More ldapbis cleanup

[openldap] / servers / slapd / sasl.c

diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c
index b985aa9650a8dd49e776f290845ad43577f323d6..484300bf6f36b8ce81345060d555cd2c57bc9b49 100644 (file)
--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2005 The OpenLDAP Foundation.
+ * Copyright 1998-2006 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -173,8 +173,7 @@ sasl_ap_lookup( Operation *op, SlapReply *rs )
        Attribute *a;
        const char *text;
        int rc, i;
-       slap_callback *tmp = op->o_callback;
-       lookup_info *sl = tmp->sc_private;
+       lookup_info *sl = (lookup_info *)op->o_callback->sc_private;
 
        if (rs->sr_type != REP_SEARCH) return 0;
 
@@ -222,9 +221,9 @@ sasl_ap_lookup( Operation *op, SlapReply *rs )
                for ( bv = a->a_vals; bv->bv_val; bv++ ) {
                        /* ITS#3846 don't give hashed passwords to SASL */
                        if ( ad == slap_schema.si_ad_userPassword &&
-                               bv->bv_val[0] == '{' ) {
-                               rc = lutil_passwd_scheme( bv->bv_val );
-                               if ( rc ) {
+                               bv->bv_val[0] == '{' /*}*/ )
+                       {
+                               if ( lutil_passwd_scheme( bv->bv_val ) ) {
                                        /* If it's not a recognized scheme, just assume it's
                                         * a cleartext password that happened to include brackets.
                                         *
@@ -234,11 +233,10 @@ sasl_ap_lookup( Operation *op, SlapReply *rs )
                                         * past the scheme name, skip this value.
                                         */
 #ifdef SLAPD_CLEARTEXT
-                                       if ( !strncasecmp( bv->bv_val, sc_cleartext.bv_val,
-                                               sc_cleartext.bv_len )) {
+                                       if ( !ber_bvstrcasecmp( bv, &sc_cleartext ) ) {
                                                struct berval cbv;
                                                cbv.bv_len = bv->bv_len - sc_cleartext.bv_len;
-                                               if ( cbv.bv_len ) {
+                                               if ( cbv.bv_len > 0 ) {
                                                        cbv.bv_val = bv->bv_val + sc_cleartext.bv_len;
                                                        sl->sparams->utils->prop_set( sl->sparams->propctx,
                                                                sl->list[i].name, cbv.bv_val, cbv.bv_len );
@@ -372,6 +370,7 @@ slap_auxprop_lookup(
                                SlapReply rs = {REP_RESULT};
                                op.o_hdr = conn->c_sasl_bindop->o_hdr;
                                op.o_tag = LDAP_REQ_SEARCH;
+                               op.o_dn = conn->c_ndn;
                                op.o_ndn = conn->c_ndn;
                                op.o_callback = &cb;
                                slap_op_time( &op.o_time, &op.o_tincr );
@@ -542,7 +541,7 @@ slap_sasl_canonicalize(
 {
        Connection *conn = (Connection *)context;
        struct propctx *props = sasl_auxprop_getctx( sconn );
-       struct propval auxvals[ SLAP_SASL_PROP_COUNT ] = { 0 };
+       struct propval auxvals[ SLAP_SASL_PROP_COUNT ] = { { 0 } };
        struct berval dn;
        int rc, which;
        const char *names[2];
@@ -658,7 +657,7 @@ slap_sasl_authorize(
         *      (SLAP_SASL_PROP_COUNT - 1)      because we skip "conn",
         *      + 1                             for NULL termination?
         */
-       struct propval auxvals[ SLAP_SASL_PROP_COUNT ] = { 0 };
+       struct propval auxvals[ SLAP_SASL_PROP_COUNT ] = { { 0 } };
        struct berval authcDN, authzDN = BER_BVNULL;
        int rc;