From: Kurt Zeilenga <kurt@openldap.org>
Date: Sat, 28 Aug 2004 01:08:24 +0000 (+0000)
Subject: Referrals should not (except in special cases) be
X-Git-Tag: OPENLDAP_REL_ENG_2_3_0ALPHA~616
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=49bd9befa4c721b4b65c153be2b4bc7a2467df65;p=openldap

Referrals should not (except in special cases) be
returned for Bind operations, instead invalidCreditials
should be returned.
---

diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c
index 7fcf4b4986..dc0cefe8e4 100644
--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -550,22 +550,10 @@ fe_op_bind( Operation *op, SlapReply *rs )
 	 */
 
 	if ( (op->o_bd = select_backend( &op->o_req_ndn, 0, 0 )) == NULL ) {
-		if ( default_referral ) {
-			rs->sr_ref = referral_rewrite( default_referral,
-				NULL, &op->o_req_dn, LDAP_SCOPE_DEFAULT );
-			if (!rs->sr_ref) rs->sr_ref = default_referral;
-
-			rs->sr_err = LDAP_REFERRAL;
-			send_ldap_result( op, rs );
-
-			if (rs->sr_ref != default_referral) ber_bvarray_free( rs->sr_ref );
-
-		} else {
-			/* noSuchObject is not allowed to be returned by bind */
-			rs->sr_err = LDAP_INVALID_CREDENTIALS;
-			send_ldap_result( op, rs );
-		}
-
+		/* don't return referral for bind requests */
+		/* noSuchObject is not allowed to be returned by bind */
+		rs->sr_err = LDAP_INVALID_CREDENTIALS;
+		send_ldap_result( op, rs );
 		goto cleanup;
 	}