/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1999-2014 The OpenLDAP Foundation.
+ * Copyright 1999-2017 The OpenLDAP Foundation.
* Portions Copyright 2000-2003 Pierangelo Masarati.
* Portions Copyright 1999-2003 Howard Chu.
* All rights reserved.
if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_BIND_SERR ) ) {
goto retry;
}
+ if ( !lc )
+ return( rc );
}
ldap_pvt_thread_mutex_lock( &li->li_counter_mutex );
if ( lc != NULL ) {
if ( lc != LDAP_TAILQ_LAST( &li->li_conn_priv[ LDAP_BACK_CONN2PRIV( lc ) ].lic_priv,
- ldapconn_t, lc_q ) )
+ lc_conn_priv_q ) )
{
LDAP_TAILQ_REMOVE( &li->li_conn_priv[ LDAP_BACK_CONN2PRIV( lc ) ].lic_priv,
lc, lc_q );
op->o_tag = o_tag;
rs->sr_text = "Proxy can't contact remote server";
send_ldap_result( op, rs );
+ /* if we originally bound and wanted rebind-as-user, must drop
+ * the connection now because we just discarded the credentials.
+ * ITS#7464, #8142
+ */
+ if ( LDAP_BACK_SAVECRED( li ) && SLAP_IS_AUTHZ_BACKEND( op ) )
+ rs->sr_err = SLAPD_DISCONNECT;
}
rc = 0;
* LDAP_COMPARE_{TRUE|FALSE}) */
default:
/* only touch when activity actually took place... */
- if ( li->li_idle_timeout && lc ) {
+ if ( li->li_idle_timeout ) {
lc->lc_time = op->o_time;
}