cleanup ITS#4781 enhancement

author Pierangelo Masarati <ando@openldap.org>

Sat, 6 Jan 2007 00:45:02 +0000 (00:45 +0000)

committer Pierangelo Masarati <ando@openldap.org>

Sat, 6 Jan 2007 00:45:02 +0000 (00:45 +0000)
author Pierangelo Masarati <ando@openldap.org>
Sat, 6 Jan 2007 00:45:02 +0000 (00:45 +0000)
committer Pierangelo Masarati <ando@openldap.org>
Sat, 6 Jan 2007 00:45:02 +0000 (00:45 +0000)
diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c

index d1428c12043e8bfc0941be966e170b474452d96b..7632a5732140b41172f97944f49b388378accf36 100644 (file)
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@@ -1919,7 +1919,10 @@ ldap_back_is_proxy_authz( Operation *op, SlapReply *rs, ldap_back_send_t sendok,
  
         default:
                 /* NOTE: rootdn can always idassert */
-               if ( BER_BVISNULL( &ndn ) && li->li_idassert_authz == NULL ) {
+               if ( BER_BVISNULL( &ndn )
+                       && li->li_idassert_authz == NULL
+                       && !( li->li_idassert_flags & LDAP_BACK_AUTH_AUTHZ_ALL ) )
+               {
                         if ( li->li_idassert_flags & LDAP_BACK_AUTH_PRESCRIPTIVE ) {
                                 rs->sr_err = LDAP_INAPPROPRIATE_AUTH;
                                 if ( sendok & LDAP_BACK_SENDERR ) {
author	Pierangelo Masarati <ando@openldap.org>
	Sat, 6 Jan 2007 00:45:02 +0000 (00:45 +0000)
committer	Pierangelo Masarati <ando@openldap.org>
	Sat, 6 Jan 2007 00:45:02 +0000 (00:45 +0000)