Bug 592389 - Set anonymous resource limits properly

The anonymous resource limits were not being properly set. This patch ensures that the limits are set properly when an anonymous or unauthenticated BIND operation is performed. It also sets the anonymous limits when we do a read on a connection that has not yet perfomed a BIND. These limits will be overwritten with any default or user-based limits once a valid BIND is performed.
author: Nathan Kinder <nkinder@redhat.com> 2010-05-20 14:08:33 -0700
committer: Nathan Kinder <nkinder@redhat.com> 2010-05-20 14:45:59 -0700
commit: 55489b8cbf203d18237db8722ebc28b7d415b60e (patch)
tree: 3921f822006cce0d6cad551a3c029568ef47e958 /ldap/servers/slapd/bind.c
parent: ecb1e8a90a6b4ca0cd268b9fc43a9b7e59d646e7 (diff)
download: ds-55489b8cbf203d18237db8722ebc28b7d415b60e.tar.gz
ds-55489b8cbf203d18237db8722ebc28b7d415b60e.tar.xz
ds-55489b8cbf203d18237db8722ebc28b7d415b60e.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c
index 626494bc..c22d1959 100644
--- a/ldap/servers/slapd/bind.c
+++ b/ldap/servers/slapd/bind.c
@@ -522,6 +522,10 @@ do_bind( Slapi_PBlock *pb )
                 goto free_and_return;
             }
 
+            /* set the bind credentials so anonymous limits are set */
+            bind_credentials_set( pb->pb_conn, SLAPD_AUTH_NONE,
+                                      NULL, NULL, NULL, NULL , NULL);
+
             /* call preop plugins */
             if (plugin_call_plugins( pb, SLAPI_PLUGIN_PRE_BIND_FN ) == 0){
                 if ( auth_response_requested ) {
@@ -698,6 +702,9 @@ do_bind( Slapi_PBlock *pb )
                             authtype = SLAPD_AUTH_OS;
                         }
 #endif /* ENABLE_AUTOBIND */
+                        else {
+                            authtype = SLAPD_AUTH_NONE;
+                        }
                         break;
                     case LDAP_AUTH_SASL:
                         /* authtype = SLAPD_AUTH_SASL && saslmech: */
@@ -719,6 +726,10 @@ do_bind( Slapi_PBlock *pb )
                                                        slapi_sdn_get_ndn(&sdn));
                         }
                     } else {	/* anonymous */
+                        /* set bind creds here so anonymous limits are set */
+			bind_credentials_set( pb->pb_conn, authtype, NULL,
+                                              NULL, NULL, NULL, NULL );
+
                         if ( auth_response_requested ) {
                             slapi_add_auth_response_control( pb,
                                                        "" );
author	Nathan Kinder <nkinder@redhat.com>	2010-05-20 14:08:33 -0700
committer	Nathan Kinder <nkinder@redhat.com>	2010-05-20 14:45:59 -0700
commit	55489b8cbf203d18237db8722ebc28b7d415b60e (patch)
tree	3921f822006cce0d6cad551a3c029568ef47e958 /ldap/servers/slapd/bind.c
parent	ecb1e8a90a6b4ca0cd268b9fc43a9b7e59d646e7 (diff)
download	ds-55489b8cbf203d18237db8722ebc28b7d415b60e.tar.gz ds-55489b8cbf203d18237db8722ebc28b7d415b60e.tar.xz ds-55489b8cbf203d18237db8722ebc28b7d415b60e.zip