ctrl->ldctl_value.bv_len ? ctrl->ldctl_value.bv_val : "anonymous",
0 );
- if( ctrl->ldctl_value.bv_len == 0 ) {
+ if ( ctrl->ldctl_value.bv_len == 0 ) {
Debug( LDAP_DEBUG_TRACE,
"parseProxyAuthz: conn=%lu anonymous\n",
op->o_connid, 0, 0 );
/* anonymous */
- free( op->o_dn.bv_val );
- op->o_dn.bv_len = 0;
- op->o_dn.bv_val = ch_strdup( "" );
-
- free( op->o_ndn.bv_val );
+ op->o_ndn.bv_val[ 0 ] = '\0';
op->o_ndn.bv_len = 0;
- op->o_ndn.bv_val = ch_strdup( "" );
+
+ op->o_dn.bv_val[ 0 ] = '\0';
+ op->o_dn.bv_len = 0;
return LDAP_SUCCESS;
}
rc = slap_sasl_authorized( op, &op->o_ndn, &dn );
- if( rc ) {
+ if ( rc ) {
ch_free( dn.bv_val );
rs->sr_text = "not authorized to assume identity";
return LDAP_PROXY_AUTHZ_FAILURE;
}
- ch_free( op->o_dn.bv_val );
ch_free( op->o_ndn.bv_val );
-
- op->o_dn.bv_val = NULL;
- op->o_ndn = dn;
-
- Statslog( LDAP_DEBUG_STATS, "%s PROXYAUTHZ dn=\"%s\"\n",
- op->o_log_prefix, dn.bv_val, 0, 0, 0 );
+ ch_free( op->o_dn.bv_val );
/*
* NOTE: since slap_sasl_getdn() returns a normalized dn,
* from now on op->o_dn is normalized
*/
+ op->o_ndn = dn;
ber_dupbv( &op->o_dn, &dn );
+
+ Statslog( LDAP_DEBUG_STATS, "%s PROXYAUTHZ dn=\"%s\"\n",
+ op->o_log_prefix, dn.bv_val, 0, 0, 0 );
+
return LDAP_SUCCESS;
}