Commit 16e0ea8d authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Rework SASL/EXTERNAL w/ IPC

parent 6125ef74
......@@ -461,8 +461,7 @@ int
ldap_int_sasl_open(
LDAP *ld,
LDAPConn *lc,
const char * host,
ber_len_t ssf )
const char * host )
{
int rc;
sasl_conn_t *ctx;
......@@ -497,27 +496,6 @@ ldap_int_sasl_open(
lc->lconn_sasl_ctx = ctx;
if( ssf ) {
#if SASL_VERSION_MAJOR >= 2
(void) sasl_setprop( ctx, SASL_SSF_EXTERNAL,
(void *) &ssf );
#else
sasl_external_properties_t extprops;
memset(&extprops, 0L, sizeof(extprops));
extprops.ssf = ssf;
(void) sasl_setprop( ctx, SASL_SSF_EXTERNAL,
(void *) &extprops );
#endif
#ifdef NEW_LOGGING
LDAP_LOG ( TRANSPORT, DETAIL1,
"ldap_int_sasl_open: ssf=%ld\n", (long) ssf, 0, 0 );
#else
Debug( LDAP_DEBUG_TRACE, "ldap_int_sasl_open: ssf=%ld\n",
(long) ssf, 0, 0 );
#endif
}
return LDAP_SUCCESS;
}
......
......@@ -533,7 +533,7 @@ LDAP_F (int) ldap_int_sasl_init LDAP_P(( void ));
LDAP_F (int) ldap_int_sasl_open LDAP_P((
LDAP *ld, LDAPConn *conn,
const char* host, ber_len_t ssf ));
const char* host ));
LDAP_F (int) ldap_int_sasl_close LDAP_P(( LDAP *ld, LDAPConn *conn ));
LDAP_F (int) ldap_int_sasl_external LDAP_P((
......
......@@ -233,7 +233,6 @@ ldap_int_open_connection(
int rc = -1;
#ifdef HAVE_CYRUS_SASL
char *sasl_host = NULL;
int sasl_ssf = 0;
#endif
char *host;
int port, proto;
......@@ -324,7 +323,6 @@ ldap_int_open_connection(
#ifdef HAVE_CYRUS_SASL
sasl_host = ldap_host_connected_to( conn->lconn_sb );
sasl_ssf = LDAP_PVT_SASL_LOCAL_SSF;
#endif
break;
#endif /* LDAP_PF_LOCAL */
......@@ -350,9 +348,12 @@ ldap_int_open_connection(
/* establish Cyrus SASL context prior to starting TLS so
that SASL EXTERNAL might be used */
if( sasl_host != NULL ) {
ldap_int_sasl_open( ld, conn, sasl_host, sasl_ssf );
ldap_int_sasl_open( ld, conn, sasl_host );
LDAP_FREE( sasl_host );
}
if( proto == LDAP_PROTO_IPC ) {
ldap_int_sasl_external( ld, conn, "nobody", LDAP_PVT_SASL_LOCAL_SSF );
}
#endif
#ifdef HAVE_TLS
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment