From: Howard Chu <hyc@openldap.org>
Date: Sat, 7 Dec 2002 13:06:20 +0000 (+0000)
Subject: For LDAP_PROTO_IPC set the SASL EXTERNAL authid to allow the mech to be
X-Git-Tag: NO_SLAP_OP_BLOCKS~715
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=cf6a9d9d0f0b2bcacab72a87531df5df56ca08ef;p=openldap

For LDAP_PROTO_IPC set the SASL EXTERNAL authid to allow the mech to be
used by the client side. Please review.
---

diff --git a/libraries/libldap/open.c b/libraries/libldap/open.c
index 8030790a94..1d2a7d62c6 100644
--- a/libraries/libldap/open.c
+++ b/libraries/libldap/open.c
@@ -353,6 +353,15 @@ ldap_int_open_connection(
 		ldap_int_sasl_open( ld, conn, sasl_host, sasl_ssf );
 		LDAP_FREE( sasl_host );
 	}
+	/* sasl_ssf is set redundantly. Should probably remove it from
+	 * the ldap_int_sasl_open call since the TLS ssf isn't known
+	 * yet anyway.
+	 */
+	if( proto == LDAP_PROTO_IPC ) {
+		char authid[64];
+		sprintf( authid, "uid=%d+gid=%d", geteuid(), getegid() );
+		ldap_int_sasl_external( ld, conn, authid, sasl_ssf );
+	}
 #endif
 
 #ifdef HAVE_TLS