struct berval mech = { 0, NULL };
struct berval dn = { 0, NULL };
ber_tag_t tag;
- Backend *be;
+ Backend *be = NULL;
#ifdef LDAP_SLAPI
Slapi_PBlock *pb = op->o_pb;
/* log authorization identity demotion */
if ( op->o_conn->c_dn.bv_len ) {
Statslog( LDAP_DEBUG_STATS,
- "conn=%lu op=%lu BIND anonymous mech=implicit ssf=0",
+ "conn=%lu op=%lu BIND anonymous mech=implicit ssf=0\n",
op->o_connid, op->o_opid, 0, 0, 0 );
}
goto cleanup;
}
+ /* We use the tmpmemctx here because it speeds up normalization.
+ * However, we must dup with regular malloc when storing any
+ * resulting DNs in the op or conn structures.
+ */
rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
if ( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
if( rs->sr_err == LDAP_SUCCESS ) {
- op->o_conn->c_dn = op->orb_edn;
+ ber_dupbv(&op->o_conn->c_dn, &op->orb_edn);
if( op->orb_edn.bv_len != 0 ) {
/* edn is always normalized already */
ber_dupbv( &op->o_conn->c_ndn, &op->o_conn->c_dn );
}
+ op->o_tmpfree( op->orb_edn.bv_val, op->o_tmpmemctx );
+ op->orb_edn.bv_val = NULL;
+ op->orb_edn.bv_len = 0;
op->o_conn->c_authmech = op->o_conn->c_sasl_bind_mech;
op->o_conn->c_sasl_bind_mech.bv_val = NULL;
op->o_conn->c_sasl_bind_mech.bv_len = 0;
{
rs->sr_err = LDAP_CONFIDENTIALITY_REQUIRED;
rs->sr_text = "unwilling to perform simple authentication "
- "without confidentilty protection";
+ "without confidentiality protection";
send_ldap_result( op, rs );
slapi_pblock_set( pb, SLAPI_MANAGEDSAIT, (void *)(0) );
rs->sr_err = doPluginFNs( op->o_bd, SLAPI_PLUGIN_PRE_BIND_FN, pb );
- if ( rs->sr_err != SLAPI_BIND_SUCCESS ) {
+ if ( rs->sr_err < 0 ) {
/*
* Binding is a special case for SLAPI plugins. It is
* possible for a bind plugin to be successful *and*
*/
int ldapRc;
- if ( slapi_pblock_get( pb, SLAPI_RESULT_CODE, (void *)&ldapRc ) != 0 )
+ if ( ( slapi_pblock_get( op->o_pb, SLAPI_RESULT_CODE, (void *)&ldapRc ) != 0 ) ||
+ ldapRc == LDAP_SUCCESS ) {
ldapRc = LDAP_OTHER;
-
+ }
op->orb_edn.bv_val = NULL;
op->orb_edn.bv_len = 0;
if ( rs->sr_err != SLAPI_BIND_FAIL && ldapRc == LDAP_SUCCESS ) {
/* Set the new connection DN. */
if ( rs->sr_err != SLAPI_BIND_ANONYMOUS ) {
slapi_pblock_get( pb, SLAPI_CONN_DN, (void *)&op->orb_edn.bv_val );
+ if ( op->orb_edn.bv_val ) op->orb_edn.bv_len = strlen( op->orb_edn.bv_val );
}
rs->sr_err = dnPrettyNormal( NULL, &op->orb_edn, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
- op->o_conn->c_dn = op->o_req_dn;
- op->o_conn->c_ndn = op->o_req_ndn;
+ ber_dupbv(&op->o_conn->c_dn, &op->o_req_dn);
+ ber_dupbv(&op->o_conn->c_ndn, &op->o_req_ndn);
+ op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
op->o_req_dn.bv_val = NULL;
op->o_req_dn.bv_len = 0;
+ op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
op->o_req_ndn.bv_val = NULL;
op->o_req_ndn.bv_len = 0;
if ( op->o_conn->c_dn.bv_len != 0 ) {
op->o_conn->c_authz_backend = op->o_bd;
}
+ /* be_bind returns regular/global edn */
if(op->orb_edn.bv_len) {
op->o_conn->c_dn = op->orb_edn;
} else {
}
#if defined( LDAP_SLAPI )
- if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_BIND_FN, pb ) != 0 ) {
+ if ( doPluginFNs( op->o_bd, SLAPI_PLUGIN_POST_BIND_FN, pb ) < 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( OPERATION, INFO, "do_bind: Bind postoperation plugins failed\n",
0, 0, 0);