cb.sc_private = &sl;
- op.o_bd = select_backend( &op.o_req_ndn, 0, 1 );
+ op.o_bd = select_backend( &op.o_req_ndn, 1 );
if ( op.o_bd ) {
/* For rootdn, see if we can use the rootpw */
}
if (!conn || !op.o_req_ndn.bv_val) return SASL_BADPARAM;
- op.o_bd = select_backend( &op.o_req_ndn, 0, 1 );
+ op.o_bd = select_backend( &op.o_req_ndn, 1 );
if ( !op.o_bd || !op.o_bd->be_modify ) return SASL_FAIL;
*/
if ( flags == SASL_CU_AUTHID && !auxvals[SLAP_SASL_PROP_AUTHZ].values ) {
conn->c_sasl_dn.bv_val = (char *) in;
+ conn->c_sasl_dn.bv_len = 0;
} else if ( flags == SASL_CU_AUTHZID && conn->c_sasl_dn.bv_val ) {
rc = strcmp( in, conn->c_sasl_dn.bv_val );
conn->c_sasl_dn.bv_val = NULL;
if ( rc != LDAP_SUCCESS ) {
sasl_seterror( sconn, 0, ldap_err2string( rc ) );
return SASL_NOAUTHZ;
- }
+ }
names[0] = slap_propnames[which];
names[1] = NULL;
prop_set( props, names[0], (char *)&dn, sizeof( dn ) );
-
+
Debug( LDAP_DEBUG_ARGS, "SASL Canonicalize [conn=%ld]: %s=\"%s\"\n",
conn ? conn->c_connid : -1, names[0]+1,
dn.bv_val ? dn.bv_val : "<EMPTY>" );
int rc;
thrctx = ldap_pvt_thread_pool_context();
- op = (Operation *)&opbuf;
- connection_fake_init2( &conn, op, thrctx, 0 );
+ connection_fake_init2( &conn, &opbuf, thrctx, 0 );
+ op = &opbuf.ob_op;
op->o_tag = LDAP_REQ_SEARCH;
op->o_req_dn = op->o_req_ndn = sl->base;
- op->o_bd = select_backend( &op->o_req_ndn, 0, 1 );
+ op->o_bd = select_backend( &op->o_req_ndn, 1 );
if ( !op->o_bd ) {
return REWRITE_ERR;
}
ptr = op->ors_filterstr.bv_val = op->o_tmpalloc( rc + 1, op->o_tmpmemctx );
if ( sl->filter.bv_len ) {
ptr = lutil_strcopy( ptr, sl->filter.bv_val );
+ } else {
+ *ptr = '\0';
+ }
+ if ( filter ) {
+ strcpy( ptr, filter );
}
- strcpy( ptr, filter );
op->ors_filter = str2filter_x( op, op->ors_filterstr.bv_val );
if ( !op->ors_filter ) {
op->o_tmpfree( op->ors_filterstr.bv_val, op->o_tmpmemctx );
int slap_sasl_init( void )
{
-
-#ifdef ENABLE_REWRITE
- rewrite_mapper_register( &slapd_mapper );
-#endif
-
#ifdef HAVE_CYRUS_SASL
int rc;
static sasl_callback_t server_callbacks[] = {
{ SASL_CB_LOG, &slap_sasl_log, NULL },
{ SASL_CB_LIST_END, NULL, NULL }
};
+#endif
+#ifdef ENABLE_REWRITE
+ rewrite_mapper_register( &slapd_mapper );
+#endif
+
+#ifdef HAVE_CYRUS_SASL
#ifdef HAVE_SASL_VERSION
/* stringify the version number, sasl.h doesn't do it for us */
#define VSTR0(maj, min, pat) #maj "." #min "." #pat
sprintf( version, "%u.%d.%d", (unsigned)rc >> 24, (rc >> 16) & 0xff,
rc & 0xffff );
Debug( LDAP_DEBUG_ANY, "slap_sasl_init: SASL library version mismatch:"
- " expected " SASL_VERSION_STRING ","
- " got %s\n", version, 0, 0 );
+ " expected %s, got %s\n",
+ SASL_VERSION_STRING, version, 0 );
return -1;
}
#endif
send_ldap_sasl( op, rs );
} else {
+ if ( op->o_conn->c_sasl_dn.bv_len )
+ ch_free( op->o_conn->c_sasl_dn.bv_val );
+ BER_BVZERO( &op->o_conn->c_sasl_dn );
#if SASL_VERSION_MAJOR >= 2
rs->sr_text = sasl_errdetail( ctx );
#endif