a651c65bda8916ef44de37b07353bfc27b340..d30815bafc2d99c9c6b29bdac95842f168bce287 100644 (file)
@@ -37,7 +37,7 @@ static struct berval passwd = { 0, NULL };
 static char    *ldaphost = NULL;
 static int     ldapport = 0;
 #ifdef HAVE_CYRUS_SASL
-static unsigned sasl_flags = LUTIL_SASL_AUTOMATIC;
+static unsigned sasl_flags = LDAP_SASL_AUTOMATIC;
 static char *sasl_realm = NULL;
 static char    *sasl_authc_id = NULL;
 static char    *sasl_authz_id = NULL;
@@ -161,6 +161,28 @@ main(int argc, char **argv)
                }
            ldaphost = strdup( optarg );
            break;
+       case 'I':
+#ifdef HAVE_CYRUS_SASL
+               if( version == LDAP_VERSION2 ) {
+                       fprintf( stderr, "%s: -I incompatible with version %d\n",
+                               prog, version );
+                       return EXIT_FAILURE;
+               }
+               if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) {
+                       fprintf( stderr, "%s: incompatible previous "
+                               "authentication choice\n",
+                               prog );
+                       return EXIT_FAILURE;
+               }
+               authmethod = LDAP_AUTH_SASL;
+               version = LDAP_VERSION3;
+               sasl_flags = LDAP_SASL_INTERACTIVE;
+               break;
+#else
+               fprintf( stderr, "%s: was not compiled with SASL support\n",
+                       prog );
+               return( EXIT_FAILURE );
+#endif
        case 'k':       /* kerberos bind */
 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
                if( version > LDAP_VERSION2 ) {
@@ -284,7 +306,8 @@ main(int argc, char **argv)
                }
                authmethod = LDAP_AUTH_SASL;
                version = LDAP_VERSION3;
-               sasl_flags = LUTIL_SASL_QUIET;
+               sasl_flags = LDAP_SASL_QUIET;
+               break;
 #else
                fprintf( stderr, "%s: was not compiled with SASL support\n",
                        prog );
@@ -541,7 +564,7 @@ main(int argc, char **argv)
                        }
                }
                
-               defaults = lutil_sasl_defaults( ld, sasl_flags,
+               defaults = lutil_sasl_defaults( ld,
                        sasl_mech,
                        sasl_realm,
                        sasl_authc_id,
@@ -550,7 +573,7 @@ main(int argc, char **argv)
 
                rc = ldap_sasl_interactive_bind_s( ld, binddn,
                        sasl_mech, NULL, NULL,
-                       lutil_sasl_interact, defaults );
+                       sasl_flags, lutil_sasl_interact, defaults );
 
                if( rc != LDAP_SUCCESS ) {
                        ldap_perror( ld, "ldap_sasl_interactive_bind_s" );
index be5f5d1b11f91f2da6408822be49e5c2f9027745..f3dc98047c86e135531343c10183bf4503e738d9 100644 (file)
@@ -87,7 +87,7 @@ main( int argc, char *argv[] )
        int             authmethod = -1;
        int             manageDSAit = 0;
 #ifdef HAVE_CYRUS_SASL
-       unsigned        sasl_flags = LUTIL_SASL_AUTOMATIC;
+       unsigned        sasl_flags = LDAP_SASL_AUTOMATIC;
        char            *sasl_realm = NULL;
        char            *sasl_authc_id = NULL;
        char            *sasl_authz_id = NULL;
@@ -167,6 +167,28 @@ main( int argc, char *argv[] )
                }
            ldaphost = strdup( optarg );
            break;
+       case 'I':
+#ifdef HAVE_CYRUS_SASL
+               if( version == LDAP_VERSION2 ) {
+                       fprintf( stderr, "%s: -I incompatible with version %d\n",
+                               prog, version );
+                       return EXIT_FAILURE;
+               }
+               if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) {
+                       fprintf( stderr, "%s: incompatible previous "
+                               "authentication choice\n",
+                               prog );
+                       return EXIT_FAILURE;
+               }
+               authmethod = LDAP_AUTH_SASL;
+               version = LDAP_VERSION3;
+               sasl_flags = LDAP_SASL_INTERACTIVE;
+               break;
+#else
+               fprintf( stderr, "%s: was not compiled with SASL support\n",
+                       prog );
+               return( EXIT_FAILURE );
+#endif
        case 'k':       /* kerberos bind */
 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
                if( version > LDAP_VERSION2 ) {
@@ -290,7 +312,8 @@ main( int argc, char *argv[] )
                }
                authmethod = LDAP_AUTH_SASL;
                version = LDAP_VERSION3;
-               sasl_flags = LUTIL_SASL_QUIET;
+               sasl_flags = LDAP_SASL_QUIET;
+               break;
 #else
                fprintf( stderr, "%s: was not compiled with SASL support\n",
                        prog );
@@ -566,7 +589,7 @@ main( int argc, char *argv[] )
                        }
                }
                
-               defaults = lutil_sasl_defaults( ld, sasl_flags,
+               defaults = lutil_sasl_defaults( ld,
                        sasl_mech,
                        sasl_realm,
                        sasl_authc_id,
@@ -575,7 +598,7 @@ main( int argc, char *argv[] )
 
                rc = ldap_sasl_interactive_bind_s( ld, binddn,
                        sasl_mech, NULL, NULL,
-                       lutil_sasl_interact, defaults );
+                       sasl_flags, lutil_sasl_interact, defaults );
 
                if( rc != LDAP_SUCCESS ) {
                        ldap_perror( ld, "ldap_sasl_interactive_bind_s" );
index 01f0510584a35ff1415a75ba9e1833920ef3d916..fb894fd258968ef045c323b60e9669e2349a98ca 100644 (file)
@@ -47,7 +47,7 @@ usage( const char *s )
 "\t\t+   -- all operational attributes\n"
 
 "Search options:\n"
-"\t-a deref\tdereference aliases: never (default), always, search, or find\n"
+"\t-a deref\tone of never (default), always, search, or find\n"
 "\t-A\t\tretrieve attribute names only (no values)\n"
 "\t-b basedn\tbase dn for search\n"
 "\t-l limit\ttime limit (in seconds) for search\n"
@@ -146,7 +146,7 @@ static char *base = NULL;
 static char    *ldaphost = NULL;
 static int     ldapport = 0;
 #ifdef HAVE_CYRUS_SASL
-static unsigned sasl_flags = LUTIL_SASL_AUTOMATIC;
+static unsigned sasl_flags = LDAP_SASL_AUTOMATIC;
 static char    *sasl_realm = NULL;
 static char    *sasl_authc_id = NULL;
 static char    *sasl_authz_id = NULL;
@@ -270,6 +270,28 @@ main( int argc, char **argv )
                }
            ldaphost = strdup( optarg );
            break;
+       case 'I':
+#ifdef HAVE_CYRUS_SASL
+               if( version == LDAP_VERSION2 ) {
+                       fprintf( stderr, "%s: -I incompatible with version %d\n",
+                               prog, version );
+                       return EXIT_FAILURE;
+               }
+               if( authmethod != -1 && authmethod != LDAP_AUTH_SASL ) {
+                       fprintf( stderr, "%s: incompatible previous "
+                               "authentication choice\n",
+                               prog );
+                       return EXIT_FAILURE;
+               }
+               authmethod = LDAP_AUTH_SASL;
+               version = LDAP_VERSION3;
+               sasl_flags = LDAP_SASL_INTERACTIVE;
+               break;
+#else
+               fprintf( stderr, "%s: was not compiled with SASL support\n",
+                       prog );
+               return( EXIT_FAILURE );
+#endif
        case 'k':       /* kerberos bind */
 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
                if( version > LDAP_VERSION2 ) {
@@ -393,7 +415,8 @@ main( int argc, char **argv )
                }
                authmethod = LDAP_AUTH_SASL;
                version = LDAP_VERSION3;
-               sasl_flags = LUTIL_SASL_QUIET;
+               sasl_flags = LDAP_SASL_QUIET;
+               break;
 #else
                fprintf( stderr, "%s: was not compiled with SASL support\n",
                        prog );
@@ -698,7 +721,7 @@ main( int argc, char **argv )
                        }
                }
                
-               defaults = lutil_sasl_defaults( ld, sasl_flags,
+               defaults = lutil_sasl_defaults( ld,
                        sasl_mech,
                        sasl_realm,
                        sasl_authc_id,
@@ -707,7 +730,7 @@ main( int argc, char **argv )
 
                rc = ldap_sasl_interactive_bind_s( ld, binddn,
                        sasl_mech, NULL, NULL,
-                       lutil_sasl_interact, defaults );
+                       sasl_flags, lutil_sasl_interact, defaults );
 
                if( rc != LDAP_SUCCESS ) {
                        ldap_perror( ld, "ldap_sasl_interactive_bind_s" );
index 7162cc9063868322fcc66d5973901a95d84ded8f..540e095930675e1f66deae4b921f68a1bc6c9508 100644 (file)
@@ -695,10 +695,22 @@ ldap_sasl_bind LDAP_P((
        LDAPControl             **clientctrls,
        int                             *msgidp ));
 
-/* V3 SASL Interaction Function Callback Prototype */
-/*     when using Cyrus SASL, interact is pointer to sasl_interact_t */
+/* Interaction flags (should be passed about in a control)
+ *  Automatic (default): use defaults, prompt otherwise
+ *  Interactive: prompt always
+ *  Quiet: never prompt
+ */
+#define LDAP_SASL_AUTOMATIC            0U
+#define LDAP_SASL_INTERACTIVE  1U
+#define LDAP_SASL_QUIET                        2U
+
+/*
+ * V3 SASL Interaction Function Callback Prototype
+ *     when using Cyrus SASL, interact is pointer to sasl_interact_t
+ *  should likely passed in a control (and provided controls)
+ */
 typedef int (LDAP_SASL_INTERACT_PROC) LDAP_P((
-       LDAP *ld, void* defaults, void *interact ));
+       LDAP *ld, unsigned flags, void* defaults, void *interact ));
 
 LDAP_F( int )
 ldap_sasl_interactive_bind_s LDAP_P((
@@ -707,6 +719,9 @@ ldap_sasl_interactive_bind_s LDAP_P((
        LDAP_CONST char *saslMechanism,
        LDAPControl **serverControls,
        LDAPControl **clientControls,
+
+       /* should be client controls */
+       unsigned flags,
        LDAP_SASL_INTERACT_PROC *proc,
        void *defaults ));
 
index 0c5467c0e5284bdcf18b62060e3fff54cb8624b0..87e00c756254f74980a01752a1e52f2794c8b8bd 100644 (file)
 
 LDAP_BEGIN_DECL
 
-/*
- * Automatic (default): use defaults, prompt otherwise
- * Interactive: prompt always
- * Quiet: never prompt
- */
-#define LUTIL_SASL_AUTOMATIC   0U
-#define LUTIL_SASL_INTERACTIVE 1U
-#define LUTIL_SASL_QUIET               2U
-
 LDAP_LUTIL_F( void * )
 lutil_sasl_defaults LDAP_P((
        LDAP *ld,
-       unsigned flags,
        char *mech,
        char *realm,
        char *authcid,
@@ -42,7 +32,7 @@ lutil_sasl_defaults LDAP_P((
 
 LDAP_LUTIL_F( int )
 lutil_sasl_interact LDAP_P((
-       LDAP *ld, void *defaults, void *p ));
+       LDAP *ld, unsigned flags, void *defaults, void *p ));
 
 LDAP_END_DECL
 
index c6058fca2a2488bc9e57028229442dda5576f364..3349fc994217fe0f76a2d9c75f9b06fc851b55d3 100644 (file)
@@ -455,6 +455,7 @@ ldap_int_sasl_bind(
        const char              *mechs,
        LDAPControl             **sctrls,
        LDAPControl             **cctrls,
+       unsigned                flags,
        LDAP_SASL_INTERACT_PROC *interact,
        void * defaults )
 {
@@ -519,14 +520,16 @@ ldap_int_sasl_bind(
                if( pmech == NULL && mech != NULL ) {
                        pmech = mech;
 
-                       fprintf(stderr,
-                               "SASL/%s authentication started\n",
-                               pmech );
+                       if( flags != LDAP_SASL_QUIET ) {
+                               fprintf(stderr,
+                                       "SASL/%s authentication started\n",
+                                       pmech );
+                       }
                }
 
                if( saslrc == SASL_INTERACT ) {
                        if( !interact ) break;
-                       rc = (interact)( ld, defaults, prompts );
+                       rc = (interact)( ld, flags, defaults, prompts );
                        if( rc != LDAP_SUCCESS ) {
                                break;
                        }
@@ -575,7 +578,7 @@ ldap_int_sasl_bind(
                        if( saslrc == SASL_INTERACT ) {
                                int res;
                                if( !interact ) break;
-                               res = (interact)( ld, defaults, prompts );
+                               rc = (interact)( ld, flags, defaults, prompts );
                                if( res != LDAP_SUCCESS ) {
                                        break;
                                }
@@ -595,24 +598,30 @@ ldap_int_sasl_bind(
 
        /* likely should add a quiet option */
 
-       saslrc = sasl_getprop( ctx, SASL_USERNAME, (void **) &data );
-       if( saslrc == SASL_OK ) {
-               fprintf( stderr, "SASL username: %s\n", data );
-       }
+       if( flags != LDAP_SASL_QUIET ) {
+               saslrc = sasl_getprop( ctx, SASL_USERNAME, (void **) &data );
+               if( saslrc == SASL_OK ) {
+                       fprintf( stderr, "SASL username: %s\n", data );
+               }
 
-       saslrc = sasl_getprop( ctx, SASL_REALM, (void **) &data );
-       if( saslrc == SASL_OK ) {
-               fprintf( stderr, "SASL realm: %s\n", data );
+               saslrc = sasl_getprop( ctx, SASL_REALM, (void **) &data );
+               if( saslrc == SASL_OK ) {
+                       fprintf( stderr, "SASL realm: %s\n", data );
+               }
        }
 
        saslrc = sasl_getprop( ctx, SASL_SSF, (void **) &ssf );
        if( saslrc == SASL_OK ) {
-               fprintf( stderr, "SASL SSF: %lu\n",
-                       (unsigned long) *ssf );
+               if( flags != LDAP_SASL_QUIET ) {
+                       fprintf( stderr, "SASL SSF: %lu\n",
+                               (unsigned long) *ssf );
+               }
 
 #ifdef LDAP_SASL_SECURITY_LAYER
                if( ssf && *ssf ) {
-                       fprintf( stderr, "SASL installing layers\n" );
+                       if( flags != LDAP_SASL_QUIET ) {
+                               fprintf( stderr, "SASL installing layers\n" );
+                       }
                        ldap_pvt_sasl_install( ld->ld_sb, ctx );
                }
 #endif
index 51939c37017cca61d80256d8971775a8045a8698..53fad1e0ea29164ee240013bdd1c3c98d8b07263 100644 (file)
@@ -556,8 +556,11 @@ LDAP_F (int) ldap_int_sasl_bind LDAP_P((
        const char *,
        const char *,
        LDAPControl **, LDAPControl **,
+
+       /* should be passed in client controls */
+       unsigned flags,
        LDAP_SASL_INTERACT_PROC *interact,
-       void *defaults));
+       void *defaults ));
 
 /*
  * in tls.c
index c63efd5d0d0ee11f52cacba86e13cf4b1e9da1c0..a98f41e205d23f2dc5ca8d137760947c061c18ef 100644 (file)
@@ -410,6 +410,7 @@ ldap_sasl_interactive_bind_s(
        LDAP_CONST char *mechs,
        LDAPControl **serverControls,
        LDAPControl **clientControls,
+       unsigned flags,
        LDAP_SASL_INTERACT_PROC *interact,
        void *defaults )
 {
@@ -438,7 +439,7 @@ ldap_sasl_interactive_bind_s(
 
        rc = ldap_int_sasl_bind( ld, dn, mechs,
                serverControls, clientControls,
-               interact, defaults );
+               flags, interact, defaults );
 
        return rc;
 }
index c1636e639ea79fa4ff3d5c2fbfbbdd4be9a85bb3..743758f815e86efe6d7f4244771ebd6bc90fa7a1 100644 (file)
@@ -20,7 +20,6 @@
 
 
 typedef struct lutil_sasl_defaults_s {
-       unsigned flags;
        char *mech;
        char *realm;
        char *authcid;
@@ -32,7 +31,6 @@ typedef struct lutil_sasl_defaults_s {
 void *
 lutil_sasl_defaults(
        LDAP *ld,
-       unsigned flags,
        char *mech,
        char *realm,
        char *authcid,
@@ -45,7 +43,6 @@ lutil_sasl_defaults(
 
        if( defaults == NULL ) return NULL;
 
-       defaults->flags = flags;
        defaults->mech = mech;
        defaults->realm = realm;
        defaults->authcid = authcid;
@@ -69,9 +66,10 @@ lutil_sasl_defaults(
 }
 
 static int interaction(
-       sasl_interact_t *interact, lutilSASLdefaults *defaults )
+       unsigned flags,
+       sasl_interact_t *interact,
+       lutilSASLdefaults *defaults )
 {
-       unsigned flags = defaults ? defaults->flags : 0;
        const char *dflt = interact->defresult;
        char input[1024];
 
@@ -103,11 +101,11 @@ static int interaction(
 
        if( dflt && !*dflt ) dflt = NULL;
 
-       if( flags != LUTIL_SASL_INTERACTIVE && dflt ) {
+       if( flags != LDAP_SASL_INTERACTIVE && dflt ) {
                goto use_default;
        }
 
-       if( flags == LUTIL_SASL_QUIET ) {
+       if( flags == LDAP_SASL_QUIET ) {
                /* don't prompt */
                return LDAP_OTHER;
        }
@@ -180,15 +178,18 @@ use_default:
 
 int lutil_sasl_interact(
        LDAP *ld,
+       unsigned flags,
        void *defaults,
        void *in )
 {
        sasl_interact_t *interact = in;
 
-       fputs( "SASL Interaction\n", stderr );
+       if( flags != LDAP_SASL_QUIET ) {
+               fputs( "SASL Interaction\n", stderr );
+       }
 
        while( interact->id != SASL_CB_LIST_END ) {
-               int rc = interaction( interact, defaults );
+               int rc = interaction( flags, interact, defaults );
 
                if( rc )  return rc;
                interact++;