From: Howard Chu <hyc@openldap.org>
Date: Sun, 24 Apr 2011 04:11:52 +0000 (-0700)
Subject: ITS#6909 blind fix. re-init creds for retry.
X-Git-Tag: OPENLDAP_REL_ENG_2_5_0ALPHA~1396
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=45ce60c0944116cce340ed2c21fa74e618ec9b8c;p=thirdparty%2Fopenldap.git

ITS#6909 blind fix. re-init creds for retry.

Move retry so that cred validity is also re-checked.
---

diff --git a/servers/slapd/back-meta/search.c b/servers/slapd/back-meta/search.c
index f0018d31b8..f4135fe2ab 100644
--- a/servers/slapd/back-meta/search.c
+++ b/servers/slapd/back-meta/search.c
@@ -235,6 +235,10 @@ meta_search_dobind_init(
 
 	assert( msc->msc_ld != NULL );
 
+	/* connect must be async only the first time... */
+	ldap_set_option( msc->msc_ld, LDAP_OPT_CONNECT_ASYNC, LDAP_OPT_ON );
+
+retry:;
 	if ( !BER_BVISEMPTY( &binddn ) && BER_BVISEMPTY( &cred ) ) {
 		/* bind anonymously? */
 		Debug( LDAP_DEBUG_ANY, "%s meta_search_dobind_init[%d] mc=%p: "
@@ -250,10 +254,6 @@ meta_search_dobind_init(
 		goto other;
 	}
 
-	/* connect must be async only the first time... */
-	ldap_set_option( msc->msc_ld, LDAP_OPT_CONNECT_ASYNC, LDAP_OPT_ON );
-
-retry:;
 	rc = ldap_sasl_bind( msc->msc_ld, binddn.bv_val, LDAP_SASL_SIMPLE, &cred,
 			NULL, NULL, &candidates[ candidate ].sr_msgid );
 
@@ -327,6 +327,8 @@ down:;
 
 			if ( rc == LDAP_SUCCESS ) {
 				candidates[ candidate ].sr_msgid = META_MSGID_IGNORE;
+				binddn = msc->msc_bound_ndn;
+				cred = msc->msc_cred;
 				goto retry;
 			}
 		}