From: Howard Chu Date: Sat, 11 Nov 2006 22:55:09 +0000 (+0000) Subject: ITS#4744 authzTo/authzFrom patterns are supposed to allow multiple targets. X-Git-Tag: OPENLDAP_REL_ENG_2_4_4ALPHA~8^2~488 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=161574b00d68456a0f24d5e364853d923ef5ba8b;p=openldap ITS#4744 authzTo/authzFrom patterns are supposed to allow multiple targets. Partially revert rev 1.126. --- diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c index 3fd24ad87d..60f1879fca 100644 --- a/servers/slapd/saslauthz.c +++ b/servers/slapd/saslauthz.c @@ -1623,26 +1623,14 @@ static int sasl_sc_smatch( Operation *o, SlapReply *rs ) { smatch_info *sm = o->o_callback->sc_private; - if ( rs->sr_type != REP_SEARCH ) { - if ( rs->sr_err != LDAP_SUCCESS ) { - sm->match = -1; - } - return 0; - } - - if ( sm->match == 1 ) { - sm->match = -1; - return 0; - } + if (rs->sr_type != REP_SEARCH) return 0; if (dn_match(sm->dn, &rs->sr_entry->e_nname)) { sm->match = 1; - - } else { - sm->match = -1; + return -1; /* short-circuit the search */ } - return 0; + return 1; } int @@ -1859,7 +1847,7 @@ exact_match: op.o_bd->be_search( &op, &rs ); - if (sm.match == 1) { + if (sm.match) { rc = LDAP_SUCCESS; } else { rc = LDAP_INAPPROPRIATE_AUTH;