op.o_do_not_cache = 1;
op.o_is_auth_check = 1;
op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
+ op.o_tmpmemctx = conn->c_sasl_bindop->o_tmpmemctx;
+ op.o_tmpmfuncs = conn->c_sasl_bindop->o_tmpmfuncs;
op.o_conn = conn;
op.o_connid = conn->c_connid;
op.ors_scope = LDAP_SCOPE_BASE;
* find an answer here.
*/
- rc = slap_sasl_getdn( conn, (char *)username, 0, NULL, &op.o_req_ndn,
+ rc = slap_sasl_getdn( conn, NULL, (char *)username, 0, NULL, &op.o_req_ndn,
SLAP_GETDN_AUTHCID );
if ( rc != LDAP_SUCCESS ) {
sasl_seterror( sconn, 0, ldap_err2string( rc ) );
op.o_do_not_cache = 1;
op.o_is_auth_check = 1;
op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
+ op.o_tmpmemctx = conn->c_sasl_bindop->o_tmpmemctx;
+ op.o_tmpmfuncs = conn->c_sasl_bindop->o_tmpmfuncs;
op.o_conn = conn;
op.o_connid = conn->c_connid;
op.ors_scope = LDAP_SCOPE_BASE;
if ( !rc ) goto done;
}
- rc = slap_sasl_getdn( conn, (char *)in, inlen, (char *)user_realm, &dn,
+ rc = slap_sasl_getdn( conn, NULL, (char *)in, inlen, (char *)user_realm, &dn,
(flags & SASL_CU_AUTHID) ? SLAP_GETDN_AUTHCID : SLAP_GETDN_AUTHZID );
if ( rc != LDAP_SUCCESS ) {
sasl_seterror( sconn, 0, ldap_err2string( rc ) );
/* Convert the identities to DN's. If no authzid was given, client will
be bound as the DN matching their username */
- rc = slap_sasl_getdn( conn, (char *)authcid, 0, realm,
+ rc = slap_sasl_getdn( conn, NULL, (char *)authcid, 0, realm,
&authcDN, SLAP_GETDN_AUTHCID );
if( rc != LDAP_SUCCESS ) {
*errstr = ldap_err2string( rc );
conn->c_sasl_dn = authcDN;
goto ok;
}
- rc = slap_sasl_getdn( conn, (char *)authzid, 0, realm,
+ rc = slap_sasl_getdn( conn, NULL, (char *)authzid, 0, realm,
&authzDN, SLAP_GETDN_AUTHZID );
if( rc != LDAP_SUCCESS ) {
ch_free( authcDN.bv_val );
static struct berval ext_bv = BER_BVC( "EXTERNAL" );
-int slap_sasl_getdn( Connection *conn, char *id, int len,
+int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len,
char *user_realm, struct berval *dn, int flags )
{
char *c1;
id ? ( *id ? id : "<empty>" ) : "NULL", len, 0 );
#endif
+ if ( !op ) {
+ op = conn->c_sasl_bindop;
+ }
+
dn->bv_val = NULL;
dn->bv_len = 0;
/* EXTERNAL DNs are already normalized */
do_norm = 0;
is_dn = SET_DN;
- ber_str2bv( id, len, 1, dn );
+ ber_str2bv_x( id, len, 1, dn, op->o_tmpmemctx );
} else {
/* convert to u:<username> form */
/* Build the new dn */
c1 = dn->bv_val;
- dn->bv_val = SLAP_MALLOC( len+1 );
+ dn->bv_val = sl_malloc( len+1, op->o_tmpmemctx );
if( dn->bv_val == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, ERR,
/* Dup the DN in any case, so we don't risk
* leaks or dangling pointers later,
* and the DN value is '\0' terminated */
- ber_dupbv( &dn2, dn );
+ ber_dupbv_x( &dn2, dn, op->o_tmpmemctx );
dn->bv_val = dn2.bv_val;
}
/* All strings are in DN form now. Normalize if needed. */
if ( do_norm ) {
- rc = dnNormalize2( NULL, dn, &dn2 );
+ rc = dnNormalize2( NULL, dn, &dn2, op->o_tmpmemctx );
/* User DNs were constructed above and must be freed now */
- ch_free( dn->bv_val );
+ sl_free( dn->bv_val, op->o_tmpmemctx );
if ( rc != LDAP_SUCCESS ) {
dn->bv_val = NULL;
}
/* Run thru regexp */
- slap_sasl2dn( conn, dn, &dn2 );
+ slap_sasl2dn( op, dn, &dn2 );
if( dn2.bv_val ) {
- ch_free( dn->bv_val );
+ sl_free( dn->bv_val, op->o_tmpmemctx );
*dn = dn2;
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, ENTRY,