Commit c93c16e1 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

ITS#5863

parent e95aa2d6
......@@ -11,6 +11,7 @@ OpenLDAP 2.4.14 Engineering
Added slapo-rwm newRDN rewriting (ITS#5834)
Fixed slapd syncrepl rename handling (ITS#5809)
Fixed slapd syncrepl MMR when adding new server (ITS#5850)
Fixed slapd-ldap idassert-bind validity checking (ITS#5863)
Fixed slapd-ldif numerous bugs (ITS#5408)
Fixed slapd-ldif rename on same DN (ITS#5319)
Fixed slapd-ldif deadlock (ITS#5329)
......
......@@ -2206,7 +2206,9 @@ ldap_back_proxy_authz_bind(
* so that referral chasing is attempted using the right
* identity */
LDAP_BACK_CONN_ISBOUND_SET( lc );
ber_bvreplace( &lc->lc_bound_ndn, binddn );
if ( !BER_BVISNULL( binddn ) ) {
ber_bvreplace( &lc->lc_bound_ndn, binddn );
}
if ( !BER_BVISNULL( &lc->lc_cred ) ) {
memset( lc->lc_cred.bv_val, 0,
......@@ -2214,8 +2216,10 @@ ldap_back_proxy_authz_bind(
}
if ( LDAP_BACK_SAVECRED( li ) ) {
ber_bvreplace( &lc->lc_cred, bindcred );
ldap_set_rebind_proc( lc->lc_ld, li->li_rebind_f, lc );
if ( !BER_BVISNULL( bindcred ) ) {
ber_bvreplace( &lc->lc_cred, bindcred );
ldap_set_rebind_proc( lc->lc_ld, li->li_rebind_f, lc );
}
} else {
lc->lc_cred.bv_len = 0;
......
......@@ -743,6 +743,19 @@ slap_idassert_parse( ConfigArgs *c, slap_idassert_t *si )
return 1;
}
}
if ( si->si_bc.sb_method == LDAP_AUTH_SIMPLE ) {
if ( BER_BVISNULL( &si->si_bc.sb_binddn )
|| BER_BVISNULL( &si->si_bc.sb_cred ) )
{
snprintf( c->cr_msg, sizeof( c->cr_msg ),
"\"idassert-bind <args>\": "
"SIMPLE needs \"binddn\" and \"credentials\"" );
Debug( LDAP_DEBUG_ANY, "%s: %s.\n", c->log, c->cr_msg, 0 );
return 1;
}
}
bindconf_tls_defaults( &si->si_bc );
return 0;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment