AttributeDescription *password = slap_schema.si_ad_userPassword;
- u_int32_t locker;
+ BDB_LOCKER locker;
DB_LOCK lock;
Debug( LDAP_DEBUG_ARGS,
op->o_req_dn.bv_val, 0, 0);
/* allow noauth binds */
- if ( op->oq_bind.rb_method == LDAP_AUTH_SIMPLE && be_isroot_pw( op )) {
- ber_dupbv( &op->oq_bind.rb_edn, be_root_dn( op->o_bd ) );
- /* front end will send result */
- return LDAP_SUCCESS;
+ switch ( be_rootdn_bind( op, NULL ) ) {
+ case LDAP_SUCCESS:
+ /* frontend will send result */
+ return rs->sr_err;
+
+ default:
+ /* give the database a chanche */
+ /* NOTE: this behavior departs from that of other backends,
+ * since the others, in case of password checking failure
+ * do not give the database a chance. If an entry with
+ * rootdn's name does not exist in the database the result
+ * will be the same. See ITS#4962 for discussion. */
+ break;
}
rs->sr_err = LOCK_ID(bdb->bi_dbenv, &locker);