idassert also in case of SASL mechs that do not set authcId

author Pierangelo Masarati <ando@openldap.org>

Sun, 9 Sep 2007 21:52:10 +0000 (21:52 +0000)

committer Pierangelo Masarati <ando@openldap.org>

Sun, 9 Sep 2007 21:52:10 +0000 (21:52 +0000)
author Pierangelo Masarati <ando@openldap.org>
Sun, 9 Sep 2007 21:52:10 +0000 (21:52 +0000)
committer Pierangelo Masarati <ando@openldap.org>
Sun, 9 Sep 2007 21:52:10 +0000 (21:52 +0000)
diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c

index 02485e8c1a6df05f3cf96284eaef41200fd23ee6..882058302a1eec5140561f50aa43296cf058dd1f 100644 (file)
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@@ -2249,7 +2249,8 @@ ldap_back_proxy_authz_ctrl(
          * but if it is not set this test fails.  We need a different
          * means to detect if idassert is enabled */
         if ( ( BER_BVISNULL( &si->si_bc.sb_authcId ) || BER_BVISEMPTY( &si->si_bc.sb_authcId ) )
-                       && ( BER_BVISNULL( &si->si_bc.sb_binddn ) || BER_BVISEMPTY( &si->si_bc.sb_binddn ) ) )
+               && ( BER_BVISNULL( &si->si_bc.sb_binddn ) || BER_BVISEMPTY( &si->si_bc.sb_binddn ) )
+               && BER_BVISNULL( &si->si_bc.sb_saslmech ) )
         {
                 goto done;
         }
author	Pierangelo Masarati <ando@openldap.org>
	Sun, 9 Sep 2007 21:52:10 +0000 (21:52 +0000)
committer	Pierangelo Masarati <ando@openldap.org>
	Sun, 9 Sep 2007 21:52:10 +0000 (21:52 +0000)