DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17599>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17599 auth ldap binds as user and loses access rights ------- Additional Comments From [EMAIL PROTECTED] 2003-11-15 01:31 ------- Here is the diff for the patch (after reading the contribute info, duh). I have done limited testing with openldap on Redhat 9 and the Sun LDAP SDK 5.08 on Solaris 8. --- util_ldap.c Fri Nov 14 18:34:39 2003 *************** *** 870,885 **** * fails, it means that the password is wrong (the dn obviously * exists, since we just retrieved it) */ ! if ((result = ! ldap_simple_bind_s(ldc->ldap, const_cast(*binddn), const_cast(bindpw))) == ! LDAP_SERVER_DOWN) { ! ldc->reason = "ldap_simple_bind_s() to check user credentials failed with server down"; ! ldap_msgfree(res); ! goto start_over; ! } ! ! /* failure? if so - return */ ! if (result != LDAP_SUCCESS) { ldc->reason = "ldap_simple_bind_s() to check user credentials failed"; ldap_msgfree(res); return result; --- 870,878 ---- * fails, it means that the password is wrong (the dn obviously * exists, since we just retrieved it) */ ! ldc = util_ldap_connection_find(r, ldc->host, ldc->port, *binddn, bindpw, ! ldc->deref, ldc->secure); ! if (LDAP_SUCCESS != (result = util_ldap_connection_open(r, ldc))) { ldc->reason = "ldap_simple_bind_s() to check user credentials failed"; ldap_msgfree(res); return result; --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
