more bindconf cleanup

diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index 500a64c4680980b81d3c2ffd77de79239ea3cd2c..07286b218a9e966e7c27f12322ef1ddba844fc62 100644 (file)
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -725,10 +725,10 @@ static cf_aux_table bindkey[] = {
        { BER_BVC("bindmethod="), offsetof(slap_bindconf, sb_method), 'd', 0, methkey },
        { BER_BVC("binddn="), offsetof(slap_bindconf, sb_binddn), 'b', 1, NULL },
        { BER_BVC("credentials="), offsetof(slap_bindconf, sb_cred), 'b', 1, NULL },
-       { BER_BVC("saslmech="), offsetof(slap_bindconf, sb_saslmech), 's', 0, NULL },
+       { BER_BVC("saslmech="), offsetof(slap_bindconf, sb_saslmech), 'b', 0, NULL },
        { BER_BVC("secprops="), offsetof(slap_bindconf, sb_secprops), 's', 0, NULL },
-       { BER_BVC("realm="), offsetof(slap_bindconf, sb_realm), 's', 0, NULL },
-       { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 's', 0, NULL },
+       { BER_BVC("realm="), offsetof(slap_bindconf, sb_realm), 'b', 0, NULL },
+       { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 0, NULL },
        { BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, NULL },
        { BER_BVNULL, 0, 0, 0, NULL }
 };
@@ -831,24 +831,31 @@ int bindconf_unparse( slap_bindconf *bc, struct berval *bv ) {
 void bindconf_free( slap_bindconf *bc ) {
        if ( !BER_BVISNULL( &bc->sb_binddn ) ) {
                ch_free( bc->sb_binddn.bv_val );
+               BER_BVZERO( &bc->sb_binddn );
        }
        if ( !BER_BVISNULL( &bc->sb_cred ) ) {
                ch_free( bc->sb_cred.bv_val );
+               BER_BVZERO( &bc->sb_cred );
        }
-       if ( bc->sb_saslmech ) {
-               ch_free( bc->sb_saslmech );
+       if ( !BER_BVISNULL( &bc->sb_saslmech ) ) {
+               ch_free( bc->sb_saslmech.bv_val );
+               BER_BVZERO( &bc->sb_saslmech );
        }
        if ( bc->sb_secprops ) {
                ch_free( bc->sb_secprops );
+               bc->sb_secprops = NULL;
        }
-       if ( bc->sb_realm ) {
-               ch_free( bc->sb_realm );
+       if ( !BER_BVISNULL( &bc->sb_realm ) ) {
+               ch_free( bc->sb_realm.bv_val );
+               BER_BVZERO( &bc->sb_realm );
        }
-       if ( bc->sb_authcId ) {
-               ch_free( bc->sb_authcId );
+       if ( !BER_BVISNULL( &bc->sb_authcId ) ) {
+               ch_free( bc->sb_authcId.bv_val );
+               BER_BVZERO( &bc->sb_authcId );
        }
        if ( !BER_BVISNULL( &bc->sb_authzId ) ) {
                ch_free( bc->sb_authzId.bv_val );
+               BER_BVZERO( &bc->sb_authzId );
        }
 }
 

diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index 3ab274a426218f3b7b0a6e0bf5230f8f06bc0f23..18ab4df30a590ae77ae03fc447f3bc4466ece5b5 100644 (file)
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -1481,10 +1481,10 @@ typedef struct slap_bindconf {
        int sb_method;
        struct berval sb_binddn;
        struct berval sb_cred;
-       char *sb_saslmech;
+       struct berval sb_saslmech;
        char *sb_secprops;
-       char *sb_realm;
-       char *sb_authcId;
+       struct berval sb_realm;
+       struct berval sb_authcId;
        struct berval sb_authzId;
 } slap_bindconf;
 

diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c
index baf41a0555bfa8e46dbb933fa64194d2dd2d90ba..48d9faf53c8918ade107b8f0d751b0be5b6ab067 100644 (file)
--- a/servers/slapd/syncrepl.c
+++ b/servers/slapd/syncrepl.c
@@ -322,13 +322,16 @@ do_syncrep1(
                        }
                }
 
-               defaults = lutil_sasl_defaults( si->si_ld, si->si_bindconf.sb_saslmech,
-                       si->si_bindconf.sb_realm, si->si_bindconf.sb_authcId,
-                       si->si_bindconf.sb_cred.bv_val, si->si_bindconf.sb_authzId.bv_val );
+               defaults = lutil_sasl_defaults( si->si_ld,
+                       si->si_bindconf.sb_saslmech.bv_val,
+                       si->si_bindconf.sb_realm.bv_val,
+                       si->si_bindconf.sb_authcId.bv_val,
+                       si->si_bindconf.sb_cred.bv_val,
+                       si->si_bindconf.sb_authzId.bv_val );
 
                rc = ldap_sasl_interactive_bind_s( si->si_ld,
                                si->si_bindconf.sb_binddn.bv_val,
-                               si->si_bindconf.sb_saslmech,
+                               si->si_bindconf.sb_saslmech.bv_val,
                                NULL, NULL,
                                LDAP_SASL_QUIET,
                                lutil_sasl_interact,
@@ -341,13 +344,15 @@ do_syncrep1(
                 *      2) on err policy : exit, retry, backoff ...
                 */
                if ( rc != LDAP_SUCCESS ) {
+                       static struct berval bv_GSSAPI = BER_BVC( "GSSAPI" );
+
                        Debug( LDAP_DEBUG_ANY, "do_syncrep1: "
                                "ldap_sasl_interactive_bind_s failed (%d)\n",
                                rc, 0, 0 );
 
                        /* FIXME (see above comment) */
                        /* if Kerberos credentials cache is not active, retry */
-                       if ( strcmp( si->si_bindconf.sb_saslmech, "GSSAPI" ) == 0 &&
+                       if ( ber_bvcmp( &si->si_bindconf.sb_saslmech, &bv_GSSAPI ) == 0 &&
                                rc == LDAP_LOCAL_ERROR )
                        {
                                rc = LDAP_SERVER_DOWN;