upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-02-18 18:18:06 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

slurpd TLS/SASL fixes to resolve ITS#1527 ITS#1528

Browse source
This commit is contained in:
Kurt Zeilenga 2002-01-12 21:23:03 +00:00
parent 440adbc97a
commit 28ae87c939
2 changed files with 23 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGES
View file

@ -5,6 +5,8 @@ OpenLDAP 2.0.20 Engineering
Fixed back-passwd db_config bug
Fixed -lldap cache debug bug (ITS#1501)
Fixed -lldap dnssrv free bug
Fixed slurpd TLS non-critical/critical bug (ITS#1527)
Fixed slurpd SASL password bug (ITS#1528)
Build environment
Fixed repl_user build error (ITS#1503)
Updated BerkeleyDB 4 support

39
servers/slurpd/ldap_op.c
View file

@ -613,10 +613,6 @@ do_bind(
)
{
int ldrc;
#ifdef HAVE_CYRUS_SASL
void *defaults;
#endif
*lderr = 0;
@ -687,10 +683,10 @@ do_bind(
if( err != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY,
"%s: ldap_start_tls failed: %s (%d)\n",
ri->ri_tls != TLS_CRITICAL ? "Warning" : "Error",
ri->ri_tls == TLS_CRITICAL ? "Error" : "Warning",
ldap_err2string( err ), err );
if( ri->ri_tls != TLS_CRITICAL ) {
if( ri->ri_tls == TLS_CRITICAL ) {
ldap_unbind( ri->ri_ldp );
ri->ri_ldp = NULL;
return BIND_ERR_TLS_FAILED;
@ -738,18 +734,25 @@ do_bind(
}
}
defaults = lutil_sasl_defaults( ri->ri_ldp, ri->ri_saslmech,
ri->ri_realm, ri->ri_authcId, ri->ri_password, ri->ri_authzId );
ldrc = ldap_sasl_interactive_bind_s( ri->ri_ldp, ri->ri_bind_dn,
ri->ri_saslmech, NULL, NULL,
LDAP_SASL_QUIET, lutil_sasl_interact, defaults );
if ( ldrc != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, "Error: LDAP SASL for %s:%d failed: %s\n",
ri->ri_hostname, ri->ri_port, ldap_err2string( ldrc ));
*lderr = ldrc;
ldap_unbind( ri->ri_ldp );
ri->ri_ldp = NULL;
return( BIND_ERR_SASL_FAILED );
{
char *passwd = ri->ri_password ? ber_strdup( ri->ri_password ) : NULL;
void *defaults = lutil_sasl_defaults( ri->ri_ldp, ri->ri_saslmech,
ri->ri_realm, ri->ri_authcId, passwd, ri->ri_authzId );
ldrc = ldap_sasl_interactive_bind_s( ri->ri_ldp, ri->ri_bind_dn,
ri->ri_saslmech, NULL, NULL,
LDAP_SASL_QUIET, lutil_sasl_interact, defaults );
if ( ldrc != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY, "Error: LDAP SASL for %s:%d failed: %s\n",
ri->ri_hostname, ri->ri_port, ldap_err2string( ldrc ));
*lderr = ldrc;
ldap_unbind( ri->ri_ldp );
ri->ri_ldp = NULL;
return( BIND_ERR_SASL_FAILED );
}
ber_memfree( passwd );
ber_memfree( defaults );
}
break;
#else