diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index bc75463834..6587a4b4ac 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -387,24 +387,31 @@ slap_sasl_canonicalize( in ? in : "" ); #endif - rc = slap_sasl_getdn( conn, (char *)in, (char *)user_realm, &dn, - (flags == SASL_CU_AUTHID) ? FLAG_GETDN_AUTHCID : FLAG_GETDN_AUTHZID ); - if ( rc != LDAP_SUCCESS ) { - sasl_seterror( sconn, 0, ldap_err2string( rc ) ); - return SASL_NOAUTHZ; - } + if (flags == SASL_CU_AUTHID) { + rc = slap_sasl_getdn( conn, (char *)in, (char *)user_realm, + &dn, FLAG_GETDN_AUTHCID); + if ( rc != LDAP_SUCCESS ) { + sasl_seterror( sconn, 0, ldap_err2string( rc ) ); + return SASL_NOAUTHZ; + } - if ( out_max < dn.bv_len ) { - return SASL_BUFOVER; + if ( out_max < dn.bv_len ) { + return SASL_BUFOVER; + } + + AC_MEMCPY( out, dn.bv_val, dn.bv_len ); + out[dn.bv_len] = '\0'; + + *out_len = dn.bv_len; + + ch_free( dn.bv_val ); + + } else { + strcpy( out, in ); + + *out_len = strlen( in ); } - AC_MEMCPY( out, dn.bv_val, dn.bv_len ); - out[dn.bv_len] = '\0'; - - *out_len = dn.bv_len; - - ch_free( dn.bv_val ); - #ifdef NEW_LOGGING LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY, "slap_sasl_canonicalize: conn %d %s=\"%s\"\n", @@ -756,7 +763,7 @@ int slap_sasl_open( Connection *conn ) /* Convert IPv6 addresses to address;port syntax. */ p = strrchr( iplocalport, ' ' ); /* Convert IPv4 addresses to address;port syntax. */ - if ( p != NULL ) p = strchr( iplocalport, ':' ); + if ( p == NULL ) p = strchr( iplocalport, ':' ); if ( p != NULL ) { *p = ';'; } @@ -769,7 +776,7 @@ int slap_sasl_open( Connection *conn ) /* Convert IPv6 addresses to address;port syntax. */ p = strrchr( ipremoteport, ' ' ); /* Convert IPv4 addresses to address;port syntax. */ - if ( p != NULL ) p = strchr( ipremoteport, ':' ); + if ( p == NULL ) p = strchr( ipremoteport, ':' ); if ( p != NULL ) { *p = ';'; }