goto cleanup;
}
+ /* check restrictions */
+ rc = backend_check_restrictions( NULL, conn, op, mech, &text );
+ if( rc != LDAP_SUCCESS ) {
+ send_ldap_result( conn, op, rc,
+ NULL, text, NULL, NULL );
+ goto cleanup;
+ }
+
ldap_pvt_thread_mutex_lock( &conn->c_mutex );
if ( conn->c_sasl_bind_in_progress ) {
if((strcmp(conn->c_sasl_bind_mech, mech) != 0)) {
conn->c_authmech = conn->c_sasl_bind_mech;
conn->c_sasl_bind_mech = NULL;
conn->c_sasl_bind_in_progress = 0;
+
conn->c_sasl_ssf = ssf;
if( ssf > conn->c_ssf ) {
conn->c_ssf = ssf;
}
+
+ if( conn->c_dn != NULL ) {
+ ber_len_t max = sockbuf_max_incoming;
+ ber_sockbuf_ctrl( conn->c_sb,
+ LBER_SB_OPT_SET_MAX_INCOMING, &max );
+ }
+
} else if ( rc == LDAP_SASL_BIND_IN_PROGRESS ) {
conn->c_sasl_bind_in_progress = 1;
/* disallow */
rc = LDAP_INAPPROPRIATE_AUTH;
text = "anonymous bind disallowed";
+
+ } else {
+ rc = backend_check_restrictions( NULL, conn, op, mech, &text );
}
/*
if ( (be = select_backend( ndn, 0 )) == NULL ) {
if ( default_referral ) {
+ struct berval **ref = referral_rewrite( default_referral,
+ NULL, dn, LDAP_SCOPE_DEFAULT );
+
send_ldap_result( conn, op, rc = LDAP_REFERRAL,
- NULL, NULL, default_referral, NULL );
+ NULL, NULL, ref ? ref : default_referral, NULL );
+
+ ber_bvecfree( ref );
} else {
/* noSuchObject is not allowed to be returned by bind */
}
/* check restrictions */
- rc = backend_check_restrictions( be, conn, op, NULL, &text ) ;
+ rc = backend_check_restrictions( be, conn, op, NULL, &text );
if( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
NULL, text, NULL, NULL );
ndn = NULL;
}
+ if( conn->c_dn != NULL ) {
+ ber_len_t max = sockbuf_max_incoming;
+ ber_sockbuf_ctrl( conn->c_sb,
+ LBER_SB_OPT_SET_MAX_INCOMING, &max );
+ }
+
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1,
"do_bind: conn %d v%d bind: \"%s\" to \"%s\" \n",
projects / openldap / blobdiff