summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2012-07-31 12:49:34 +0200
committerJakub Hrozek <jhrozek@redhat.com>2012-07-31 14:11:53 +0200
commit6c7057667272d6297924a6ccbf68700e791da0a7 (patch)
tree23a351983b9e0c1b79d4b7d4b42bf6e4a5bc632e
parent679a0abefcb838484a7e7278056da0f2524963c1 (diff)
downloadsssd-6c7057667272d6297924a6ccbf68700e791da0a7.tar.gz
sssd-6c7057667272d6297924a6ccbf68700e791da0a7.tar.bz2
sssd-6c7057667272d6297924a6ccbf68700e791da0a7.zip
Unbreak SASL
Patch bc76428246c4ce532abd0eadcd539069fc1d94a8 changed the data type of sasl_minssf from int to ber_len_t. Unfortunately, default value of ldap_sasl_minssf is -1 but ber_len_t is defined as unsigned long. This made SASL mechanism inoperative.
-rw-r--r--src/providers/ldap/sdap_async_connection.c21
1 files changed, 12 insertions, 9 deletions
diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c
index d7beaa80..9fee1a5d 100644
--- a/src/providers/ldap/sdap_async_connection.c
+++ b/src/providers/ldap/sdap_async_connection.c
@@ -158,7 +158,8 @@ static void sdap_sys_connect_done(struct tevent_req *subreq)
int sd;
bool sasl_nocanon;
const char *sasl_mech;
- ber_len_t sasl_minssf;
+ int sasl_minssf;
+ ber_len_t ber_sasl_minssf;
ret = sss_ldap_init_recv(subreq, &state->sh->ldap, &sd);
talloc_zfree(subreq);
@@ -286,14 +287,16 @@ static void sdap_sys_connect_done(struct tevent_req *subreq)
sasl_mech = dp_opt_get_string(state->opts->basic, SDAP_SASL_MECH);
if (sasl_mech != NULL) {
- sasl_minssf = (ber_len_t) dp_opt_get_int(state->opts->basic,
- SDAP_SASL_MINSSF);
- lret = ldap_set_option(state->sh->ldap, LDAP_OPT_X_SASL_SSF_MIN,
- &sasl_minssf);
- if (lret != LDAP_OPT_SUCCESS) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- ("Failed to set LDAP MIN SSF option to %lu\n", sasl_minssf));
- goto fail;
+ sasl_minssf = dp_opt_get_int(state->opts->basic, SDAP_SASL_MINSSF);
+ if (sasl_minssf >= 0) {
+ ber_sasl_minssf = (ber_len_t)sasl_minssf;
+ lret = ldap_set_option(state->sh->ldap, LDAP_OPT_X_SASL_SSF_MIN,
+ &ber_sasl_minssf);
+ if (lret != LDAP_OPT_SUCCESS) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to set LDAP MIN SSF option "
+ "to %lu\n", sasl_minssf));
+ goto fail;
+ }
}
}