/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2015 The OpenLDAP Foundation.
+ * Copyright 1998-2017 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#define SASL_VERSION_FULL ((SASL_VERSION_MAJOR << 16) |\
(SASL_VERSION_MINOR << 8) | SASL_VERSION_STEP)
+#if SASL_VERSION_MINOR >= 0x020119 /* 2.1.25 */
+typedef sasl_callback_ft slap_sasl_cb_ft;
+#else
+typedef int (*slap_sasl_cb_ft)();
+#endif
+
static sasl_security_properties_t sasl_secprops;
#elif defined( SLAP_BUILTIN_SASL )
/*
}
}
+ /* we don't know anything about this, ignore it */
+ if ( !conn ) {
+ rc == LDAP_SUCCESS;
+ goto done;
+ }
+
/* Now see what else needs to be fetched */
for( i = 0; sl.list[i].name; i++ ) {
const char *name = sl.list[i].name;
}
}
}
+done:;
#if SASL_VERSION_FULL >= 0x020118
return rc != LDAP_SUCCESS ? SASL_FAIL : SASL_OK;
#endif
#ifdef HAVE_CYRUS_SASL
int rc;
static sasl_callback_t server_callbacks[] = {
- { SASL_CB_LOG, &slap_sasl_log, NULL },
- { SASL_CB_GETOPT, &slap_sasl_getopt, NULL },
+ { SASL_CB_LOG, (slap_sasl_cb_ft)&slap_sasl_log, NULL },
+ { SASL_CB_GETOPT, (slap_sasl_cb_ft)&slap_sasl_getopt, NULL },
{ SASL_CB_LIST_END, NULL, NULL }
};
#endif
conn->c_sasl_extra = session_callbacks;
session_callbacks[cb=0].id = SASL_CB_LOG;
- session_callbacks[cb].proc = &slap_sasl_log;
+ session_callbacks[cb].proc = (slap_sasl_cb_ft)&slap_sasl_log;
session_callbacks[cb++].context = conn;
session_callbacks[cb].id = SASL_CB_PROXY_POLICY;
- session_callbacks[cb].proc = &slap_sasl_authorize;
+ session_callbacks[cb].proc = (slap_sasl_cb_ft)&slap_sasl_authorize;
session_callbacks[cb++].context = conn;
session_callbacks[cb].id = SASL_CB_CANON_USER;
- session_callbacks[cb].proc = &slap_sasl_canonicalize;
+ session_callbacks[cb].proc = (slap_sasl_cb_ft)&slap_sasl_canonicalize;
session_callbacks[cb++].context = conn;
session_callbacks[cb].id = SASL_CB_LIST_END;
cb->critical = 0;
cb->data = (char *)(cb+1);
cb->len = cbv->bv_len;
- memcpy( cb->data, cbv->bv_val, cbv->bv_len );
+ memcpy( (void *)cb->data, cbv->bv_val, cbv->bv_len );
sasl_setprop( conn->c_sasl_authctx, SASL_CHANNEL_BINDING, cb );
conn->c_sasl_cbind = cb;
#endif
/* If we already authenticated once, must use a new context */
if ( op->o_conn->c_sasl_done ) {
sasl_ssf_t ssf = 0;
+ sasl_ssf_t *ssfp = NULL;
const char *authid = NULL;
- sasl_getprop( ctx, SASL_SSF_EXTERNAL, (void *)&ssf );
+
+ sasl_getprop( ctx, SASL_SSF_EXTERNAL, (void *)&ssfp );
+ if ( ssfp ) ssf = *ssfp;
+
sasl_getprop( ctx, SASL_AUTH_EXTERNAL, (void *)&authid );
if ( authid ) authid = ch_strdup( authid );
+
if ( ctx != op->o_conn->c_sasl_sockctx ) {
sasl_dispose( &ctx );
}
slap_sasl_open( op->o_conn, 1 );
ctx = op->o_conn->c_sasl_authctx;
+ sasl_setprop( ctx, SASL_SSF_EXTERNAL, &ssf );
if ( authid ) {
- sasl_setprop( ctx, SASL_SSF_EXTERNAL, &ssf );
sasl_setprop( ctx, SASL_AUTH_EXTERNAL, authid );
ch_free( (char *)authid );
}