diff options
author | Pavel Březina <pbrezina@redhat.com> | 2012-07-31 12:49:34 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-07-31 14:11:53 +0200 |
commit | 6c7057667272d6297924a6ccbf68700e791da0a7 (patch) | |
tree | 23a351983b9e0c1b79d4b7d4b42bf6e4a5bc632e | |
parent | 679a0abefcb838484a7e7278056da0f2524963c1 (diff) | |
download | sssd-6c7057667272d6297924a6ccbf68700e791da0a7.tar.gz sssd-6c7057667272d6297924a6ccbf68700e791da0a7.tar.bz2 sssd-6c7057667272d6297924a6ccbf68700e791da0a7.zip |
Unbreak SASL
Patch bc76428246c4ce532abd0eadcd539069fc1d94a8 changed the data
type of sasl_minssf from int to ber_len_t. Unfortunately, default
value of ldap_sasl_minssf is -1 but ber_len_t is defined as
unsigned long. This made SASL mechanism inoperative.
-rw-r--r-- | src/providers/ldap/sdap_async_connection.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c index d7beaa80..9fee1a5d 100644 --- a/src/providers/ldap/sdap_async_connection.c +++ b/src/providers/ldap/sdap_async_connection.c @@ -158,7 +158,8 @@ static void sdap_sys_connect_done(struct tevent_req *subreq) int sd; bool sasl_nocanon; const char *sasl_mech; - ber_len_t sasl_minssf; + int sasl_minssf; + ber_len_t ber_sasl_minssf; ret = sss_ldap_init_recv(subreq, &state->sh->ldap, &sd); talloc_zfree(subreq); @@ -286,14 +287,16 @@ static void sdap_sys_connect_done(struct tevent_req *subreq) sasl_mech = dp_opt_get_string(state->opts->basic, SDAP_SASL_MECH); if (sasl_mech != NULL) { - sasl_minssf = (ber_len_t) dp_opt_get_int(state->opts->basic, - SDAP_SASL_MINSSF); - lret = ldap_set_option(state->sh->ldap, LDAP_OPT_X_SASL_SSF_MIN, - &sasl_minssf); - if (lret != LDAP_OPT_SUCCESS) { - DEBUG(SSSDBG_CRIT_FAILURE, - ("Failed to set LDAP MIN SSF option to %lu\n", sasl_minssf)); - goto fail; + sasl_minssf = dp_opt_get_int(state->opts->basic, SDAP_SASL_MINSSF); + if (sasl_minssf >= 0) { + ber_sasl_minssf = (ber_len_t)sasl_minssf; + lret = ldap_set_option(state->sh->ldap, LDAP_OPT_X_SASL_SSF_MIN, + &ber_sasl_minssf); + if (lret != LDAP_OPT_SUCCESS) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to set LDAP MIN SSF option " + "to %lu\n", sasl_minssf)); + goto fail; + } } } |