From: Howard Chu <hyc@openldap.org>
Date: Wed, 29 Aug 2018 00:13:05 +0000 (+0100)
Subject: ITS#8909 fix "authz-policy all" condition
X-Git-Tag: OPENLDAP_REL_ENG_2_4_47~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=37df43786bbb1918e28f3fb0117e58dd9d96cd1c;p=thirdparty%2Fopenldap.git

ITS#8909 fix "authz-policy all" condition

Broken since original commit 113727ba
---

diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c
index e1ea0a1e9e..e4a74ea7fd 100644
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -2074,7 +2074,7 @@ int slap_sasl_authorized( Operation *op,
 	if( authz_policy & SASL_AUTHZ_TO ) {
 		rc = slap_sasl_check_authz( op, authcDN, authzDN,
 			slap_schema.si_ad_saslAuthzTo, authcDN );
-		if( rc == LDAP_SUCCESS && !(authz_policy & SASL_AUTHZ_AND) ) {
+		if(( rc == LDAP_SUCCESS ) ^ (( authz_policy & SASL_AUTHZ_AND) != 0)) {
 			goto DONE;
 		}
 	}