X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fcontrols.c;h=1900312250e856026279a1b2e7cc95c3ee3255e9;hb=89812424f4f844053cc2607e3e5e9382b0825bb8;hp=eed5c8bd796756d9cc3f13bee81a0aec7fa02532;hpb=f2a9089e4df315608a18b42daf999cd40791abf6;p=openldap

diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index eed5c8bd79..1900312250 100644
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2003 The OpenLDAP Foundation.
+ * Copyright 1998-2004 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -113,9 +113,11 @@ static struct slap_control control_defs[] = {
 	{ LDAP_CONTROL_SYNC,
 		SLAP_CTRL_HIDE|SLAP_CTRL_SEARCH, NULL,
 		parseLDAPsync, LDAP_SLIST_ENTRY_INITIALIZER(next) },
+#ifdef LDAP_CONTROL_MODIFY_INCREMENT
 	{ LDAP_CONTROL_MODIFY_INCREMENT,
 		SLAP_CTRL_HIDE|SLAP_CTRL_MODIFY, NULL,
 		parseModifyIncrement, LDAP_SLIST_ENTRY_INITIALIZER(next) },
+#endif
 	{ LDAP_CONTROL_MANAGEDSAIT,
 		SLAP_CTRL_ACCESS, NULL,
 		parseManageDSAit, LDAP_SLIST_ENTRY_INITIALIZER(next) },
@@ -748,46 +750,17 @@ static int parseProxyAuthz (
 		return LDAP_SUCCESS;
 	}
 
-	/* FIXME: how can we get the realm? */
-	{
-		int	rc;
-		char		buf[ SLAP_LDAPDN_MAXLEN ];
-		struct berval	id,
-				user = { 0, NULL },
-				realm = { 0, NULL },
-				mech = { 0, NULL };
-
-		if ( sizeof( buf ) <= ctrl->ldctl_value.bv_len ) {
-			return LDAP_INVALID_SYNTAX;
-		}
-
-		id.bv_len = ctrl->ldctl_value.bv_len;
-		id.bv_val = buf;
-		strncpy( buf, ctrl->ldctl_value.bv_val, sizeof( buf ) );
-
-		rc = slap_parse_user( &id, &user, &realm, &mech );
-		if ( rc == LDAP_SUCCESS ) {
-			struct berval authz = BER_BVC( "AUTHZ" );
+	rc = slap_sasl_getdn( op->o_conn, op,
+			ctrl->ldctl_value.bv_val, ctrl->ldctl_value.bv_len,
+			NULL, &dn, SLAP_GETDN_AUTHZID );
 
-			if ( mech.bv_len && !bvmatch( &mech, &authz) ) {
-				rs->sr_text = "mech not allowed in authzId";
-				return LDAP_PROXY_AUTHZ_FAILURE;
-			}
-		} else {
-			user = ctrl->ldctl_value;
+	if( rc != LDAP_SUCCESS || !dn.bv_len ) {
+		if ( dn.bv_val ) {
+			ch_free( dn.bv_val );
 		}
+		rs->sr_text = "authzId mapping failed";
+		return LDAP_PROXY_AUTHZ_FAILURE;
 
-		rc = slap_sasl_getdn( op->o_conn, op,
-				user.bv_val, user.bv_len,
-				realm.bv_val, &dn, SLAP_GETDN_AUTHZID );
-
-		if( rc != LDAP_SUCCESS || !dn.bv_len ) {
-			if ( dn.bv_val ) {
-				ch_free( dn.bv_val );
-			}
-			rs->sr_text = "authzId mapping failed";
-			return LDAP_PROXY_AUTHZ_FAILURE;
-		}
 	}
 
 #ifdef NEW_LOGGING