X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fsaslauthz.c;h=24ccf062b496ce9bded6320abf307d3999edd821;hb=9fbcc90bd5578c85fd1e3d5845a3ef6121cefc7a;hp=82e68378b9897464dc80c1090ab54aac06f6cbf2;hpb=e69c9067c2b6c968e05a89266ef833cbe04231e6;p=openldap diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c index 82e68378b9..24ccf062b4 100644 --- a/servers/slapd/saslauthz.c +++ b/servers/slapd/saslauthz.c @@ -98,7 +98,7 @@ static int slap_parseURI( struct berval *uri, bv.bv_val = uri->bv_val + sizeof("dn:")-1; bv.bv_val += strspn( bv.bv_val, " " ); -is_dn: bv.bv_len = uri->bv_len - (bv.bv_val - uri->bv_val); +is_dn: bv.bv_len = uri->bv_len - (bv.bv_val - uri->bv_val); rc = dnNormalize2( NULL, &bv, searchbase ); if( rc == LDAP_SUCCESS ) { @@ -286,7 +286,6 @@ static void slap_sasl_rx_exp( static int slap_sasl_regexp( struct berval *in, struct berval *out ) { char *saslname = in->bv_val; - char *scope[] = { "base", "one", "sub" }; SaslRegexp_t *reg; int i; @@ -327,7 +326,7 @@ static int slap_sasl_regexp( struct berval *in, struct berval *out ) out->bv_len ? out->bv_val : "", 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, - "slap_sasl_regexp: converted SASL name to ldap:///%s??%s?%s\n", + "slap_sasl_regexp: converted SASL name to %s\n", out->bv_len ? out->bv_val : "", 0, 0 ); #endif @@ -335,14 +334,14 @@ static int slap_sasl_regexp( struct berval *in, struct berval *out ) } /* Two empty callback functions to avoid sending results */ -static void sasl_sc_r( Connection *conn, Operation *o, ber_tag_t tag, +void slap_cb_null_response( Connection *conn, Operation *o, ber_tag_t tag, ber_int_t msgid, ber_int_t err, const char *matched, const char *text, BerVarray ref, const char *resoid, struct berval *resdata, struct berval *sasldata, LDAPControl **c) { } -static void sasl_sc_s( Connection *conn, Operation *o, ber_int_t err, +void slap_cb_null_sresult( Connection *conn, Operation *o, ber_int_t err, const char *matched, const char *text, BerVarray refs, LDAPControl **c, int nentries) { @@ -386,11 +385,11 @@ void slap_sasl2dn( Connection *conn, struct berval *saslname, struct berval *sasldn ) { int rc; - Backend *be; + Backend *be = NULL; struct berval dn = { 0, NULL }; int scope = LDAP_SCOPE_BASE; Filter *filter = NULL; - slap_callback cb = {sasl_sc_r, sasl_sc_s, sasl_sc_sasl2dn, NULL}; + slap_callback cb = {slap_cb_null_response, slap_cb_null_sresult, sasl_sc_sasl2dn, NULL}; Operation op = {0}; struct berval regout = { 0, NULL }; @@ -450,6 +449,7 @@ void slap_sasl2dn( Connection *conn, op.o_callback = &cb; op.o_time = slap_get_time(); op.o_do_not_cache = 1; + op.o_threadctx = conn->c_sasl_bindop->o_threadctx; (*be->be_search)( be, conn, &op, NULL, &dn, scope, LDAP_DEREF_NEVER, 1, 0, @@ -510,7 +510,7 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert Filter *filter=NULL; regex_t reg; smatch_info sm; - slap_callback cb = { sasl_sc_r, sasl_sc_s, sasl_sc_smatch, NULL }; + slap_callback cb = { slap_cb_null_response, slap_cb_null_sresult, sasl_sc_smatch, NULL }; Operation op = {0}; #ifdef NEW_LOGGING @@ -570,6 +570,7 @@ int slap_sasl_match(Connection *conn, struct berval *rule, struct berval *assert op.o_callback = &cb; op.o_time = slap_get_time(); op.o_do_not_cache = 1; + op.o_threadctx = conn->c_sasl_bindop->o_threadctx; (*be->be_search)( be, conn, &op, /*base=*/NULL, &searchbase, scope, /*deref=*/1, /*sizelimit=*/0, /*time=*/0, filter, /*fstr=*/NULL, @@ -615,15 +616,16 @@ slap_sasl_check_authz( Connection *conn, #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, ENTRY, - "slap_sasl_check_authz: does %s match %s rule in %s?\n", - assertDN->bv_val, ad->ad_cname.bv_val, searchDN->bv_val); + "slap_sasl_check_authz: does %s match %s rule in %s?\n", + assertDN->bv_val, ad->ad_cname.bv_val, searchDN->bv_val); #else Debug( LDAP_DEBUG_TRACE, "==>slap_sasl_check_authz: does %s match %s rule in %s?\n", assertDN->bv_val, ad->ad_cname.bv_val, searchDN->bv_val); #endif - rc = backend_attribute( NULL, NULL, NULL, NULL, searchDN, ad, &vals ); + rc = backend_attribute( NULL, NULL, conn->c_sasl_bindop, NULL, + searchDN, ad, &vals ); if( rc != LDAP_SUCCESS ) goto COMPLETE; @@ -640,11 +642,12 @@ COMPLETE: #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, RESULTS, - "slap_sasl_check_authz: %s check returning %s\n", - ad->ad_cname.bv_val, rc, 0 ); + "slap_sasl_check_authz: %s check returning %s\n", + ad->ad_cname.bv_val, rc, 0 ); #else Debug( LDAP_DEBUG_TRACE, - "<==slap_sasl_check_authz: %s check returning %d\n", ad->ad_cname.bv_val, rc, 0); + "<==slap_sasl_check_authz: %s check returning %d\n", + ad->ad_cname.bv_val, rc, 0); #endif return( rc );