Apply Wes's kbind fix (ITS#426). Needs to be reconciled with

devel's kbind fix.

CHANGES

@@ -5,6 +5,7 @@ Changes included in OpenLDAP 1.2.10 Release Engineering
 	Add slapd -DSLAPD_UNDEFINED_OC_IS_NOT_EXTENSIBLE macro disable
 		undefined object classes implies extensible object behavior.
 	Add GNU Pth support (ITS#453)
+	Fixed -lldap Kerberos bind to work ldap_init() (ITS#426)
 	Changed -lldap to ignore space in filter: ( !(foo=bar)) (ITS#459)
 	Fixed multiple password support (ITS#464)
 	Fixed back-ldbm/bind invalid credentials vs no such object bug 

libraries/libldap/kbind.c

@@ -261,6 +261,10 @@ ldap_get_kerberosv4_credentials( LDAP *ld, char *who, char *service, int *len )
 		return( NULL );
 	}
 
+	if ( ldap_delayed_open( ld ) < 0 ) {
+		return( NULL );
+	}
+
 #ifdef LDAP_REFERRALS
 	krbinstance = ld->ld_defconn->lconn_krbinstance;
 #else /* LDAP_REFERRALS */

libraries/libldap/open.c

@@ -53,31 +53,9 @@ ldap_open( char *host, int port )
 		return( NULL );
 	}
 
-#ifdef LDAP_REFERRALS
-	if (( srv = (LDAPServer *)calloc( 1, sizeof( LDAPServer ))) ==
-	    NULL || ( ld->ld_defhost != NULL && ( srv->lsrv_host =
-	    ldap_strdup( ld->ld_defhost )) == NULL )) {
-		if(srv != NULL) free( (char*) srv );
-		ldap_ld_free( ld, 0 );
-		return( NULL );
-	}
-	srv->lsrv_port = ld->ld_defport;
-
-	if (( ld->ld_defconn = ldap_new_connection( ld, &srv, 1,1,0 )) == NULL ) {
-		if ( ld->ld_defhost != NULL ) free( srv->lsrv_host );
-		free( (char *)srv );
-		ldap_ld_free( ld, 0 );
+	if ( ldap_delayed_open( ld ) < 0 ) {
 		return( NULL );
 	}
-	++ld->ld_defconn->lconn_refcnt;	/* so it never gets closed/freed */
-
-#else /* LDAP_REFERRALS */
-	if ( open_ldap_connection( ld, &ld->ld_sb, ld->ld_defhost,
-	    ld->ld_defport, &ld->ld_host, 0 ) < 0 ) {
-		ldap_ld_free( ld, 0 );
-		return( NULL );
-	}
-#endif /* LDAP_REFERRALS */
 
 	Debug( LDAP_DEBUG_TRACE, "ldap_open successful, ld_host is %s\n",
 		( ld->ld_host == NULL ) ? "(null)" : ld->ld_host, 0, 0 );

libraries/libldap/request.c

@@ -71,16 +71,14 @@ ldap_set_ber_options( LDAP *ld, BerElement *ber )
 #endif /* STR_TRANSLATION */
 }
 
-
 int
-ldap_send_initial_request( LDAP *ld, unsigned long msgtype, char *dn,
-	BerElement *ber )
+ldap_delayed_open( LDAP *ld )
 {
 #if defined( LDAP_REFERRALS ) || defined( LDAP_DNS )
 	LDAPServer	*servers, *srv;
 #endif /* LDAP_REFERRALS || LDAP_DNS */
 
-	Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
+	Debug( LDAP_DEBUG_TRACE, "ldap_delayed_open\n", 0, 0, 0 );
 
 	if ( ld->ld_sb.sb_sd == -1 ) {
 		/* not connected yet */
@@ -116,12 +114,24 @@ ldap_send_initial_request( LDAP *ld, unsigned long msgtype, char *dn,
 			return( -1 );
 		}
 #endif /* LDAP_REFERRALS */
-
-		Debug( LDAP_DEBUG_TRACE,
-			"ldap_delayed_open successful, ld_host is %s\n",
-			( ld->ld_host == NULL ) ? "(null)" : ld->ld_host, 0, 0 );
 	}
 
+	return( 0 );
+}
+
+int
+ldap_send_initial_request( LDAP *ld, unsigned long msgtype, char *dn,
+	BerElement *ber )
+{
+#if defined( LDAP_REFERRALS ) || defined( LDAP_DNS )
+	LDAPServer	*servers, *srv;
+#endif /* LDAP_REFERRALS || LDAP_DNS */
+
+	Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
+
+	if ( ldap_delayed_open( ld ) < 0 ) {
+		return( -1 );
+	}
 
 #if !defined( LDAP_REFERRALS ) && !defined( LDAP_DNS )