/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Copyright 1998-2006 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
NUM_CONNECTION_ARRAY, sizeof(ldap_pvt_thread_mutex_t) );
if( connections_mutex == NULL ) {
Debug( LDAP_DEBUG_ANY, "connections_init: "
- "allocation of connection mutex[%d] failed\n", i, 0, 0 );
+ "allocation of connection mutexes failed\n", 0, 0, 0 );
return -1;
}
c->c_send_search_entry = slap_send_search_entry;
c->c_send_search_reference = slap_send_search_reference;
c->c_send_ldap_extended = slap_send_ldap_extended;
-#ifdef LDAP_RES_INTERMEDIATE
c->c_send_ldap_intermediate = slap_send_ldap_intermediate;
-#endif
BER_BVZERO( &c->c_authmech );
BER_BVZERO( &c->c_dn );
static int connection_bind_cb( Operation *op, SlapReply *rs )
{
slap_callback *cb = op->o_callback;
- op->o_callback = cb->sc_next;
ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
op->o_conn->c_conn_state = SLAP_C_ACTIVE;
+ op->o_conn->c_sasl_bind_in_progress =
+ ( rs->sr_err == LDAP_SASL_BIND_IN_PROGRESS );
+
+ /* Moved here from bind.c due to ITS#4158 */
+ op->o_conn->c_sasl_bindop = NULL;
+ if ( op->orb_method == LDAP_AUTH_SASL ) {
+ if( rs->sr_err == LDAP_SUCCESS ) {
+ ber_dupbv(&op->o_conn->c_dn, &op->orb_edn);
+ if( !BER_BVISEMPTY( &op->orb_edn ) ) {
+ /* edn is always normalized already */
+ ber_dupbv( &op->o_conn->c_ndn, &op->o_conn->c_dn );
+ }
+ op->o_tmpfree( op->orb_edn.bv_val, op->o_tmpmemctx );
+ BER_BVZERO( &op->orb_edn );
+ op->o_conn->c_authmech = op->o_conn->c_sasl_bind_mech;
+ BER_BVZERO( &op->o_conn->c_sasl_bind_mech );
+
+ op->o_conn->c_sasl_ssf = op->orb_ssf;
+ if( op->orb_ssf > op->o_conn->c_ssf ) {
+ op->o_conn->c_ssf = op->orb_ssf;
+ }
+
+ if( !BER_BVISEMPTY( &op->o_conn->c_dn ) ) {
+ ber_len_t max = sockbuf_max_incoming_auth;
+ ber_sockbuf_ctrl( op->o_conn->c_sb,
+ LBER_SB_OPT_SET_MAX_INCOMING, &max );
+ }
+
+ /* log authorization identity */
+ Statslog( LDAP_DEBUG_STATS,
+ "%s BIND dn=\"%s\" mech=%s ssf=%d\n",
+ op->o_log_prefix,
+ BER_BVISNULL( &op->o_conn->c_dn ) ? "<empty>" : op->o_conn->c_dn.bv_val,
+ op->o_conn->c_authmech.bv_val, op->orb_ssf, 0 );
+
+ Debug( LDAP_DEBUG_TRACE,
+ "do_bind: SASL/%s bind: dn=\"%s\" ssf=%d\n",
+ op->o_conn->c_authmech.bv_val,
+ BER_BVISNULL( &op->o_conn->c_dn ) ? "<empty>" : op->o_conn->c_dn.bv_val,
+ op->orb_ssf );
+
+ } else if ( rs->sr_err != LDAP_SASL_BIND_IN_PROGRESS ) {
+ if ( !BER_BVISNULL( &op->o_conn->c_sasl_bind_mech ) ) {
+ free( op->o_conn->c_sasl_bind_mech.bv_val );
+ BER_BVZERO( &op->o_conn->c_sasl_bind_mech );
+ }
+ }
+ }
ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
- ch_free( cb );
+ ch_free( op->o_callback );
+ op->o_callback = NULL;
+
return SLAP_CB_CONTINUE;
}
op->o_connid = op->o_conn->c_connid;
connection_init_log_prefix( op );
+#ifdef LDAP_SLAPI
+ slapi_int_create_object_extensions( SLAPI_X_EXT_CONNECTION, conn );
+ slapi_int_create_object_extensions( SLAPI_X_EXT_OPERATION, op );
+#endif /* LDAP_SLAPI */
+
slap_op_time( &op->o_time, &op->o_tincr );
}