#define SASL_CONST
#endif
-#include <ldap_pvt.h>
+#include "ldap_pvt.h"
+#include "lber_pvt.h"
/* Flags for telling slap_sasl_getdn() what type of identity is being passed */
#define FLAG_GETDN_AUTHCID 2
#define SET_DN 1
#define SET_U 2
-static struct berval ext_bv = { sizeof("EXTERNAL")-1, "EXTERNAL" };
+static struct berval ext_bv = BER_BVC( "EXTERNAL" );
int slap_sasl_getdn( Connection *conn, char *id, int len,
char *user_realm, struct berval *dn, int flags )
*/
if( flags & FLAG_GETDN_AUTHCID ) {
#ifdef HAVE_TLS
- if( conn->c_is_tls && conn->c_sasl_bind_mech.bv_len == ext_bv.bv_len
- && ( strcasecmp( ext_bv.bv_val, conn->c_sasl_bind_mech.bv_val ) == 0 ) ) {
+ if( conn->c_is_tls &&
+ conn->c_sasl_bind_mech.bv_len == ext_bv.bv_len &&
+ strcasecmp( ext_bv.bv_val, conn->c_sasl_bind_mech.bv_val ) == 0 )
+ {
/* X.509 DN is already normalized */
do_norm = 0;
is_dn = SET_DN;
Debug( LDAP_DEBUG_ANY, "sasl_server_init failed\n",
0, 0, 0 );
#endif
+#if SASL_VERSION_MAJOR < 2
+ /* A no-op used to make sure we linked with Cyrus 1.5 */
+ sasl_client_auth( NULL, NULL, NULL, 0, NULL, NULL );
+#endif
return -1;
}