X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fsasl.c;h=509cf7769244f52e2f9da57ec8067d9f0418002a;hb=HEAD;hp=137b7244cb8e947bd287ab7779b5d24b904f1991;hpb=21330494c5d72aeae365a85e932c2a069f6fb65c;p=openldap

diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c
index 137b7244cb..509cf77692 100644
--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2015 The OpenLDAP Foundation.
+ * Copyright 1998-2018 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -1644,10 +1644,15 @@ int slap_sasl_bind( Operation *op, SlapReply *rs )
 		/* If we already authenticated once, must use a new context */
 		if ( op->o_conn->c_sasl_done ) {
 			sasl_ssf_t ssf = 0;
+			sasl_ssf_t *ssfp = NULL;
 			const char *authid = NULL;
-			sasl_getprop( ctx, SASL_SSF_EXTERNAL, (void *)&ssf );
+
+			sasl_getprop( ctx, SASL_SSF_EXTERNAL, (void *)&ssfp );
+			if ( ssfp ) ssf = *ssfp;
+
 			sasl_getprop( ctx, SASL_AUTH_EXTERNAL, (void *)&authid );
 			if ( authid ) authid = ch_strdup( authid );
+
 			if ( ctx != op->o_conn->c_sasl_sockctx ) {
 				sasl_dispose( &ctx );
 			}
@@ -1655,8 +1660,8 @@ int slap_sasl_bind( Operation *op, SlapReply *rs )
 				
 			slap_sasl_open( op->o_conn, 1 );
 			ctx = op->o_conn->c_sasl_authctx;
+			sasl_setprop( ctx, SASL_SSF_EXTERNAL, &ssf );
 			if ( authid ) {
-				sasl_setprop( ctx, SASL_SSF_EXTERNAL, &ssf );
 				sasl_setprop( ctx, SASL_AUTH_EXTERNAL, authid );
 				ch_free( (char *)authid );
 			}