From 3c33478e2a8dc0c0876835aa2339b5ddeb0ebfff Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Sat, 21 Nov 2009 19:13:49 +0000
Subject: [PATCH] ITS#6392

---
 CHANGES                 |  1 +
 servers/slapd/bconfig.c | 45 +++++++++++++++++++++++++----------------
 2 files changed, 29 insertions(+), 17 deletions(-)

diff --git a/CHANGES b/CHANGES
index b0382b36e2..43d3281196 100644
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,7 @@ OpenLDAP 2.4.20 Engineering
 	Added slapd handling of hex server IDs (ITS#6297)
 	Added slapd syncrepl contextCSN storing in subentry (ITS#6373)
 	Fixed slapd asserts in minimal environment (ITS#6361)
+	Fixed slapd authid-rewrite parsing (ITS#6392) 
 	Fixed slapd configArgs initialization (ITS#6363)
 	Fixed slapd debug handling of LDAP_DEBUG_ANY (ITS#6324)
 	Fixed slapd db_open with connection_fake_init (ITS#6381)
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index dbed5f1b83..9111694f54 100644
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -2010,29 +2010,40 @@ sortval_reject:
 		case CFG_REWRITE: {
 			struct berval bv;
 			char *line;
-			
+			int rc = 0;
+
+			if ( c->op == LDAP_MOD_ADD ) {
+				c->argv++;
+				c->argc--;
+			}
 			if(slap_sasl_rewrite_config(c->fname, c->lineno, c->argc, c->argv))
-				return(1);
+				rc = 1;
+			if ( rc == 0 ) {
 
-			if ( c->argc > 1 ) {
-				char	*s;
+				if ( c->argc > 1 ) {
+					char	*s;
 
-				/* quote all args but the first */
-				line = ldap_charray2str( c->argv, "\" \"" );
-				ber_str2bv( line, 0, 0, &bv );
-				s = ber_bvchr( &bv, '"' );
-				assert( s != NULL );
-				/* move the trailing quote of argv[0] to the end */
-				AC_MEMCPY( s, s + 1, bv.bv_len - ( s - bv.bv_val ) );
-				bv.bv_val[ bv.bv_len - 1 ] = '"';
+					/* quote all args but the first */
+					line = ldap_charray2str( c->argv, "\" \"" );
+					ber_str2bv( line, 0, 0, &bv );
+					s = ber_bvchr( &bv, '"' );
+					assert( s != NULL );
+					/* move the trailing quote of argv[0] to the end */
+					AC_MEMCPY( s, s + 1, bv.bv_len - ( s - bv.bv_val ) );
+					bv.bv_val[ bv.bv_len - 1 ] = '"';
 
-			} else {
-				ber_str2bv( c->argv[ 0 ], 0, 1, &bv );
+				} else {
+					ber_str2bv( c->argv[ 0 ], 0, 1, &bv );
+				}
+
+				ber_bvarray_add( &authz_rewrites, &bv );
 			}
-			
-			ber_bvarray_add( &authz_rewrites, &bv );
+			if ( c->op == LDAP_MOD_ADD ) {
+				c->argv--;
+				c->argc++;
+			}
+			return rc;
 			}
-			break;
 #endif
 
 
-- 
GitLab