upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-24 16:49:39 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

ITS#8796 Fix SSF reset

Browse source 
Maintain the SSF across SASL binds.
This commit is contained in:
Ondřej Kuzník 2018-01-15 16:07:59 +00:00
parent 1863245f49
commit 52f7daab01
1 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
servers/slapd/sasl.c
View file

@ -1643,11 +1643,16 @@ int slap_sasl_bind( Operation *op, SlapReply *rs )
if ( !op->o_conn->c_sasl_bind_in_progress ) {
/* If we already authenticated once, must use a new context */
if ( op->o_conn->c_sasl_done ) {
sasl_ssf_t *ssf = NULL;
sasl_ssf_t ssf = 0;
sasl_ssf_t *ssfp = NULL;
const char *authid = NULL;
sasl_getprop( ctx, SASL_SSF_EXTERNAL, (void *)&ssf );
sasl_getprop( ctx, SASL_SSF_EXTERNAL, (void *)&ssfp );
if ( ssfp ) ssf = *ssfp;
sasl_getprop( ctx, SASL_AUTH_EXTERNAL, (void *)&authid );
if ( authid ) authid = ch_strdup( authid );
if ( ctx != op->o_conn->c_sasl_sockctx ) {
sasl_dispose( &ctx );
}
@ -1655,8 +1660,8 @@ int slap_sasl_bind( Operation *op, SlapReply *rs )
slap_sasl_open( op->o_conn, 1 );
ctx = op->o_conn->c_sasl_authctx;
sasl_setprop( ctx, SASL_SSF_EXTERNAL, &ssf );
if ( authid ) {
sasl_setprop( ctx, SASL_SSF_EXTERNAL, ssf );
sasl_setprop( ctx, SASL_AUTH_EXTERNAL, authid );
ch_free( (char *)authid );
}