ldap_int_sasl_open(
LDAP *ld,
LDAPConn *lc,
- const char * host,
- ber_len_t ssf )
+ const char * host )
{
int rc;
sasl_conn_t *ctx;
lc->lconn_sasl_ctx = ctx;
- if( ssf ) {
-#if SASL_VERSION_MAJOR >= 2
- (void) sasl_setprop( ctx, SASL_SSF_EXTERNAL,
- (void *) &ssf );
-#else
- sasl_external_properties_t extprops;
- memset(&extprops, 0L, sizeof(extprops));
- extprops.ssf = ssf;
-
- (void) sasl_setprop( ctx, SASL_SSF_EXTERNAL,
- (void *) &extprops );
-#endif
-#ifdef NEW_LOGGING
- LDAP_LOG ( TRANSPORT, DETAIL1,
- "ldap_int_sasl_open: ssf=%ld\n", (long) ssf, 0, 0 );
-#else
- Debug( LDAP_DEBUG_TRACE, "ldap_int_sasl_open: ssf=%ld\n",
- (long) ssf, 0, 0 );
-#endif
- }
-
return LDAP_SUCCESS;
}
LDAP_F (int) ldap_int_sasl_open LDAP_P((
LDAP *ld, LDAPConn *conn,
- const char* host, ber_len_t ssf ));
+ const char* host ));
LDAP_F (int) ldap_int_sasl_close LDAP_P(( LDAP *ld, LDAPConn *conn ));
LDAP_F (int) ldap_int_sasl_external LDAP_P((
int rc = -1;
#ifdef HAVE_CYRUS_SASL
char *sasl_host = NULL;
- int sasl_ssf = 0;
#endif
char *host;
int port, proto;
#ifdef HAVE_CYRUS_SASL
sasl_host = ldap_host_connected_to( conn->lconn_sb );
- sasl_ssf = LDAP_PVT_SASL_LOCAL_SSF;
#endif
break;
#endif /* LDAP_PF_LOCAL */
/* establish Cyrus SASL context prior to starting TLS so
that SASL EXTERNAL might be used */
if( sasl_host != NULL ) {
- ldap_int_sasl_open( ld, conn, sasl_host, sasl_ssf );
+ ldap_int_sasl_open( ld, conn, sasl_host );
LDAP_FREE( sasl_host );
}
- /* sasl_ssf is set redundantly. Should probably remove it from
- * the ldap_int_sasl_open call since the TLS ssf isn't known
- * yet anyway.
- */
if( proto == LDAP_PROTO_IPC ) {
char authid[sizeof("uidNumber=4294967295,gidNumber=4294967295,"
"cn=peercred,cn=external,cn=auth")];
sprintf( authid, "uidNumber=%d,gidNumber=%d,"
"cn=peercred,cn=external,cn=auth",
geteuid(), getegid() );
- ldap_int_sasl_external( ld, conn, authid, sasl_ssf );
+ ldap_int_sasl_external( ld, conn, authid, LDAP_PVT_SASL_LOCAL_SSF);
}
#endif
projects / openldap / commitdiff