diff --git a/servers/slapd/back-ldbm/bind.c b/servers/slapd/back-ldbm/bind.c index 7025dd318a..08c0d64baa 100644 --- a/servers/slapd/back-ldbm/bind.c +++ b/servers/slapd/back-ldbm/bind.c @@ -68,7 +68,7 @@ ldbm_back_bind( /* allow noauth binds */ rc = 1; if ( method == LDAP_AUTH_SIMPLE ) { - if ( be_isroot_pw( be, dn, cred ) ) { + if ( be_isroot_pw( be, conn, dn, cred ) ) { *edn = ch_strdup( be_root_dn( be ) ); rc = 0; /* front end will send result */ @@ -139,7 +139,7 @@ ldbm_back_bind( switch ( method ) { case LDAP_AUTH_SIMPLE: /* check for root dn/passwd */ - if ( be_isroot_pw( be, dn, cred ) ) { + if ( be_isroot_pw( be, conn, dn, cred ) ) { /* front end will send result */ if(*edn != NULL) free( *edn ); *edn = ch_strdup( be_root_dn( be ) ); diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c index 0dad539936..e3da050191 100644 --- a/servers/slapd/backend.c +++ b/servers/slapd/backend.c @@ -504,7 +504,10 @@ be_root_dn( Backend *be ) } int -be_isroot_pw( Backend *be, const char *ndn, struct berval *cred ) +be_isroot_pw( Backend *be, + Connection *conn, + const char *ndn, + struct berval *cred ) { int result; @@ -526,6 +529,9 @@ be_isroot_pw( Backend *be, const char *ndn, struct berval *cred ) result = lutil_passwd( &be->be_root_pw, cred, NULL ); #if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD ) +#ifdef SLAPD_SPASSWD + lutil_passwd_sasl_conn = NULL; +#endif ldap_pvt_thread_mutex_unlock( &passwd_mutex ); #endif diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c index f26b2d8814..381fb088fd 100644 --- a/servers/slapd/passwd.c +++ b/servers/slapd/passwd.c @@ -239,6 +239,9 @@ slap_passwd_check( } #if defined( SLAPD_CRYPT ) || defined( SLAPD_PASSWD ) +#ifdef SLAPD_SPASSWD + lutil_passwd_sasl_conn = NULL; +#endif ldap_pvt_thread_mutex_unlock( &passwd_mutex ); #endif diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index bc0ac1db88..955a05bb75 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -151,7 +151,8 @@ LDAP_SLAPD_F (BackendDB *) select_backend LDAP_P(( const char * dn )); LDAP_SLAPD_F (int) be_issuffix LDAP_P(( Backend *be, const char *suffix )); LDAP_SLAPD_F (int) be_isroot LDAP_P(( Backend *be, const char *ndn )); -LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Backend *be, const char *ndn, struct berval *cred )); +LDAP_SLAPD_F (int) be_isroot_pw LDAP_P(( Backend *be, + Connection *conn, const char *ndn, struct berval *cred )); LDAP_SLAPD_F (char *) be_root_dn LDAP_P(( Backend *be )); LDAP_SLAPD_F (int) be_entry_release_rw LDAP_P(( Backend *be, Entry *e, int rw )); #define be_entry_release_r( be, e ) be_entry_release_rw( be, e, 0 )