]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/config.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
allow to programmatically register new response code names
[openldap] / servers / slapd / config.c
diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index 2aaa4d5128ba63cd2492e08148460c230cb49060..8c2e633bf3b76915cf3e75d4eed8d96ab3c6c836 100644 (file)
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -53,10 +53,6 @@
 #include "lutil_ldap.h"
 #include "config.h"
 
-#ifdef HAVE_TLS
-#include <openssl/ssl.h>
-#endif
-
 #define ARGS_STEP      512
 
 /*
@@ -68,6 +64,7 @@ int           global_gentlehup = 0;
 int            global_idletimeout = 0;
 char   *global_host = NULL;
 char   *global_realm = NULL;
+char   *sasl_host = NULL;
 char           **default_passwd_hash = NULL;
 struct berval default_search_base = BER_BVNULL;
 struct berval default_search_nbase = BER_BVNULL;
@@ -128,6 +125,7 @@ ConfigTable *config_find_keyword(ConfigTable *Conf, ConfigArgs *c) {
 
 int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) {
        int rc, arg_user, arg_type, arg_syn, iarg;
+       unsigned uiarg;
        long larg;
        ber_len_t barg;
        
@@ -145,54 +143,54 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) {
                c->argv[1] = "";
        }
        if(Conf->min_args && (c->argc < Conf->min_args)) {
-               snprintf( c->msg, sizeof( c->msg ), "<%s> missing <%s> argument",
+               snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> missing <%s> argument",
                        c->argv[0], Conf->what );
-               Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: keyword %s\n", c->log, c->msg, 0 );
+               Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: keyword %s\n", c->log, c->cr_msg, 0 );
                return(ARG_BAD_CONF);
        }
        if(Conf->max_args && (c->argc > Conf->max_args)) {
                char    *ignored = " ignored";
 
-               snprintf( c->msg, sizeof( c->msg ), "<%s> extra cruft after <%s>",
+               snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> extra cruft after <%s>",
                        c->argv[0], Conf->what );
 
                ignored = "";
                Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s%s.\n",
-                               c->log, c->msg, ignored );
+                               c->log, c->cr_msg, ignored );
                return(ARG_BAD_CONF);
        }
        if((arg_syn & ARG_DB) && !c->be) {
-               snprintf( c->msg, sizeof( c->msg ), "<%s> only allowed within database declaration",
+               snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> only allowed within database declaration",
                        c->argv[0] );
                Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: keyword %s\n",
-                       c->log, c->msg, 0);
+                       c->log, c->cr_msg, 0);
                return(ARG_BAD_CONF);
        }
        if((arg_syn & ARG_PRE_BI) && c->bi) {
-               snprintf( c->msg, sizeof( c->msg ), "<%s> must occur before any backend %sdeclaration",
+               snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> must occur before any backend %sdeclaration",
                        c->argv[0], (arg_syn & ARG_PRE_DB) ? "or database " : "" );
                Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: keyword %s\n",
-                       c->log, c->msg, 0 );
+                       c->log, c->cr_msg, 0 );
                return(ARG_BAD_CONF);
        }
        if((arg_syn & ARG_PRE_DB) && c->be && c->be != frontendDB) {
-               snprintf( c->msg, sizeof( c->msg ), "<%s> must occur before any database declaration",
+               snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> must occur before any database declaration",
                        c->argv[0] );
                Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: keyword %s\n",
-                       c->log, c->msg, 0);
+                       c->log, c->cr_msg, 0);
                return(ARG_BAD_CONF);
        }
        if((arg_syn & ARG_PAREN) && *c->argv[1] != '(' /*')'*/) {
-               snprintf( c->msg, sizeof( c->msg ), "<%s> old format not supported", c->argv[0] );
+               snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> old format not supported", c->argv[0] );
                Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s\n",
-                       c->log, c->msg, 0);
+                       c->log, c->cr_msg, 0);
                return(ARG_BAD_CONF);
        }
        if(arg_type && !Conf->arg_item && !(arg_syn & ARG_OFFSET)) {
-               snprintf( c->msg, sizeof( c->msg ), "<%s> invalid config_table, arg_item is NULL",
+               snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> invalid config_table, arg_item is NULL",
                        c->argv[0] );
                Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s\n",
-                       c->log, c->msg, 0);
+                       c->log, c->cr_msg, 0);
                return(ARG_BAD_CONF);
        }
        c->type = arg_user;
@@ -208,9 +206,9 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) {
                ber_str2bv( c->argv[1], 0, 0, &bv );
                rc = dnPrettyNormal( NULL, &bv, &c->value_dn, &c->value_ndn, NULL );
                if ( rc != LDAP_SUCCESS ) {
-                       snprintf( c->msg, sizeof( c->msg ), "<%s> invalid DN %d (%s)",
+                       snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> invalid DN %d (%s)",
                                c->argv[0], rc, ldap_err2string( rc ));
-                       Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s\n" , c->log, c->msg, 0);
+                       Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s\n" , c->log, c->cr_msg, 0);
                        return(ARG_BAD_CONF);
                }
                if ( check_only ) {
@@ -223,32 +221,42 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) {
                switch(arg_type) {
                        case ARG_INT:
                                if ( lutil_atoix( &iarg, c->argv[1], 0 ) != 0 ) {
-                                       snprintf( c->msg, sizeof( c->msg ),
+                                       snprintf( c->cr_msg, sizeof( c->cr_msg ),
                                                "<%s> unable to parse \"%s\" as int",
                                                c->argv[0], c->argv[1] );
                                        Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s\n",
-                                               c->log, c->msg, 0);
+                                               c->log, c->cr_msg, 0);
+                                       return(ARG_BAD_CONF);
+                               }
+                               break;
+                       case ARG_UINT:
+                               if ( lutil_atoux( &uiarg, c->argv[1], 0 ) != 0 ) {
+                                       snprintf( c->cr_msg, sizeof( c->cr_msg ),
+                                               "<%s> unable to parse \"%s\" as unsigned int",
+                                               c->argv[0], c->argv[1] );
+                                       Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s\n",
+                                               c->log, c->cr_msg, 0);
                                        return(ARG_BAD_CONF);
                                }
                                break;
                        case ARG_LONG:
                                if ( lutil_atolx( &larg, c->argv[1], 0 ) != 0 ) {
-                                       snprintf( c->msg, sizeof( c->msg ),
+                                       snprintf( c->cr_msg, sizeof( c->cr_msg ),
                                                "<%s> unable to parse \"%s\" as long",
                                                c->argv[0], c->argv[1] );
                                        Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s\n",
-                                               c->log, c->msg, 0);
+                                               c->log, c->cr_msg, 0);
                                        return(ARG_BAD_CONF);
                                }
                                break;
                        case ARG_BER_LEN_T: {
                                unsigned long   l;
                                if ( lutil_atoulx( &l, c->argv[1], 0 ) != 0 ) {
-                                       snprintf( c->msg, sizeof( c->msg ),
+                                       snprintf( c->cr_msg, sizeof( c->cr_msg ),
                                                "<%s> unable to parse \"%s\" as ber_len_t",
                                                c->argv[0], c->argv[1] );
                                        Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s\n",
-                                               c->log, c->msg, 0);
+                                               c->log, c->cr_msg, 0);
                                        return(ARG_BAD_CONF);
                                }
                                barg = (ber_len_t)l;
@@ -267,10 +275,10 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) {
                                {
                                        iarg = 0;
                                } else {
-                                       snprintf( c->msg, sizeof( c->msg ), "<%s> invalid value",
+                                       snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> invalid value",
                                                c->argv[0] );
                                        Debug(LDAP_DEBUG_ANY|LDAP_DEBUG_NONE, "%s: %s\n",
-                                               c->log, c->msg, 0 );
+                                               c->log, c->cr_msg, 0 );
                                        return(ARG_BAD_CONF);
                                }
                                break;
@@ -278,15 +286,16 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) {
                j = (arg_type & ARG_NONZERO) ? 1 : 0;
                if(iarg < j && larg < j && barg < j ) {
                        larg = larg ? larg : (barg ? barg : iarg);
-                       snprintf( c->msg, sizeof( c->msg ), "<%s> invalid value",
+                       snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> invalid value",
                                c->argv[0] );
                        Debug(LDAP_DEBUG_ANY|LDAP_DEBUG_NONE, "%s: %s\n",
-                               c->log, c->msg, 0 );
+                               c->log, c->cr_msg, 0 );
                        return(ARG_BAD_CONF);
                }
                switch(arg_type) {
                        case ARG_ON_OFF:
                        case ARG_INT:           c->value_int = iarg;            break;
+                       case ARG_UINT:          c->value_uint = uiarg;          break;
                        case ARG_LONG:          c->value_long = larg;           break;
                        case ARG_BER_LEN_T:     c->value_ber_t = barg;          break;
                }
@@ -301,17 +310,17 @@ int config_set_vals(ConfigTable *Conf, ConfigArgs *c) {
        arg_type = Conf->arg_type;
        if(arg_type & ARG_MAGIC) {
                if(!c->be) c->be = frontendDB;
-               c->msg[0] = '\0';
+               c->cr_msg[0] = '\0';
                rc = (*((ConfigDriver*)Conf->arg_item))(c);
 #if 0
                if(c->be == frontendDB) c->be = NULL;
 #endif
                if(rc) {
-                       if ( !c->msg[0] ) {
-                               snprintf( c->msg, sizeof( c->msg ), "<%s> handler exited with %d",
+                       if ( !c->cr_msg[0] ) {
+                               snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> handler exited with %d",
                                        c->argv[0], rc );
                                Debug(LDAP_DEBUG_CONFIG, "%s: %s!\n",
-                                       c->log, c->msg, 0 );
+                                       c->log, c->cr_msg, 0 );
                        }
                        return(ARG_BAD_CONF);
                }
@@ -323,10 +332,10 @@ int config_set_vals(ConfigTable *Conf, ConfigArgs *c) {
                else if (c->bi)
                        ptr = c->bi->bi_private;
                else {
-                       snprintf( c->msg, sizeof( c->msg ), "<%s> offset is missing base pointer",
+                       snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> offset is missing base pointer",
                                c->argv[0] );
                        Debug(LDAP_DEBUG_CONFIG, "%s: %s!\n",
-                               c->log, c->msg, 0);
+                               c->log, c->cr_msg, 0);
                        return(ARG_BAD_CONF);
                }
                ptr = (void *)((char *)ptr + (long)Conf->arg_item);
@@ -337,6 +346,7 @@ int config_set_vals(ConfigTable *Conf, ConfigArgs *c) {
                switch(arg_type & ARGS_TYPES) {
                        case ARG_ON_OFF:
                        case ARG_INT:           *(int*)ptr = c->value_int;                      break;
+                       case ARG_UINT:          *(unsigned*)ptr = c->value_uint;                        break;
                        case ARG_LONG:          *(long*)ptr = c->value_long;                    break;
                        case ARG_BER_LEN_T:     *(ber_len_t*)ptr = c->value_ber_t;                      break;
                        case ARG_STRING: {
@@ -423,6 +433,7 @@ config_get_vals(ConfigTable *cf, ConfigArgs *c)
                switch(cf->arg_type & ARGS_TYPES) {
                case ARG_ON_OFF:
                case ARG_INT:   c->value_int = *(int *)ptr; break;
+               case ARG_UINT:  c->value_uint = *(unsigned *)ptr; break;
                case ARG_LONG:  c->value_long = *(long *)ptr; break;
                case ARG_BER_LEN_T:     c->value_ber_t = *(ber_len_t *)ptr; break;
                case ARG_STRING:
@@ -438,6 +449,7 @@ config_get_vals(ConfigTable *cf, ConfigArgs *c)
                bv.bv_val = c->log;
                switch(cf->arg_type & ARGS_TYPES) {
                case ARG_INT: bv.bv_len = snprintf(bv.bv_val, sizeof( c->log ), "%d", c->value_int); break;
+               case ARG_UINT: bv.bv_len = snprintf(bv.bv_val, sizeof( c->log ), "%u", c->value_uint); break;
                case ARG_LONG: bv.bv_len = snprintf(bv.bv_val, sizeof( c->log ), "%ld", c->value_long); break;
                case ARG_BER_LEN_T: bv.bv_len = snprintf(bv.bv_val, sizeof( c->log ), "%ld", c->value_ber_t); break;
                case ARG_ON_OFF: bv.bv_len = snprintf(bv.bv_val, sizeof( c->log ), "%s",
@@ -831,6 +843,10 @@ read_config_file(const char *fname, int depth, ConfigArgs *cf, ConfigTable *cft)
        rc = 0;
 
 done:
+       if ( cf ) {
+               cf->be = c->be;
+               cf->bi = c->bi;
+       }
        ch_free(c->tline);
        fclose(fp);
        ch_free(c->argv);
@@ -991,6 +1007,140 @@ enum_to_verb(slap_verbmasks *v, slap_mask_t m, struct berval *bv) {
        return -1;
 }
 
+/* register a new verbmask */
+static int
+slap_verbmask_register( slap_verbmasks *vm_, slap_verbmasks **vmp, struct berval *bv, int mask )
+{
+       slap_verbmasks  *vm = *vmp;
+       int             i;
+
+       /* check for duplicate word */
+       /* NOTE: we accept duplicate codes; the first occurrence will be used
+        * when mapping from mask to verb */
+       i = verb_to_mask( bv->bv_val, vm );
+       if ( !BER_BVISNULL( &vm[ i ].word ) ) {
+               return -1;
+       }
+
+       for ( i = 0; !BER_BVISNULL( &vm[ i ].word ); i++ )
+               ;
+
+       if ( vm == vm_ ) {
+               /* first time: duplicate array */
+               vm = ch_calloc( i + 2, sizeof( slap_verbmasks ) );
+               for ( i = 0; !BER_BVISNULL( &vm_[ i ].word ); i++ )
+               {
+                       ber_dupbv( &vm[ i ].word, &vm_[ i ].word );
+                       *((slap_mask_t*)&vm[ i ].mask) = vm_[ i ].mask;
+               }
+
+       } else {
+               vm = ch_realloc( vm, (i + 2) * sizeof( slap_verbmasks ) );
+       }
+
+       ber_dupbv( &vm[ i ].word, bv );
+       *((slap_mask_t*)&vm[ i ].mask) = mask;
+
+       BER_BVZERO( &vm[ i+1 ].word );
+
+       *vmp = vm;
+
+       return i;
+}
+
+static slap_verbmasks slap_ldap_response_code_[] = {
+       { BER_BVC("success"),                           LDAP_SUCCESS },
+
+       { BER_BVC("operationsError"),                   LDAP_OPERATIONS_ERROR },
+       { BER_BVC("protocolError"),                     LDAP_PROTOCOL_ERROR },
+       { BER_BVC("timelimitExceeded"),                 LDAP_TIMELIMIT_EXCEEDED },
+       { BER_BVC("sizelimitExceeded"),                 LDAP_SIZELIMIT_EXCEEDED },
+       { BER_BVC("compareFalse"),                      LDAP_COMPARE_FALSE },
+       { BER_BVC("compareTrue"),                       LDAP_COMPARE_TRUE },
+
+       { BER_BVC("authMethodNotSupported"),            LDAP_AUTH_METHOD_NOT_SUPPORTED },
+       { BER_BVC("strongAuthNotSupported"),            LDAP_STRONG_AUTH_NOT_SUPPORTED },
+       { BER_BVC("strongAuthRequired"),                LDAP_STRONG_AUTH_REQUIRED },
+       { BER_BVC("strongerAuthRequired"),              LDAP_STRONGER_AUTH_REQUIRED },
+#if 0 /* not LDAPv3 */
+       { BER_BVC("partialResults"),                    LDAP_PARTIAL_RESULTS },
+#endif
+
+       { BER_BVC("referral"),                          LDAP_REFERRAL },
+       { BER_BVC("adminlimitExceeded"),                LDAP_ADMINLIMIT_EXCEEDED },
+       { BER_BVC("unavailableCriticalExtension"),      LDAP_UNAVAILABLE_CRITICAL_EXTENSION },
+       { BER_BVC("confidentialityRequired"),           LDAP_CONFIDENTIALITY_REQUIRED },
+       { BER_BVC("saslBindInProgress"),                LDAP_SASL_BIND_IN_PROGRESS },
+
+       { BER_BVC("noSuchAttribute"),                   LDAP_NO_SUCH_ATTRIBUTE },
+       { BER_BVC("undefinedType"),                     LDAP_UNDEFINED_TYPE },
+       { BER_BVC("inappropriateMatching"),             LDAP_INAPPROPRIATE_MATCHING },
+       { BER_BVC("constraintViolation"),               LDAP_CONSTRAINT_VIOLATION },
+       { BER_BVC("typeOrValueExists"),                 LDAP_TYPE_OR_VALUE_EXISTS },
+       { BER_BVC("invalidSyntax"),                     LDAP_INVALID_SYNTAX },
+
+       { BER_BVC("noSuchObject"),                      LDAP_NO_SUCH_OBJECT },
+       { BER_BVC("aliasProblem"),                      LDAP_ALIAS_PROBLEM },
+       { BER_BVC("invalidDnSyntax"),                   LDAP_INVALID_DN_SYNTAX },
+#if 0 /* not LDAPv3 */
+       { BER_BVC("isLeaf"),                            LDAP_IS_LEAF },
+#endif
+       { BER_BVC("aliasDerefProblem"),                 LDAP_ALIAS_DEREF_PROBLEM },
+
+       { BER_BVC("proxyAuthzFailure"),                 LDAP_X_PROXY_AUTHZ_FAILURE },
+       { BER_BVC("inappropriateAuth"),                 LDAP_INAPPROPRIATE_AUTH },
+       { BER_BVC("invalidCredentials"),                LDAP_INVALID_CREDENTIALS },
+       { BER_BVC("insufficientAccess"),                LDAP_INSUFFICIENT_ACCESS },
+
+       { BER_BVC("busy"),                              LDAP_BUSY },
+       { BER_BVC("unavailable"),                       LDAP_UNAVAILABLE },
+       { BER_BVC("unwillingToPerform"),                LDAP_UNWILLING_TO_PERFORM },
+       { BER_BVC("loopDetect"),                        LDAP_LOOP_DETECT },
+
+       { BER_BVC("namingViolation"),                   LDAP_NAMING_VIOLATION },
+       { BER_BVC("objectClassViolation"),              LDAP_OBJECT_CLASS_VIOLATION },
+       { BER_BVC("notAllowedOnNonleaf"),               LDAP_NOT_ALLOWED_ON_NONLEAF },
+       { BER_BVC("notAllowedOnRdn"),                   LDAP_NOT_ALLOWED_ON_RDN },
+       { BER_BVC("alreadyExists"),                     LDAP_ALREADY_EXISTS },
+       { BER_BVC("noObjectClassMods"),                 LDAP_NO_OBJECT_CLASS_MODS },
+       { BER_BVC("resultsTooLarge"),                   LDAP_RESULTS_TOO_LARGE },
+       { BER_BVC("affectsMultipleDsas"),               LDAP_AFFECTS_MULTIPLE_DSAS },
+
+       { BER_BVC("other"),                             LDAP_OTHER },
+
+       /* extension-specific */
+
+       { BER_BVC("cupResourcesExhausted"),             LDAP_CUP_RESOURCES_EXHAUSTED },
+       { BER_BVC("cupSecurityViolation"),              LDAP_CUP_SECURITY_VIOLATION },
+       { BER_BVC("cupInvalidData"),                    LDAP_CUP_INVALID_DATA },
+       { BER_BVC("cupUnsupportedScheme"),              LDAP_CUP_UNSUPPORTED_SCHEME },
+       { BER_BVC("cupReloadRequired"),                 LDAP_CUP_RELOAD_REQUIRED },
+
+       { BER_BVC("cancelled"),                         LDAP_CANCELLED },
+       { BER_BVC("noSuchOperation"),                   LDAP_NO_SUCH_OPERATION },
+       { BER_BVC("tooLate"),                           LDAP_TOO_LATE },
+       { BER_BVC("cannotCancel"),                      LDAP_CANNOT_CANCEL },
+
+       { BER_BVC("assertionFailed"),                   LDAP_ASSERTION_FAILED },
+
+       { BER_BVC("proxiedAuthorizationDenied"),        LDAP_PROXIED_AUTHORIZATION_DENIED },
+
+       { BER_BVC("syncRefreshRequired"),               LDAP_SYNC_REFRESH_REQUIRED },
+
+       { BER_BVC("noOperation"),                       LDAP_X_NO_OPERATION },
+
+       { BER_BVNULL,                           0 }
+};
+
+slap_verbmasks *slap_ldap_response_code = slap_ldap_response_code_;
+
+int
+slap_ldap_response_code_register( struct berval *bv, int err )
+{
+       return slap_verbmask_register( slap_ldap_response_code_,
+               &slap_ldap_response_code, bv, err );
+}
+
 #ifdef HAVE_TLS
 static slap_verbmasks tlskey[] = {
        { BER_BVC("no"),        SB_TLS_OFF },
@@ -1041,7 +1191,7 @@ static slap_cf_aux_table bindkey[] = {
        { BER_BVC("saslmech="), offsetof(slap_bindconf, sb_saslmech), 'b', 0, NULL },
        { BER_BVC("secprops="), offsetof(slap_bindconf, sb_secprops), 's', 0, NULL },
        { BER_BVC("realm="), offsetof(slap_bindconf, sb_realm), 'b', 0, NULL },
-       { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 0, (slap_verbmasks *)authzNormalize },
+       { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 1, NULL },
        { BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, (slap_verbmasks *)authzNormalize },
 #ifdef HAVE_TLS
        { BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey },
@@ -1588,6 +1738,10 @@ slap_client_connect( LDAP **ldp, slap_bindconf *sb )
                        sb->sb_authcId.bv_val,
                        sb->sb_cred.bv_val,
                        sb->sb_authzId.bv_val );
+               if ( defaults == NULL ) {
+                       rc = LDAP_OTHER;
+                       goto done;
+               }
 
                rc = ldap_sasl_interactive_bind_s( ld,
                                sb->sb_binddn.bv_val,
Cloned from git://git.openldap.org/openldap.git