Commit of the Proxy Cache contribution (ITS#2062)

[openldap] / servers / slapd / saslauthz.c

diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c
index 75007d86f4d6d78358e1d4a84720db9bd2f1b10e..3dc0158afc8e950f7ecd1ed5f8deca70bf8de592 100644 (file)
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -463,7 +463,6 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert
                rc = LDAP_INAPPROPRIATE_AUTH;
                goto CONCLUDED;
        }
-       suffix_alias( be, &searchbase );
 
        sm.dn = assertDN;
        sm.match = 0;
@@ -628,7 +627,6 @@ void slap_sasl2dn( Connection *conn,
        if(( be == NULL ) || ( be->be_search == NULL)) {
                goto FINISHED;
        }
-       suffix_alias( be, &dn );
 
        op.o_tag = LDAP_REQ_SEARCH;
        op.o_protocol = LDAP_VERSION3;
@@ -636,7 +634,8 @@ void slap_sasl2dn( Connection *conn,
        op.o_callback = &cb;
        op.o_time = slap_get_time();
        op.o_do_not_cache = 1;
-       op.o_threadctx = conn->c_sasl_bindop->o_threadctx;
+       op.o_threadctx = conn->c_sasl_bindop ? conn->c_sasl_bindop->o_threadctx:
+               ldap_pvt_thread_pool_context( &connection_pool );
 
        (*be->be_search)( be, conn, &op, NULL, &dn,
                scope, LDAP_DEREF_NEVER, 1, 0,
@@ -694,7 +693,7 @@ int slap_sasl_authorized( Connection *conn,
        }
 
        /* Allow the manager to authorize as any DN. */
-       if( be_isroot( conn->c_authz_backend, authcDN )) {
+       if( conn->c_authz_backend && be_isroot( conn->c_authz_backend, authcDN )) {
                rc = LDAP_SUCCESS;
                goto DONE;
        }