mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

Restrict bind

Browse Source
This commit is contained in:
Kurt Zeilenga 2000-08-28 23:29:29 +00:00
parent c3ceb3b9db
commit 102f12a71a
1 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
servers/slapd/bind.c
View File

@ -346,6 +346,33 @@ do_bind(
goto cleanup;
}
if( op->o_ssf < be->be_ssf_set.sss_ssf ) {
text = "confidentiality required";
rc = LDAP_CONFIDENTIALITY_REQUIRED;
} else if( op->o_transport_ssf < be->be_ssf_set.sss_transport ) {
text = "transport confidentiality required";
rc = LDAP_CONFIDENTIALITY_REQUIRED;
} else if( op->o_tls_ssf < be->be_ssf_set.sss_tls ) {
text = "TLS confidentiality required";
rc = LDAP_CONFIDENTIALITY_REQUIRED;
} else if( op->o_sasl_ssf < be->be_ssf_set.sss_sasl ) {
text = "SASL confidentiality required";
rc = LDAP_CONFIDENTIALITY_REQUIRED;
} else if( be->be_restrictops & SLAP_RESTRICT_OP_BIND ) {
text = "bind operation restricted";
rc = LDAP_UNWILLING_TO_PERFORM;
}
if( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
NULL, text, NULL, NULL );
goto cleanup;
}
conn->c_authz_backend = be;
if ( be->be_bind ) {