if ( rs->sr_ref ) ber_bvarray_free( rs->sr_ref );
if ( rs->sr_matched ) free( (char *)rs->sr_matched );
- return( rc );
+ return rs->sr_err;
}
ber_dupbv( &op->oq_bind.rb_edn, &e->e_name );
/* check for deleted */
+#ifdef LDBM_SUBENTRIES
+ if ( is_entry_subentry( e ) ) {
+ /* entry is an subentry, don't allow bind */
+#ifdef NEW_LOGGING
+ LDAP_LOG ( OPERATION, DETAIL1,
+ "bdb_bind: entry is subentry\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "entry is subentry\n", 0, 0, 0 );
+#endif
+ rs->sr_err = LDAP_INVALID_CREDENTIALS;
+ send_ldap_result( op, rs );
+ rc = LDAP_INVALID_CREDENTIALS;
+ goto return_results;
+ }
+#endif
if ( is_entry_alias( e ) ) {
/* entry is an alias, don't allow bind */
send_ldap_error( op, rs, LDAP_ALIAS_PROBLEM,
"entry is alias" );
- rc = 1;
+ rc = LDAP_ALIAS_PROBLEM;
goto return_results;
}
ber_bvarray_free( rs->sr_ref );
- rc = 1;
+ rc = rs->sr_err;
goto return_results;
}
password, NULL, ACL_AUTH, NULL ) )
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS, NULL );
- rc = 1;
+ rc = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL );
/* stop front end from sending result */
- rc = 1;
+ rc = LDAP_INAPPROPRIATE_AUTH;
goto return_results;
}
if ( slap_passwd_check( op->o_conn, a, &op->oq_bind.rb_cred, &rs->sr_text ) != 0 ) {
send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL );
/* stop front end from sending result */
- rc = 1;
+ rc = LDAP_INVALID_CREDENTIALS;
goto return_results;
}
case LDAP_AUTH_KRBV41:
if ( krbv4_ldap_auth( op->o_bd, &op->oq_bind.rb_cred, &ad ) != LDAP_SUCCESS ) {
send_ldap_error( op, rs, LDAP_INVALID_CREDENTIALS, NULL );
- rc = 1;
+ rc = LDAP_INVALID_CREDENTIALS;
goto return_results;
}
{
send_ldap_error( op, rs, LDAP_INSUFFICIENT_ACCESS,
NULL );
- rc = 1;
+ rc = LDAP_INSUFFICIENT_ACCESS;
goto return_results;
}
break;
}
send_ldap_error( op, rs, LDAP_INAPPROPRIATE_AUTH, NULL );
- rc = 1;
+ rc = LDAP_INAPPROPRIATE_AUTH;
goto return_results;
} else { /* look for krbname match */
if ( value_find( a->a_desc, a->a_vals, &krbval ) != 0 ) {
send_ldap_error( op, rs,
LDAP_INVALID_CREDENTIALS, NULL );
- rc = 1;
+ rc = LDAP_INVALID_CREDENTIALS;
goto return_results;
}
}
default:
send_ldap_error( op, rs, LDAP_STRONG_AUTH_NOT_SUPPORTED,
"authentication method not supported" );
- rc = 1;
+ rc = LDAP_STRONG_AUTH_NOT_SUPPORTED;
goto return_results;
}