Commit d4e690e0 authored by Pierangelo Masarati's avatar Pierangelo Masarati
Browse files

Fix issue with unauthorized idassert and DN rewrite

parent e1e21de1
...@@ -6,6 +6,7 @@ OpenLDAP 2.3.35 Engineering ...@@ -6,6 +6,7 @@ OpenLDAP 2.3.35 Engineering
Fixed zero-length IA5string handling (ITS#4823) Fixed zero-length IA5string handling (ITS#4823)
Fixed slapd-bdb/hdb startup with missing shm env (ITS#4851) Fixed slapd-bdb/hdb startup with missing shm env (ITS#4851)
Fixed slapd-ldap/meta consistency in referral proxying (ITS#4861) Fixed slapd-ldap/meta consistency in referral proxying (ITS#4861)
Fixed slapd-ldap bind cleanup in case of unauthorized idassert
Fixed slapd-meta search cleanup Fixed slapd-meta search cleanup
Fixed slapd-meta/slapo-rwm filter mapping Fixed slapd-meta/slapo-rwm filter mapping
Fixed slapd-sql subtree shortcut (ITS#4856) Fixed slapd-sql subtree shortcut (ITS#4856)
......
...@@ -760,13 +760,13 @@ ldap_back_getconn( ...@@ -760,13 +760,13 @@ ldap_back_getconn(
op->o_ndn = op->o_req_ndn; op->o_ndn = op->o_req_ndn;
} }
isproxyauthz = ldap_back_is_proxy_authz( op, rs, sendok, binddn, bindcred ); isproxyauthz = ldap_back_is_proxy_authz( op, rs, sendok, binddn, bindcred );
if ( isproxyauthz == -1 ) {
return NULL;
}
if ( op->o_tag == LDAP_REQ_BIND ) { if ( op->o_tag == LDAP_REQ_BIND ) {
op->o_dn = save_o_dn; op->o_dn = save_o_dn;
op->o_ndn = save_o_ndn; op->o_ndn = save_o_ndn;
} }
if ( isproxyauthz == -1 ) {
return NULL;
}
lc_curr.lc_local_ndn = op->o_ndn; lc_curr.lc_local_ndn = op->o_ndn;
/* Explicit binds must not be shared; /* Explicit binds must not be shared;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment