From bb06fd8d6b9df6d07787bdbb950abe1841c73cd1 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Tue, 18 Sep 2001 03:10:05 +0000
Subject: [PATCH] Fix crashes for SASL/EXTERNAL binds:   in slap_sasl_getdn,
 test id, not dn. dn is still NULL   also, don't check for trailing slash   in
 slap_sasl_bind, initialize reslen to 0

---
 servers/slapd/sasl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c
index 29a83f5ada..3bcc33b738 100644
--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -112,7 +112,7 @@ int slap_sasl_getdn( Connection *conn, char *id, char **dnptr, int flags )
 	if( flags & FLAG_GETDN_AUTHCID ) {
 		if( sasl_external_x509dn_convert && conn->c_sasl_bind_mech
 			&& ( strcasecmp( "EXTERNAL", conn->c_sasl_bind_mech ) == 0 ) 
-			&& len && dn[0] == '/' && dn[len-1]== '/' )
+			&& len && id[0] == '/' /* && id[len-1]== '/' */)
 		{
 			/* check SASL external for X.509 style DN and */
 			/* convert to dn:<dn> form */
@@ -611,7 +611,7 @@ int slap_sasl_bind(
 #ifdef HAVE_CYRUS_SASL
 	sasl_conn_t *ctx = conn->c_sasl_context;
 	struct berval response;
-	unsigned reslen;
+	unsigned reslen = 0;
 	const char *errstr;
 	int sc;
 
-- 
2.39.5