/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1999-2012 The OpenLDAP Foundation.
+ * Copyright 1999-2013 The OpenLDAP Foundation.
* Portions Copyright 2000-2003 Pierangelo Masarati.
* Portions Copyright 1999-2003 Howard Chu.
* All rights reserved.
ldap_set_option( ld, LDAP_OPT_NETWORK_TIMEOUT, (const void *)&tv );
}
+ /* turn on network keepalive, if configured so */
+ slap_client_keepalive(ld, &li->li_tls.sb_keepalive);
+
#ifdef HAVE_TLS
if ( LDAP_BACK_CONN_ISPRIV( lc ) ) {
/* See "rationale" comment in ldap_back_getconn() */
rc = ldap_back_op_result( lc, op, rs, msgid,
-1, ( sendok | LDAP_BACK_BINDING ) );
if ( rc == LDAP_SUCCESS ) {
- op->o_conn->c_authz_cookie = op->o_bd->be_private;
LDAP_BACK_CONN_ISBOUND_SET( lc );
}
ndn = op->o_ndn;
}
+ if ( !( li->li_idassert_flags & LDAP_BACK_AUTH_OVERRIDE )) {
+ if ( op->o_tag == LDAP_REQ_BIND ) {
+ if ( !BER_BVISEMPTY( &ndn )) {
+ dobind = 0;
+ goto done;
+ }
+ } else if ( SLAP_IS_AUTHZ_BACKEND( op )) {
+ dobind = 0;
+ goto done;
+ }
+ }
+
switch ( li->li_idassert_mode ) {
case LDAP_BACK_IDASSERT_LEGACY:
if ( !BER_BVISNULL( &ndn ) && !BER_BVISEMPTY( &ndn ) ) {
ber_bvreplace( &lc->lc_bound_ndn, &bv );
}
#endif /* SLAP_AUTH_DN */
- op->o_conn->c_authz_cookie = op->o_bd->be_private;
LDAP_BACK_CONN_ISBOUND_SET( lc );
break;
* so that referral chasing is attempted using the right
* identity */
LDAP_BACK_CONN_ISBOUND_SET( lc );
- op->o_conn->c_authz_cookie = op->o_bd->be_private;
if ( !BER_BVISNULL( binddn ) ) {
ber_bvreplace( &lc->lc_bound_ndn, binddn );
}