diff options
author | Nathan Kinder <nkinder@redhat.com> | 2010-05-20 14:08:33 -0700 |
---|---|---|
committer | Nathan Kinder <nkinder@redhat.com> | 2010-05-20 14:45:59 -0700 |
commit | 55489b8cbf203d18237db8722ebc28b7d415b60e (patch) | |
tree | 3921f822006cce0d6cad551a3c029568ef47e958 /ldap/servers/slapd/bind.c | |
parent | ecb1e8a90a6b4ca0cd268b9fc43a9b7e59d646e7 (diff) | |
download | ds-55489b8cbf203d18237db8722ebc28b7d415b60e.tar.gz ds-55489b8cbf203d18237db8722ebc28b7d415b60e.tar.xz ds-55489b8cbf203d18237db8722ebc28b7d415b60e.zip |
Bug 592389 - Set anonymous resource limits properly
The anonymous resource limits were not being properly set. This
patch ensures that the limits are set properly when an anonymous
or unauthenticated BIND operation is performed. It also sets the
anonymous limits when we do a read on a connection that has not
yet perfomed a BIND. These limits will be overwritten with any
default or user-based limits once a valid BIND is performed.
Diffstat (limited to 'ldap/servers/slapd/bind.c')
-rw-r--r-- | ldap/servers/slapd/bind.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c index 626494bc..c22d1959 100644 --- a/ldap/servers/slapd/bind.c +++ b/ldap/servers/slapd/bind.c @@ -522,6 +522,10 @@ do_bind( Slapi_PBlock *pb ) goto free_and_return; } + /* set the bind credentials so anonymous limits are set */ + bind_credentials_set( pb->pb_conn, SLAPD_AUTH_NONE, + NULL, NULL, NULL, NULL , NULL); + /* call preop plugins */ if (plugin_call_plugins( pb, SLAPI_PLUGIN_PRE_BIND_FN ) == 0){ if ( auth_response_requested ) { @@ -698,6 +702,9 @@ do_bind( Slapi_PBlock *pb ) authtype = SLAPD_AUTH_OS; } #endif /* ENABLE_AUTOBIND */ + else { + authtype = SLAPD_AUTH_NONE; + } break; case LDAP_AUTH_SASL: /* authtype = SLAPD_AUTH_SASL && saslmech: */ @@ -719,6 +726,10 @@ do_bind( Slapi_PBlock *pb ) slapi_sdn_get_ndn(&sdn)); } } else { /* anonymous */ + /* set bind creds here so anonymous limits are set */ + bind_credentials_set( pb->pb_conn, authtype, NULL, + NULL, NULL, NULL, NULL ); + if ( auth_response_requested ) { slapi_add_auth_response_control( pb, "" ); |