Plug leak

[openldap] / servers / slapd / sasl.c

diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c
index 7b43c706d435fb7fb5f4957c7211de9d5199d931..0b3288d2c44f779c68da6321e2578cac7a6f3231 100644 (file)
--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -326,7 +326,7 @@ slap_auxprop_lookup(
 
                cb.sc_private = &sl;
 
-               op.o_bd = select_backend( &op.o_req_ndn, 0, 1 );
+               op.o_bd = select_backend( &op.o_req_ndn, 1 );
 
                if ( op.o_bd ) {
                        /* For rootdn, see if we can use the rootpw */
@@ -440,7 +440,7 @@ slap_auxprop_store(
        }
        if (!conn || !op.o_req_ndn.bv_val) return SASL_BADPARAM;
 
-       op.o_bd = select_backend( &op.o_req_ndn, 0, 1 );
+       op.o_bd = select_backend( &op.o_req_ndn, 1 );
 
        if ( !op.o_bd || !op.o_bd->be_modify ) return SASL_FAIL;
                
@@ -455,6 +455,7 @@ slap_auxprop_store(
                mod->sml_op = LDAP_MOD_REPLACE;
                mod->sml_flags = 0;
                ber_str2bv( pr[i].name, 0, 0, &mod->sml_type );
+               mod->sml_numvals = pr[i].nvalues;
                mod->sml_values = (struct berval *)ch_malloc( (pr[i].nvalues + 1) *
                        sizeof(struct berval));
                for (j=0; j<pr[i].nvalues; j++) {
@@ -722,9 +723,9 @@ slap_sasl_authorize(
 ok:
        if (conn->c_sasl_bindop) {
                Statslog( LDAP_DEBUG_STATS,
-                       "conn=%lu op=%lu BIND authcid=\"%s\" authzid=\"%s\"\n",
-                       conn->c_connid, conn->c_sasl_bindop->o_opid, 
-                       auth_identity, requested_user, 0);
+                       "%s BIND authcid=\"%s\" authzid=\"%s\"\n",
+                       conn->c_sasl_bindop->o_log_prefix, 
+                       auth_identity, requested_user, 0, 0 );
        }
 
        Debug( LDAP_DEBUG_TRACE, "SASL Authorize [conn=%ld]: "
@@ -826,9 +827,9 @@ ok:
 
        if ( conn->c_sasl_bindop ) {
                Statslog( LDAP_DEBUG_STATS,
-                       "conn=%lu op=%lu BIND authcid=\"%s\" authzid=\"%s\"\n",
-                       conn->c_connid, conn->c_sasl_bindop->o_opid, 
-                       authcid, authzid ? authzid : "", 0);
+                       "%s BIND authcid=\"%s\" authzid=\"%s\"\n",
+                       conn->c_sasl_bindop->o_log_prefix, 
+                       authcid, authzid ? authzid : "", 0, 0 );
        }
 
        *errstr = NULL;
@@ -1098,7 +1099,7 @@ slapd_rw_apply( void *private, const char *filter, struct berval *val )
 
        op->o_tag = LDAP_REQ_SEARCH;
        op->o_req_dn = op->o_req_ndn = sl->base;
-       op->o_bd = select_backend( &op->o_req_ndn, 0, 1 );
+       op->o_bd = select_backend( &op->o_req_ndn, 1 );
        if ( !op->o_bd ) {
                return REWRITE_ERR;
        }
@@ -1447,12 +1448,13 @@ int slap_sasl_external(
 #if SASL_VERSION_MAJOR >= 2
        int sc;
        sasl_conn_t *ctx = conn->c_sasl_authctx;
+       sasl_ssf_t sasl_ssf = ssf;
 
        if ( ctx == NULL ) {
                return LDAP_UNAVAILABLE;
        }
 
-       sc = sasl_setprop( ctx, SASL_SSF_EXTERNAL, &ssf );
+       sc = sasl_setprop( ctx, SASL_SSF_EXTERNAL, &sasl_ssf );
 
        if ( sc != SASL_OK ) {
                return LDAP_OTHER;
@@ -1621,7 +1623,7 @@ int slap_sasl_bind( Operation *op, SlapReply *rs )
        if ( !op->o_conn->c_sasl_bind_in_progress ) {
                /* If we already authenticated once, must use a new context */
                if ( op->o_conn->c_sasl_done ) {
-                       slap_ssf_t ssf = 0;
+                       sasl_ssf_t ssf = 0;
                        const char *authid = NULL;
 #if SASL_VERSION_MAJOR >= 2
                        sasl_getprop( ctx, SASL_SSF_EXTERNAL, (void *)&ssf );