Commit 2f339926 authored by Howard Chu's avatar Howard Chu
Browse files

Changed sai_dn, sai_ndn to struct berval. (Affects op->o_dn,o_ndn,

conn->c_dn,c_ndn, Access->a_dn_pat)
parent 9969058a
......@@ -117,7 +117,7 @@ access_allowed(
assert( be != NULL );
/* grant database root access */
if ( be != NULL && be_isroot( be, op->o_ndn ) ) {
if ( be != NULL && be_isroot( be, op->o_ndn.bv_val ) ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_INFO,
"access_allowed: conn %d root access granted\n",
......@@ -480,7 +480,7 @@ acl_mask(
Debug( LDAP_DEBUG_ACL,
"=> acl_mask: to %s by \"%s\", (%s) \n",
val ? "value" : "all values",
op->o_ndn ? op->o_ndn : "",
op->o_ndn.bv_val ? op->o_ndn.bv_val : "",
accessmask2str( *mask, accessmaskbuf ) );
#endif
......@@ -490,43 +490,47 @@ acl_mask(
ACL_INVALIDATE( modmask );
/* AND <who> clauses */
if ( b->a_dn_pat != NULL ) {
if ( b->a_dn_pat.bv_len != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1,
"acl_mask: conn %d check a_dn_pat: %s\n",
conn->c_connid, b->a_dn_pat ));
conn->c_connid, b->a_dn_pat.bv_val ));
#else
Debug( LDAP_DEBUG_ACL, "<= check a_dn_pat: %s\n",
b->a_dn_pat, 0, 0);
b->a_dn_pat.bv_val, 0, 0);
#endif
/*
* if access applies to the entry itself, and the
* user is bound as somebody in the same namespace as
* the entry, OR the given dn matches the dn pattern
*/
if ( strcmp( b->a_dn_pat, "anonymous" ) == 0 ) {
if (op->o_ndn != NULL && op->o_ndn[0] != '\0' ) {
if ( b->a_dn_pat.bv_len == sizeof("anonymous") -1 &&
strcmp( b->a_dn_pat.bv_val, "anonymous" ) == 0 ) {
if (op->o_ndn.bv_len != 0 ) {
continue;
}
} else if ( strcmp( b->a_dn_pat, "users" ) == 0 ) {
if (op->o_ndn == NULL || op->o_ndn[0] == '\0' ) {
} else if ( b->a_dn_pat.bv_len == sizeof("users") - 1 &&
strcmp( b->a_dn_pat.bv_val, "users" ) == 0 ) {
if (op->o_ndn.bv_len == 0 ) {
continue;
}
} else if ( strcmp( b->a_dn_pat, "self" ) == 0 ) {
if( op->o_ndn == NULL || op->o_ndn[0] == '\0' ) {
} else if ( b->a_dn_pat.bv_len == sizeof("self") - 1 &&
strcmp( b->a_dn_pat.bv_val, "self" ) == 0 ) {
if( op->o_ndn.bv_len == 0 ) {
continue;
}
if ( e->e_dn == NULL || strcmp( e->e_ndn, op->o_ndn ) != 0 ) {
if ( e->e_dn == NULL || strcmp( e->e_ndn, op->o_ndn.bv_val ) != 0 ) {
continue;
}
} else if ( b->a_dn_style == ACL_STYLE_REGEX ) {
if ( strcmp( b->a_dn_pat, "*" ) != 0 ) {
int ret = regex_matches( b->a_dn_pat,
op->o_ndn, e->e_ndn, matches );
if ( b->a_dn_pat.bv_len != 1 ||
strcmp( b->a_dn_pat.bv_val, "*" ) != 0 ) {
int ret = regex_matches( b->a_dn_pat.bv_val,
op->o_ndn.bv_val, e->e_ndn, matches );
if( ret == 0 ) {
continue;
......@@ -537,8 +541,8 @@ acl_mask(
if ( e->e_dn == NULL )
continue;
patlen = strlen( b->a_dn_pat );
odnlen = strlen( op->o_ndn );
patlen = b->a_dn_pat.bv_len;
odnlen = op->o_ndn.bv_len;
if ( odnlen < patlen )
continue;
......@@ -553,25 +557,25 @@ acl_mask(
if ( odnlen <= patlen )
continue;
if ( !DN_SEPARATOR( op->o_ndn[odnlen - patlen - 1] ) || DN_ESCAPE( op->o_ndn[odnlen - patlen - 2] ) )
if ( !DN_SEPARATOR( op->o_ndn.bv_val[odnlen - patlen - 1] ) || DN_ESCAPE( op->o_ndn.bv_val[odnlen - patlen - 2] ) )
continue;
rdnlen = dn_rdnlen( NULL, op->o_ndn );
rdnlen = dn_rdnlen( NULL, op->o_ndn.bv_val );
if ( rdnlen != odnlen - patlen - 1 )
continue;
} else if ( b->a_dn_style == ACL_STYLE_SUBTREE ) {
if ( odnlen > patlen && ( !DN_SEPARATOR( op->o_ndn[odnlen - patlen - 1] ) || DN_ESCAPE( op->o_ndn[odnlen - patlen - 2] ) ) )
if ( odnlen > patlen && ( !DN_SEPARATOR( op->o_ndn.bv_val[odnlen - patlen - 1] ) || DN_ESCAPE( op->o_ndn.bv_val[odnlen - patlen - 2] ) ) )
continue;
} else if ( b->a_dn_style == ACL_STYLE_CHILDREN ) {
if ( odnlen <= patlen )
continue;
if ( !DN_SEPARATOR( op->o_ndn[odnlen - patlen - 1] ) || DN_ESCAPE( op->o_ndn[odnlen - patlen - 2] ) )
if ( !DN_SEPARATOR( op->o_ndn.bv_val[odnlen - patlen - 1] ) || DN_ESCAPE( op->o_ndn.bv_val[odnlen - patlen - 2] ) )
continue;
}
if ( strcmp( b->a_dn_pat, op->o_ndn + odnlen - patlen ) != 0 )
if ( strcmp( b->a_dn_pat.bv_val, op->o_ndn.bv_val + odnlen - patlen ) != 0 )
continue;
}
......@@ -670,7 +674,7 @@ acl_mask(
}
}
if ( b->a_dn_at != NULL && op->o_ndn != NULL ) {
if ( b->a_dn_at != NULL && op->o_ndn.bv_len != 0 ) {
Attribute *at;
struct berval bv;
int rc, match = 0;
......@@ -687,8 +691,7 @@ acl_mask(
Debug( LDAP_DEBUG_ACL, "<= check a_dn_at: %s\n",
attr, 0, 0);
#endif
bv.bv_val = op->o_ndn;
bv.bv_len = strlen( bv.bv_val );
bv = op->o_ndn;
/* see if asker is listed in dnattr */
for( at = attrs_find( e->e_attrs, b->a_dn_at );
......@@ -742,7 +745,7 @@ acl_mask(
}
}
if ( b->a_group_pat != NULL && op->o_ndn != NULL ) {
if ( b->a_group_pat != NULL && op->o_ndn.bv_len != 0 ) {
char buf[1024];
/* b->a_group is an unexpanded entry name, expanded it should be an
......@@ -761,7 +764,7 @@ acl_mask(
buf[sizeof(buf) - 1] = 0;
}
if (backend_group(be, conn, op, e, buf, op->o_ndn,
if (backend_group(be, conn, op, e, buf, op->o_ndn.bv_val,
b->a_group_oc, b->a_group_at) != 0)
{
continue;
......@@ -1014,7 +1017,7 @@ acl_check_modlist(
assert( be != NULL );
/* short circuit root database access */
if ( be_isroot( be, op->o_ndn ) ) {
if ( be_isroot( be, op->o_ndn.bv_val ) ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_DETAIL1,
"acl_check_modlist: conn %d access granted to root user\n",
......@@ -1301,7 +1304,7 @@ aci_match_set (
cookie.e = e;
cookie.conn = conn;
cookie.op = op;
rc = (set_filter(aci_set_gather, &cookie, set, op->o_ndn, e->e_ndn, NULL) > 0);
rc = (set_filter(aci_set_gather, &cookie, set, op->o_ndn.bv_val, e->e_ndn, NULL) > 0);
ch_free(set);
}
return(rc);
......
......@@ -362,14 +362,15 @@ parse_acl(
}
if( pat != NULL ) {
if( b->a_dn_pat != NULL ) {
if( b->a_dn_pat.bv_len != 0 ) {
fprintf( stderr,
"%s: line %d: dn pattern already specified.\n",
fname, lineno );
acl_usage();
}
b->a_dn_pat = pat;
b->a_dn_pat.bv_val = pat;
b->a_dn_pat.bv_len = strlen( pat );
b->a_dn_style = sty;
if ( sty != ACL_STYLE_REGEX )
dn_normalize(pat);
......@@ -1220,8 +1221,8 @@ acl_append( AccessControl **l, AccessControl *a )
static void
access_free( Access *a )
{
if ( a->a_dn_pat )
free ( a->a_dn_pat );
if ( a->a_dn_pat.bv_val )
free ( a->a_dn_pat.bv_val );
if ( a->a_peername_pat )
free ( a->a_peername_pat );
if ( a->a_sockname_pat )
......@@ -1341,16 +1342,16 @@ print_access( Access *b )
fprintf( stderr, "\tby" );
if ( b->a_dn_pat != NULL ) {
if( strcmp(b->a_dn_pat, "*") == 0
|| strcmp(b->a_dn_pat, "users") == 0
|| strcmp(b->a_dn_pat, "anonymous") == 0
|| strcmp(b->a_dn_pat, "self") == 0 )
if ( b->a_dn_pat.bv_len != 0 ) {
if( strcmp(b->a_dn_pat.bv_val, "*") == 0
|| strcmp(b->a_dn_pat.bv_val, "users") == 0
|| strcmp(b->a_dn_pat.bv_val, "anonymous") == 0
|| strcmp(b->a_dn_pat.bv_val, "self") == 0 )
{
fprintf( stderr, " %s", b->a_dn_pat );
fprintf( stderr, " %s", b->a_dn_pat.bv_val );
} else {
fprintf( stderr, " dn.%s=%s", style_strings[b->a_dn_style], b->a_dn_pat );
fprintf( stderr, " dn.%s=%s", style_strings[b->a_dn_style], b->a_dn_pat.bv_val );
}
}
......
......@@ -266,7 +266,7 @@ do_add( Connection *conn, Operation *op )
*/
if ( be->be_add ) {
/* do the update here */
int repl_user = be_isupdate(be, op->o_ndn );
int repl_user = be_isupdate(be, op->o_ndn.bv_val );
#ifndef SLAPD_MULTIMASTER
if ( be->be_update_ndn == NULL || repl_user )
#endif
......
......@@ -192,8 +192,8 @@ retry: rc = txn_abort( ltid );
* must be adding entry to at suffix
* or with parent ""
*/
if ( !be_isroot( be, op->o_ndn )) {
if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn ) ) {
if ( !be_isroot( be, op->o_ndn.bv_val )) {
if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn.bv_val ) ) {
p = (Entry *)&slap_entry_root;
......
......@@ -161,8 +161,8 @@ retry: /* transaction retry */
} else {
/* no parent, must be root to delete */
if( ! be_isroot( be, op->o_ndn ) ) {
if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn ) ) {
if( ! be_isroot( be, op->o_ndn.bv_val ) ) {
if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn.bv_val ) ) {
p = (Entry *)&slap_entry_root;
/* check parent for "children" acl */
......
......@@ -50,7 +50,7 @@ int bdb_modify_internal(
switch ( mod->sm_op ) {
case LDAP_MOD_ADD:
Debug(LDAP_DEBUG_ARGS, "bdb_modify_internal: add\n", 0, 0, 0);
err = add_values( e, mod, op->o_ndn );
err = add_values( e, mod, op->o_ndn.bv_val );
if( err != LDAP_SUCCESS ) {
*text = "modify: add values failed";
......@@ -61,7 +61,7 @@ int bdb_modify_internal(
case LDAP_MOD_DELETE:
Debug(LDAP_DEBUG_ARGS, "bdb_modify_internal: delete\n", 0, 0, 0);
err = delete_values( e, mod, op->o_ndn );
err = delete_values( e, mod, op->o_ndn.bv_val );
assert( err != LDAP_TYPE_OR_VALUE_EXISTS );
if( err != LDAP_SUCCESS ) {
*text = "modify: delete values failed";
......@@ -72,7 +72,7 @@ int bdb_modify_internal(
case LDAP_MOD_REPLACE:
Debug(LDAP_DEBUG_ARGS, "bdb_modify_internal: replace\n", 0, 0, 0);
err = replace_values( e, mod, op->o_ndn );
err = replace_values( e, mod, op->o_ndn.bv_val );
assert( err != LDAP_TYPE_OR_VALUE_EXISTS );
if( err != LDAP_SUCCESS ) {
*text = "modify: replace values failed";
......@@ -87,7 +87,7 @@ int bdb_modify_internal(
* We need to add index if necessary.
*/
mod->sm_op = LDAP_MOD_ADD;
err = add_values( e, mod, op->o_ndn );
err = add_values( e, mod, op->o_ndn.bv_val );
if ( err == LDAP_TYPE_OR_VALUE_EXISTS ) {
err = LDAP_SUCCESS;
......
......@@ -212,9 +212,9 @@ retry: /* transaction retry */
} else {
/* no parent, modrdn entry directly under root */
isroot = be_isroot( be, op->o_ndn );
isroot = be_isroot( be, op->o_ndn.bv_val );
if ( ! isroot ) {
if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn ) ) {
if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn.bv_val ) ) {
p = (Entry *)&slap_entry_root;
......@@ -328,14 +328,14 @@ retry: /* transaction retry */
} else {
if ( isroot == -1 ) {
isroot = be_isroot( be, op->o_ndn );
isroot = be_isroot( be, op->o_ndn.bv_val );
}
np_dn = ch_strdup( "" );
/* no parent, modrdn entry directly under root */
if ( ! isroot ) {
if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn ) ) {
if ( be_issuffix( be, "" ) || be_isupdate( be, op->o_ndn.bv_val ) ) {
np = (Entry *)&slap_entry_root;
......
......@@ -73,7 +73,7 @@ bdb_exop_passwd(
goto done;
}
dn = id ? id->bv_val : op->o_dn;
dn = id ? id->bv_val : op->o_dn.bv_val;
Debug( LDAP_DEBUG_TRACE, "bdb_exop_passwd: \"%s\"%s\n",
dn, id ? " (proxy)" : "", 0 );
......
......@@ -157,10 +157,10 @@ bdb_search(
}
/* if not root, get appropriate limits */
if ( be_isroot( be, op->o_ndn ) ) {
if ( be_isroot( be, op->o_ndn.bv_val ) ) {
isroot = 1;
} else {
( void ) get_limits( be, op->o_ndn, &limit );
( void ) get_limits( be, op->o_ndn.bv_val, &limit );
}
/* The time/size limits come first because they require very little
......
......@@ -85,10 +85,10 @@ ldap_back_search(
}
/* if not root, get appropriate limits */
if ( be_isroot( be, op->o_ndn ) ) {
if ( be_isroot( be, op->o_ndn.bv_val ) ) {
isroot = 1;
} else {
( void ) get_limits( be, op->o_ndn, &limit );
( void ) get_limits( be, op->o_ndn.bv_val, &limit );
}
/* if no time limit requested, rely on remote server limits */
......
......@@ -205,9 +205,9 @@ ldbm_back_add(
}
/* no parent, must be adding entry to root */
if ( !be_isroot( be, op->o_ndn ) ) {
if ( !be_isroot( be, op->o_ndn.bv_val ) ) {
if ( be_issuffix( be, "" )
|| be_isupdate( be, op->o_ndn ) ) {
|| be_isupdate( be, op->o_ndn.bv_val ) ) {
p = (Entry *)&slap_entry_root;
rc = access_allowed( be, conn, op, p,
......
......@@ -153,9 +153,9 @@ ldbm_back_delete(
} else {
/* no parent, must be root to delete */
if( ! be_isroot( be, op->o_ndn ) ) {
if( ! be_isroot( be, op->o_ndn.bv_val ) ) {
if ( be_issuffix( be, "" )
|| be_isupdate( be, op->o_ndn ) ) {
|| be_isupdate( be, op->o_ndn.bv_val ) ) {
p = (Entry *)&slap_entry_root;
rc = access_allowed( be, conn, op, p,
......
......@@ -71,7 +71,7 @@ int ldbm_modify_internal(
Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: add\n", 0, 0, 0);
#endif
err = add_values( e, mod, op->o_ndn );
err = add_values( e, mod, op->o_ndn.bv_val );
if( err != LDAP_SUCCESS ) {
*text = "modify: add values failed";
......@@ -94,7 +94,7 @@ int ldbm_modify_internal(
Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: delete\n", 0, 0, 0);
#endif
err = delete_values( e, mod, op->o_ndn );
err = delete_values( e, mod, op->o_ndn.bv_val );
assert( err != LDAP_TYPE_OR_VALUE_EXISTS );
if( err != LDAP_SUCCESS ) {
*text = "modify: delete values failed";
......@@ -116,7 +116,7 @@ int ldbm_modify_internal(
Debug(LDAP_DEBUG_ARGS, "ldbm_modify_internal: replace\n", 0, 0, 0);
#endif
err = replace_values( e, mod, op->o_ndn );
err = replace_values( e, mod, op->o_ndn.bv_val );
assert( err != LDAP_TYPE_OR_VALUE_EXISTS );
if( err != LDAP_SUCCESS ) {
*text = "modify: replace values failed";
......@@ -143,7 +143,7 @@ int ldbm_modify_internal(
* We need to add index if necessary.
*/
mod->sm_op = LDAP_MOD_ADD;
err = add_values( e, mod, op->o_ndn );
err = add_values( e, mod, op->o_ndn.bv_val );
if ( err == LDAP_TYPE_OR_VALUE_EXISTS ) {
err = LDAP_SUCCESS;
......
......@@ -206,10 +206,10 @@ ldbm_back_modrdn(
} else {
/* no parent, must be root to modify rdn */
isroot = be_isroot( be, op->o_ndn );
isroot = be_isroot( be, op->o_ndn.bv_val );
if ( ! be_isroot ) {
if ( be_issuffix( be, "" )
|| be_isupdate( be, op->o_ndn ) ) {
|| be_isupdate( be, op->o_ndn.bv_val ) ) {
p = (Entry *)&slap_entry_root;
rc = access_allowed( be, conn, op, p,
......@@ -383,12 +383,12 @@ ldbm_back_modrdn(
/* no parent, must be root to modify newSuperior */
if ( isroot == -1 ) {
isroot = be_isroot( be, op->o_ndn );
isroot = be_isroot( be, op->o_ndn.bv_val );
}
if ( ! be_isroot ) {
if ( be_issuffix( be, "" )
|| be_isupdate( be, op->o_ndn ) ) {
|| be_isupdate( be, op->o_ndn.bv_val ) ) {
np = (Entry *)&slap_entry_root;
rc = access_allowed( be, conn, op, np,
......
......@@ -80,7 +80,7 @@ ldbm_back_exop_passwd(
goto done;
}
dn = id ? id->bv_val : op->o_dn;
dn = id ? id->bv_val : op->o_dn.bv_val;
#ifdef NEW_LOGGING
LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
......@@ -141,7 +141,7 @@ ldbm_back_exop_passwd(
ml.sml_next = NULL;
rc = ldbm_modify_internal( be,
conn, op, op->o_ndn, &ml, e, text, textbuf,
conn, op, op->o_ndn.bv_val, &ml, e, text, textbuf,
sizeof( textbuf ) );
/* FIXME: ldbm_modify_internal may set *tex = textbuf,
......
......@@ -206,10 +206,10 @@ searchit:
}
/* if not root, get appropriate limits */
if ( be_isroot( be, op->o_ndn ) ) {
if ( be_isroot( be, op->o_ndn.bv_val ) ) {
isroot = 1;
} else {
( void ) get_limits( be, op->o_ndn, &limit );
( void ) get_limits( be, op->o_ndn.bv_val, &limit );
}
/* if candidates exceed to-be-checked entries, abort */
......
......@@ -149,10 +149,10 @@ meta_back_search(
nbaselen = strlen( nbase );
/* if not root, get appropriate limits */
if ( be_isroot( be, op->o_ndn ) ) {
if ( be_isroot( be, op->o_ndn.bv_val ) ) {
isroot = 1;
} else {
( void ) get_limits( be, op->o_ndn, &limit );
( void ) get_limits( be, op->o_ndn.bv_val, &limit );
}
/* if no time limit requested, rely on remote server limits */
......
......@@ -547,7 +547,7 @@ int backsql_search(BackendDB *be,Connection *conn,Operation *op,
/* TimesTen : Pass it along to the lower level routines */
srch_info.isTimesTen = bi->isTimesTen;
if (tlimit == 0 && be_isroot(be,op->o_dn))
if (tlimit == 0 && be_isroot(be,op->o_ndn.bv_val))
{
tlimit = -1; /* allow root to set no limit */
}
......@@ -558,7 +558,7 @@ int backsql_search(BackendDB *be,Connection *conn,Operation *op,
stoptime = op->o_time + tlimit;
}
if (slimit == 0 && be_isroot(be,op->o_dn))
if (slimit == 0 && be_isroot(be,op->o_ndn.bv_val))
{
slimit = -1; /* allow root to set no limit */
}
......
......@@ -887,7 +887,7 @@ backend_check_restrictions(
return LDAP_CONFIDENTIALITY_REQUIRED;
}
if( op->o_ndn == NULL ) {
if( op->o_ndn.bv_len == 0 ) {
*text = "modifications require authentication";
return LDAP_OPERATIONS_ERROR;
}
......@@ -901,8 +901,7 @@ backend_check_restrictions(
if( requires & SLAP_REQUIRE_STRONG ) {
/* should check mechanism */
if( op->o_authmech == NULL ||
op->o_dn == NULL || *op->o_dn == '\0' )
if( op->o_authmech == NULL || op->o_dn.bv_len == 0 )
{
*text = "strong authentication required";
return LDAP_STRONG_AUTH_REQUIRED;
......@@ -910,8 +909,7 @@ backend_check_restrictions(
}
if( requires & SLAP_REQUIRE_SASL ) {
if( op->o_authmech == NULL ||
op->o_dn == NULL || *op->o_dn == '\0' )
if( op->o_authmech == NULL || op->o_dn.bv_len == 0 )
{
*text = "SASL authentication required";
return LDAP_STRONG_AUTH_REQUIRED;
......@@ -919,7 +917,7 @@ backend_check_restrictions(
}
if( requires & SLAP_REQUIRE_AUTHC ) {
if( op->o_dn == NULL || *op->o_dn == '\0' ) {
if( op->o_dn.bv_len == 0 ) {
*text = "authentication required";
return LDAP_UNWILLING_TO_PERFORM;
}
......
......@@ -60,14 +60,16 @@ do_bind(
connection2anonymous( conn );
ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
if ( op->o_dn != NULL ) {
free( op->o_dn );
op->o_dn = ch_strdup( "" );
if ( op->o_dn.bv_val != NULL ) {
free( op->o_dn.bv_val );
op->o_dn.bv_val = ch_strdup( "" );
op->o_dn.bv_len = 0;
}
if ( op->o_ndn != NULL ) {
free( op->o_ndn );
op->o_ndn = ch_strdup( "" );
if ( op->o_ndn.bv_val != NULL ) {
free( op->o_ndn.bv_val );
op->o_ndn.bv_val = ch_strdup( "" );
op->o_ndn.bv_len = 0;
}
/*
......@@ -295,10 +297,13 @@ do_bind(
ldap_pvt_thread_mutex_lock( &conn->c_mutex );
if( rc == LDAP_SUCCESS ) {
conn->c_dn = edn;
conn->c_dn.bv_val = edn;
if( edn != NULL ) {
conn->c_ndn = ch_strdup( edn );
dn_normalize( conn->c_ndn );
struct berval *cndn;
conn->c_dn.bv_len = strlen( edn );
dnNormalize( NULL, &conn->c_dn, &cndn );
conn->c_ndn = *cndn;
free( cndn );
}
conn->c_authmech = conn->c_sasl_bind_mech;
conn->c_sasl_bind_mech = NULL;
......@@ -309,7 +314,7 @@ do_bind(
conn->c_ssf = ssf;