From: Howard Chu Date: Sat, 13 Dec 2003 22:43:01 +0000 (+0000) Subject: Use c_authmech when c_sasl_bind_mech is empty X-Git-Tag: OPENLDAP_REL_ENG_2_1_MP~198 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=0d8613c27458d7940ab0bfbbc115a8ccf7c4e14b;p=openldap Use c_authmech when c_sasl_bind_mech is empty --- diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index 781020b0e9..3575c80044 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -1716,7 +1716,7 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len, { char *c1; int rc, is_dn = SET_NONE, do_norm = 1; - struct berval dn2; + struct berval dn2, *mech; assert( conn ); @@ -1748,14 +1748,20 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len, len = 0; } + if ( conn->c_sasl_bind_mech.bv_len ) { + mech = &conn->c_sasl_bind_mech; + } else { + mech = &conn->c_authmech; + } + /* An authcID needs to be converted to authzID form. Set the * values directly into *dn; they will be normalized later. (and * normalizing always makes a new copy.) An ID from a TLS certificate * is already normalized, so copy it and skip normalization. */ if( flags & SLAP_GETDN_AUTHCID ) { - if( conn->c_sasl_bind_mech.bv_len == ext_bv.bv_len && - strcasecmp( ext_bv.bv_val, conn->c_sasl_bind_mech.bv_val ) == 0 ) + if( mech->bv_len == ext_bv.bv_len && + strcasecmp( ext_bv.bv_val, mech->bv_val ) == 0 ) { /* EXTERNAL DNs are already normalized */ do_norm = 0; @@ -1808,8 +1814,8 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len, len += strlen( user_realm ) + sizeof(",cn=")-1; } - if( conn->c_sasl_bind_mech.bv_len ) { - len += conn->c_sasl_bind_mech.bv_len + sizeof(",cn=")-1; + if( mech->bv_len ) { + len += mech->bv_len + sizeof(",cn=")-1; } /* Build the new dn */ @@ -1838,9 +1844,9 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len, p = lutil_strcopy( p, user_realm ); } - if( conn->c_sasl_bind_mech.bv_len ) { + if( mech->bv_len ) { p = lutil_strcopy( p, ",cn=" ); - p = lutil_strcopy( p, conn->c_sasl_bind_mech.bv_val ); + p = lutil_strcopy( p, mech->bv_val ); } p = lutil_strcopy( p, ",cn=auth" ); dn->bv_len = p - dn->bv_val;