- {
- BerElement tber;
- unsigned long tlen, ttag;
-
- tber = *op->o_ber;
- ttag = ber_skip_tag( &tber, &tlen );
- if ( ber_peek_tag( &tber, &tlen ) == LBER_SEQUENCE ) {
- Debug( LDAP_DEBUG_ANY, "version 3.0 detected\n", 0, 0, 0 );
- conn->c_version = 30;
- rc = ber_scanf(ber, "{{iato}}", &version, &dn, &method, &cred);
+ if ( tag == LBER_ERROR ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "do_bind: conn %d ber_scanf failed\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_ANY, "bind: ber_scanf failed\n", 0, 0, 0 );
+#endif
+ send_ldap_disconnect( conn, op,
+ LDAP_PROTOCOL_ERROR, "decoding error" );
+ rc = -1;
+ goto cleanup;
+ }
+
+ op->o_protocol = version;
+
+ if( method != LDAP_AUTH_SASL ) {
+ tag = ber_scanf( ber, /*{*/ "o}", &cred );
+
+ } else {
+ tag = ber_scanf( ber, "{a" /*}*/, &mech );
+
+ if ( tag != LBER_ERROR ) {
+ ber_len_t len;
+ tag = ber_peek_tag( ber, &len );
+
+ if ( tag == LDAP_TAG_LDAPCRED ) {
+ tag = ber_scanf( ber, "o", &cred );
+ } else {
+ tag = LDAP_TAG_LDAPCRED;
+ cred.bv_val = NULL;
+ cred.bv_len = 0;
+ }
+
+ if ( tag != LBER_ERROR ) {
+ tag = ber_scanf( ber, /*{{*/ "}}" );
+ }
+ }
+ }
+
+ if ( tag == LBER_ERROR ) {
+ send_ldap_disconnect( conn, op,
+ LDAP_PROTOCOL_ERROR,
+ "decoding error" );
+ rc = SLAPD_DISCONNECT;
+ goto cleanup;
+ }
+
+ if( (rc = get_ctrls( conn, op, 1 )) != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+ "do_bind: conn %d get_ctrls failed\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_ANY, "do_bind: get_ctrls failed\n", 0, 0, 0 );
+#endif
+ goto cleanup;
+ }
+
+ ndn = ch_strdup( dn );
+
+ if ( dn_normalize( ndn ) == NULL ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+ "do_bind: conn %d invalid dn (%s)\n", conn->c_connid, dn ));
+#else
+ Debug( LDAP_DEBUG_ANY, "bind: invalid dn (%s)\n", dn, 0, 0 );
+#endif
+ send_ldap_result( conn, op, rc = LDAP_INVALID_DN_SYNTAX, NULL,
+ "invalid DN", NULL, NULL );
+ goto cleanup;
+ }
+
+ if( method == LDAP_AUTH_SASL ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1,
+ "do_sasl_bind: conn %d dn (%s) mech %s\n", conn->c_connid,
+ dn, mech ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "do_sasl_bind: dn (%s) mech %s\n",
+ dn, mech, NULL );
+#endif