From a073e28510b40911c23ad78a481bad37fbbe768a Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Sat, 13 Jul 2002 00:11:03 +0000
Subject: [PATCH] Fix setting c_authz_backend for SASL binds:   in
 slap_sasl2dn, make sure it's set for base DN searches as well.   in do_bind,
 don't zero it during multi-stage binds.

---
 servers/slapd/bind.c      | 2 ++
 servers/slapd/saslauthz.c | 3 +--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c
index 45c2fab3fb..81898e3ea0 100644
--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -57,7 +57,9 @@ do_bind(
 	 * Force to connection to "anonymous" until bind succeeds.
 	 */
 	ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+	if ( conn->c_sasl_bind_in_progress ) be = conn->c_authz_backend;
 	connection2anonymous( conn );
+	if ( conn->c_sasl_bind_in_progress ) conn->c_authz_backend = be;
 	ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
 
 	if ( op->o_dn.bv_val != NULL ) {
diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c
index b6a9cd9420..ea2fa2430f 100644
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -495,11 +495,10 @@ void slap_sasl2dn( Connection *conn, struct berval *saslname, struct berval *dn
 		uri.scope, LDAP_DEREF_NEVER, 1, 0,
 		filter, NULL, NULL, 1 );
 	
+FINISHED:
 	if( dn->bv_len ) {
 		conn->c_authz_backend = be;
 	}
-
-FINISHED:
 	if( uri.dn.bv_len ) ch_free( uri.dn.bv_val );
 	if( uri.filter.bv_len ) ch_free( uri.filter.bv_val );
 	if( filter ) filter_free( filter );
-- 
2.39.5