ITS#8909 fix "authz-policy all" condition

author Howard Chu <hyc@openldap.org>

Wed, 29 Aug 2018 00:13:05 +0000 (01:13 +0100)

committer Quanah Gibson-Mount <quanah@openldap.org>

Fri, 7 Sep 2018 17:00:36 +0000 (17:00 +0000)
author Howard Chu <hyc@openldap.org>
Wed, 29 Aug 2018 00:13:05 +0000 (01:13 +0100)
committer Quanah Gibson-Mount <quanah@openldap.org>
Fri, 7 Sep 2018 17:00:36 +0000 (17:00 +0000)
diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c

index e1ea0a1e9e5fcebbfe56ffe87b1466497340a50b..e4a74ea7fd156a4ed5591779cca0e65a2c1015b3 100644 (file)
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -2074,7 +2074,7 @@ int slap_sasl_authorized( Operation *op,
         if( authz_policy & SASL_AUTHZ_TO ) {
                 rc = slap_sasl_check_authz( op, authcDN, authzDN,
                         slap_schema.si_ad_saslAuthzTo, authcDN );
-               if( rc == LDAP_SUCCESS && !(authz_policy & SASL_AUTHZ_AND) ) {
+               if(( rc == LDAP_SUCCESS ) ^ (( authz_policy & SASL_AUTHZ_AND) != 0)) {
                         goto DONE;
                 }
         }
author	Howard Chu <hyc@openldap.org>
	Wed, 29 Aug 2018 00:13:05 +0000 (01:13 +0100)
committer	Quanah Gibson-Mount <quanah@openldap.org>
	Fri, 7 Sep 2018 17:00:36 +0000 (17:00 +0000)