From cb73a5dde8948f8b75bfb396ae3b499819ef2128 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Tue, 27 May 2003 10:03:54 +0000 Subject: [PATCH] (LDAP__connect): bind sasl "EXTERNAL" to ldap connection (LDAP_store): remove superfluous argument to asprintf From Alberto Patino git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12334 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/hdb/hdb-ldap.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/lib/hdb/hdb-ldap.c b/lib/hdb/hdb-ldap.c index 1ca351fb4..7caf53ced 100644 --- a/lib/hdb/hdb-ldap.c +++ b/lib/hdb/hdb-ldap.c @@ -953,6 +953,13 @@ LDAP_rename(krb5_context context, HDB * db, const char *new_name) static krb5_error_code LDAP__connect(krb5_context context, HDB * db) { int rc, version = LDAP_VERSION3; + /* + * Empty credentials to do a SASL bind with LDAP. Note that empty + * different from NULL credentials. If you provide NULL + * credentials instead of empty credentials you will get a SASL + * bind in progress message. + */ + struct berval bv = { 0, "" }; if (db->db != NULL) { /* connection has been opened. ping server. */ @@ -986,6 +993,14 @@ static krb5_error_code LDAP__connect(krb5_context context, HDB * db) return HDB_ERR_BADVERSION; } + rc = ldap_sasl_bind_s((LDAP *) db->db, NULL, "EXTERNAL", &bv, NULL, NULL, NULL); + if (rc != LDAP_SUCCESS) { + krb5_set_error_string(context, "ldap_sasl_bind_s: %s", ldap_err2string(rc)); + ldap_unbind_ext((LDAP *) db->db, NULL, NULL); + db->db = NULL; + return HDB_ERR_BADVERSION; + } + return 0; } @@ -1104,7 +1119,7 @@ LDAP_store(krb5_context context, HDB * db, unsigned flags, ret = asprintf(&dn, "cn=%s,%s", name, db->name); } else { /* A bit bogus, but we don't have a search base */ - ret = asprintf(&dn, "cn=%s", name, db->name); + ret = asprintf(&dn, "cn=%s", name); } if (ret < 0) { krb5_set_error_string(context, "asprintf: out of memory");