mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-01-06 10:46:21 +08:00
rearrange quarantine handling during proxyAuthz bind; bind anonymously if no bindmethod is defined
This commit is contained in:
parent
85c9a7b4c5
commit
186813daed
@ -1059,6 +1059,11 @@ retry_lock:;
|
|||||||
} else {
|
} else {
|
||||||
LDAP_BACK_CONN_ISBOUND_SET( lc );
|
LDAP_BACK_CONN_ISBOUND_SET( lc );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ( LDAP_BACK_QUARANTINE( li ) ) {
|
||||||
|
ldap_back_quarantine( op, rs, dolock );
|
||||||
|
}
|
||||||
|
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
#endif /* HAVE_CYRUS_SASL */
|
#endif /* HAVE_CYRUS_SASL */
|
||||||
@ -1109,15 +1114,15 @@ retry:;
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( LDAP_BACK_QUARANTINE( li ) ) {
|
|
||||||
ldap_back_quarantine( op, rs, dolock );
|
|
||||||
}
|
|
||||||
|
|
||||||
/* FIXME: one binding-- too many? */
|
/* FIXME: one binding-- too many? */
|
||||||
lc->lc_binding--;
|
lc->lc_binding--;
|
||||||
ldap_back_freeconn( op, lc, dolock );
|
ldap_back_freeconn( op, lc, dolock );
|
||||||
rs->sr_err = slap_map_api2result( rs );
|
rs->sr_err = slap_map_api2result( rs );
|
||||||
|
|
||||||
|
if ( LDAP_BACK_QUARANTINE( li ) ) {
|
||||||
|
ldap_back_quarantine( op, rs, dolock );
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1127,10 +1132,6 @@ retry:;
|
|||||||
}
|
}
|
||||||
|
|
||||||
done:;
|
done:;
|
||||||
if ( LDAP_BACK_QUARANTINE( li ) ) {
|
|
||||||
ldap_back_quarantine( op, rs, dolock );
|
|
||||||
}
|
|
||||||
|
|
||||||
lc->lc_binding--;
|
lc->lc_binding--;
|
||||||
LDAP_BACK_CONN_BINDING_CLEAR( lc );
|
LDAP_BACK_CONN_BINDING_CLEAR( lc );
|
||||||
rc = LDAP_BACK_CONN_ISBOUND( lc );
|
rc = LDAP_BACK_CONN_ISBOUND( lc );
|
||||||
@ -1664,8 +1665,9 @@ ldap_back_proxy_authz_bind( ldapconn_t *lc, Operation *op, SlapReply *rs, ldap_b
|
|||||||
|
|
||||||
switch ( li->li_idassert_authmethod ) {
|
switch ( li->li_idassert_authmethod ) {
|
||||||
case LDAP_AUTH_NONE:
|
case LDAP_AUTH_NONE:
|
||||||
rc = LDAP_SUCCESS;
|
BER_BVSTR( &binddn, "" );
|
||||||
break;
|
BER_BVSTR( &bindcred, "" );
|
||||||
|
/* fallthru */
|
||||||
|
|
||||||
case LDAP_AUTH_SIMPLE:
|
case LDAP_AUTH_SIMPLE:
|
||||||
rs->sr_err = ldap_sasl_bind( lc->lc_ld,
|
rs->sr_err = ldap_sasl_bind( lc->lc_ld,
|
||||||
|
Loading…
Reference in New Issue
Block a user