From: Kurt Zeilenga <kurt@openldap.org>
Date: Thu, 7 Sep 2000 22:07:02 +0000 (+0000)
Subject: Import slapd portion of Kbind fix (ITS#717)
X-Git-Tag: OPENLDAP_REL_ENG_2_0_2~22
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=926b96664d2528949f7a659af71b6dcd189c026f;p=openldap

Import slapd portion of Kbind fix (ITS#717)
---

diff --git a/CHANGES b/CHANGES
index 889b760343..c166f8c014 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,7 +1,7 @@
 OpenLDAP 2.0 Change Log
 
 OpenLDAP 2.0.X Engineering
-	Fixed clients & -lldap KBIND (ITS#717)
+	Fixed KBIND (ITS#717)
 	Fixed clients/tools -R handling
 	Fixed ldappasswd -A -S crash (ITS#714)
 	Fixed ldappasswd user argument usage
diff --git a/servers/slapd/back-ldbm/bind.c b/servers/slapd/back-ldbm/bind.c
index 449fac2ee1..73dddc18bb 100644
--- a/servers/slapd/back-ldbm/bind.c
+++ b/servers/slapd/back-ldbm/bind.c
@@ -37,6 +37,7 @@ ldbm_back_bind(
 	Entry		*matched;
 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
 	char		krbname[MAX_K_NAME_SZ + 1];
+	AttributeDescription *krbattr = slap_schema.si_ad_krbName;
 	AUTH_DAT	ad;
 #endif
 
@@ -185,7 +186,7 @@ ldbm_back_bind(
 		}
 
 		if ( ! access_allowed( be, conn, op, e,
-			"krbname", NULL, ACL_AUTH ) )
+			krbattr, NULL, ACL_AUTH ) )
 		{
 			send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
 				NULL, NULL, NULL, NULL );
@@ -196,7 +197,7 @@ ldbm_back_bind(
 		sprintf( krbname, "%s%s%s@%s", ad.pname, *ad.pinst ? "."
 		    : "", ad.pinst, ad.prealm );
 
-		if ( (a = attr_find( e->e_attrs, "krbname" )) == NULL ) {
+		if ( (a = attr_find( e->e_attrs, krbattr )) == NULL ) {
 			/*
 			 * no krbname values present:  check against DN
 			 */
@@ -215,7 +216,7 @@ ldbm_back_bind(
 			krbval.bv_val = krbname;
 			krbval.bv_len = strlen( krbname );
 
-			if ( value_find( a->a_vals, &krbval, a->a_syntax, 3 ) != 0 ) {
+			if ( value_find( a->a_desc, a->a_vals, &krbval ) != 0 ) {
 				send_ldap_result( conn, op,
 				    LDAP_INVALID_CREDENTIALS,
 					NULL, NULL, NULL, NULL );