- Debug( LDAP_DEBUG_TRACE,
- "==>slap_sasl_authorized: can %s become %s?\n", authcid, authzid, 0 );
-
- /* Create a complete SASL name for the SASL regexp patterns */
-
- sasl_getprop( conn->c_sasl_context, SASL_REALM, (void **)&realm );
-
- /* Allocate space */
- rc = strlen("uid=+realm=,cn=,cn=AUTHZ ");
- if ( realm ) rc += strlen( realm );
- if ( authcid ) rc += strlen( authcid );
- rc += strlen( conn->c_sasl_bind_mech );
- saslname = ch_malloc( rc );
-
- /* Build the SASL name with whatever we have, and normalize it */
- saslname[0] = '\0';
- rc = 0;
- if ( authcid )
- rc += sprintf( saslname+rc, "%sUID=%s", rc?",":"", authcid);
- if ( realm )
- rc += sprintf( saslname+rc, "%sREALM=%s", rc?"+":"", realm);
- if ( conn->c_sasl_bind_mech )
- rc += sprintf( saslname+rc, "%sCN=%s", rc?",":"",
- conn->c_sasl_bind_mech);
- sprintf( saslname+rc, "%sCN=AUTHZ", rc?",":"");
- dn_normalize( saslname );
-
- authcDN = slap_sasl2dn( saslname );
- if( authcDN == NULL )