upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-26 09:39:45 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Clear c_auth on every bind request

Browse source 
For a new bind request, this is obvious, for SASL bind requests, we do
not know the final identity until we have finished handling it, make
sure it stays empty until then.
This commit is contained in:
Ondřej Kuzník 2018-01-16 17:43:20 +00:00 committed by Ondřej Kuzník
parent 72ca711271
commit c52328f63d
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
servers/lloadd/bind.c
View file

@ -204,11 +204,13 @@ request_bind( LloadConnection *client, LloadOperation *op )
goto fail;
}
if ( !BER_BVISNULL( &client->c_auth ) ) {
ch_free( client->c_auth.bv_val );
BER_BVZERO( &client->c_auth );
}
tag = ber_skip_element( copy, &auth );
if ( tag == LDAP_AUTH_SIMPLE ) {
if ( !BER_BVISNULL( &client->c_auth ) ) {
ch_free( client->c_auth.bv_val );
}
if ( !BER_BVISEMPTY( &binddn ) ) {
char *ptr;
client->c_auth.bv_len = STRLENOF("dn:") + binddn.bv_len;
@ -217,8 +219,6 @@ request_bind( LloadConnection *client, LloadOperation *op )
ptr = lutil_strcopy( client->c_auth.bv_val, "dn:" );
ptr = lutil_strncopy( ptr, binddn.bv_val, binddn.bv_len );
*ptr = '\0';
} else {
BER_BVZERO( &client->c_auth );
}
if ( !BER_BVISNULL( &client->c_sasl_bind_mech ) ) {