/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2013 The OpenLDAP Foundation.
+ * Copyright 1998-2015 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
lc->lconn_sasl_sockctx = NULL;
lc->lconn_sasl_authctx = NULL;
}
+ if( lc->lconn_sasl_cbind ) {
+ ldap_memfree( lc->lconn_sasl_cbind );
+ lc->lconn_sasl_cbind = NULL;
+ }
return LDAP_SUCCESS;
}
(void) ldap_int_sasl_external( ld, ld->ld_defconn, authid.bv_val, fac );
LDAP_FREE( authid.bv_val );
+#ifdef SASL_CHANNEL_BINDING /* 2.1.25+ */
+ {
+ char cbinding[64];
+ struct berval cbv = { sizeof(cbinding), cbinding };
+ if ( ldap_pvt_tls_get_unique( ssl, &cbv, 0 )) {
+ sasl_channel_binding_t *cb = ldap_memalloc( sizeof(*cb) +
+ cbv.bv_len);
+ void *cb_data; /* used since cb->data is const* */
+ cb->name = "ldap";
+ cb->critical = 0;
+ cb->len = cbv.bv_len;
+ cb->data = cb_data = cb+1;
+ memcpy( cb_data, cbv.bv_val, cbv.bv_len );
+ sasl_setprop( ld->ld_defconn->lconn_sasl_authctx,
+ SASL_CHANNEL_BINDING, cb );
+ ld->ld_defconn->lconn_sasl_cbind = cb;
+ }
+ }
+#endif
}
#endif
ctx = ld->ld_defconn->lconn_sasl_authctx;
rc = ldap_parse_sasl_bind_result( ld, result, &scred, 0 );
- if ( rc != LDAP_SUCCESS )
+ if ( rc != LDAP_SUCCESS ) {
+ if ( scred )
+ ber_bvfree( scred );
goto done;
+ }
rc = ldap_result2error( ld, result, 0 );
if ( rc != LDAP_SUCCESS && rc != LDAP_SASL_BIND_IN_PROGRESS ) {
}
mech = *rmech;
- if ( rc == LDAP_SUCCESS && mech == NULL )
+ if ( rc == LDAP_SUCCESS && mech == NULL ) {
+ if ( scred )
+ ber_bvfree( scred );
goto success;
+ }
do {
if( ! scred ) {
if ( ldap_pvt_thread_mutex_init( mutex ) == 0 ) {
return mutex;
}
+ LDAP_FREE( mutex );
#ifndef LDAP_DEBUG_R_SASL
assert( 0 );
#endif /* !LDAP_DEBUG_R_SASL */