if ( !BER_BVISNULL( &c->c_auth ) ) {
ber_memfree( c->c_auth.bv_val );
}
- ber_dupbv( &c->c_auth, &binddn );
+ if ( !BER_BVISEMPTY( &binddn ) ) {
+ char *ptr;
+ c->c_auth.bv_len = STRLENOF("dn:") + binddn.bv_len;
+ c->c_auth.bv_val = ch_malloc( c->c_auth.bv_len + 1 );
+
+ ptr = lutil_strcopy( c->c_auth.bv_val, "dn:" );
+ ptr = lutil_strncopy( ptr, binddn.bv_val, binddn.bv_len );
+ *ptr = '\0';
+ } else {
+ BER_BVZERO( &c->c_auth );
+ }
+
if ( !BER_BVISNULL( &c->c_sasl_bind_mech ) ) {
ber_memfree( c->c_sasl_bind_mech.bv_val );
BER_BVZERO( &c->c_sasl_bind_mech );
op->o_upstream_msgid = msgid = c->c_next_msgid++;
rc = tavl_insert( &c->c_ops, op, operation_upstream_cmp, avl_dup_error );
assert( rc == LDAP_SUCCESS );
- ldap_pvt_thread_mutex_unlock( &c->c_mutex );
- ber_printf( output, "t{titOtO}", LDAP_TAG_MESSAGE,
- LDAP_TAG_MSGID, msgid,
- op->o_tag, &op->o_request,
- LDAP_TAG_CONTROLS, BER_BV_OPTIONAL( &op->o_ctrls ) );
+ if ( lload_features & LLOAD_FEATURE_PROXYAUTHZ ) {
+ Debug( LDAP_DEBUG_TRACE, "request_process: "
+ "proxying identity %s to upstream\n",
+ c->c_auth.bv_val );
+ ber_printf( output, "t{titOt{{sbO}" /* "}}" */, LDAP_TAG_MESSAGE,
+ LDAP_TAG_MSGID, msgid,
+ op->o_tag, &op->o_request,
+ LDAP_TAG_CONTROLS,
+ LDAP_CONTROL_PROXY_AUTHZ, 1, &c->c_auth );
+
+ if ( !BER_BVISNULL( &op->o_ctrls ) ) {
+ BerElement *control_ber = ber_alloc();
+ BerValue controls;
+
+ if ( !control_ber ) {
+ goto fail;
+ }
+ ber_init2( control_ber, &op->o_ctrls, 0 );
+ ber_peek_element( control_ber, &controls );
+
+ ber_write( output, controls.bv_val, controls.bv_len, 0 );
+ ber_free( control_ber, 0 );
+ }
+ ber_printf( output, /* "{{" */ "}}" );
+ } else {
+ ber_printf( output, "t{titOtO}", LDAP_TAG_MESSAGE,
+ LDAP_TAG_MSGID, msgid,
+ op->o_tag, &op->o_request,
+ LDAP_TAG_CONTROLS, BER_BV_OPTIONAL( &op->o_ctrls ) );
+ }
+ ldap_pvt_thread_mutex_unlock( &c->c_mutex );
ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
upstream_write_cb( -1, 0, c );
projects / thirdparty / openldap.git / commitdiff
