]> git.sur5r.net Git - openldap/commitdiff
projects / openldap / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d9aec4e)
Fix prev commit, use c_authtype
authorHoward Chu <hyc@openldap.org>
Sat, 13 Dec 2003 22:16:03 +0000 (22:16 +0000)
committerHoward Chu <hyc@openldap.org>
Sat, 13 Dec 2003 22:16:03 +0000 (22:16 +0000)
servers/slapd/backend.c patch | blob | history
servers/slapd/bind.c patch | blob | history

diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c
index a9462bb7406ce40585d235c69b599e5a92b03d54..1a6a1e6eeb1cc51aeb28fcf12eadece09105ddc7 100644 (file)
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -1035,7 +1035,7 @@ backend_check_restrictions(
                if( requires & SLAP_REQUIRE_STRONG ) {
                        /* should check mechanism */
                        if( ( op->o_transport_ssf < ssf->sss_transport
-                               && op->o_authmech.bv_len == 0 ) || op->o_dn.bv_len == 0 )
+                               && op->o_authtype == LDAP_AUTH_SIMPLE ) || op->o_dn.bv_len == 0 )
                        {
                                rs->sr_text = "strong authentication required";
                                rs->sr_err = LDAP_STRONG_AUTH_REQUIRED;
@@ -1044,7 +1044,7 @@ backend_check_restrictions(
                }
 
                if( requires & SLAP_REQUIRE_SASL ) {
-                       if( op->o_authmech.bv_len == 0 || op->o_dn.bv_len == 0 ) {
+                       if( op->o_authtype != LDAP_AUTH_SASL || op->o_dn.bv_len == 0 ) {
                                rs->sr_text = "SASL authentication required";
                                rs->sr_err = LDAP_STRONG_AUTH_REQUIRED;
                                return rs->sr_err;
diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c
index 15eae9758d98298ddd27bbe4c809bfb934e554bb..68d39f07663b44dc185cb7f961c3221b6098b72e 100644 (file)
--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -684,8 +684,11 @@ do_bind(
 #endif /* defined( LDAP_SLAPI ) */
 
 cleanup:
-       if ( rs->sr_err == LDAP_SUCCESS && method != LDAP_AUTH_SASL ) {
-               ber_dupbv( &op->o_conn->c_authmech, &mech );
+       if ( rs->sr_err == LDAP_SUCCESS ) {
+               if ( method != LDAP_AUTH_SASL ) {
+                       ber_dupbv( &op->o_conn->c_authmech, &mech );
+               }
+               op->o_conn->c_authtype = method;
        }
 
        op->o_conn->c_sasl_bindop = NULL;
Cloned from git://git.openldap.org/openldap.git