X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fbind.c;h=1129fa6f43793cff77935abd925be92935440582;hb=69343add5ac17c2300e256c85acf3279298a0fbe;hp=6e476a052662a28a0826235e993dcd0c0b08356a;hpb=af4cb85d8bd7415fe9eb956fea1a4edc312a1e1d;p=openldap

diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c
index 6e476a0526..1129fa6f43 100644
--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -232,7 +232,6 @@ do_bind(
 	}
 
 	/* Set the bindop for the benefit of in-directory SASL lookups */
-	ldap_pvt_thread_mutex_lock( &conn->c_sasl_bindmutex );
 	conn->c_sasl_bindop = op;
 
 	if ( method == LDAP_AUTH_SASL ) {
@@ -278,7 +277,7 @@ do_bind(
 
 		ldap_pvt_thread_mutex_lock( &conn->c_mutex );
 		if ( conn->c_sasl_bind_in_progress ) {
-			if((ber_bvcmp(&conn->c_sasl_bind_mech, &mech) != 0)) {
+			if( !bvmatch( &conn->c_sasl_bind_mech, &mech ) ) {
 				/* mechanism changed between bind steps */
 				slap_sasl_reset(conn);
 			}
@@ -311,7 +310,7 @@ do_bind(
 			}
 
 			if( conn->c_dn.bv_len != 0 ) {
-				ber_len_t max = sockbuf_max_incoming;
+				ber_len_t max = sockbuf_max_incoming_auth;
 				ber_sockbuf_ctrl( conn->c_sb,
 					LBER_SB_OPT_SET_MAX_INCOMING, &max );
 			}
@@ -420,7 +419,7 @@ do_bind(
 			goto cleanup;
 
 		} else if (( global_disallows & SLAP_DISALLOW_BIND_SIMPLE_UNPROTECTED )
-			&& ( op->o_ssf < global_ssf_set.sss_ssf ))
+			&& ( op->o_ssf <= 1 ))
 		{
 			rc = LDAP_CONFIDENTIALITY_REQUIRED;
 			text = "unwilling to perform simple authentication "
@@ -542,7 +541,7 @@ do_bind(
 			ndn.bv_len = 0;
 
 			if( conn->c_dn.bv_len != 0 ) {
-				ber_len_t max = sockbuf_max_incoming;
+				ber_len_t max = sockbuf_max_incoming_auth;
 				ber_sockbuf_ctrl( conn->c_sb,
 					LBER_SB_OPT_SET_MAX_INCOMING, &max );
 			}
@@ -574,10 +573,7 @@ do_bind(
 	}
 
 cleanup:
-	if( conn->c_sasl_bindop != NULL ) {
-		ldap_pvt_thread_mutex_unlock( &conn->c_sasl_bindmutex );
-		conn->c_sasl_bindop = NULL;
-	}
+	conn->c_sasl_bindop = NULL;
 
 	if( pdn.bv_val != NULL ) {
 		free( pdn.bv_val );