summaryrefslogtreecommitdiffstats
path: root/ldap/servers/slapd/bind.c
diff options
context:
space:
mode:
Diffstat (limited to 'ldap/servers/slapd/bind.c')
-rw-r--r--ldap/servers/slapd/bind.c14
1 files changed, 1 insertions, 13 deletions
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c
index d3e90091..3458ff66 100644
--- a/ldap/servers/slapd/bind.c
+++ b/ldap/servers/slapd/bind.c
@@ -305,8 +305,7 @@ do_bind( Slapi_PBlock *pb )
switch ( version ) {
case LDAP_VERSION2:
if (method == LDAP_AUTH_SIMPLE
- && (config_get_force_sasl_external() ||
- ((dn == NULL || *dn == '\0') && cred.bv_len == 0))
+ && (dn == NULL || *dn == '\0') && cred.bv_len == 0
&& pb->pb_conn->c_external_dn != NULL) {
/* Treat this like a SASL EXTERNAL Bind: */
method = LDAP_AUTH_SASL;
@@ -318,17 +317,6 @@ do_bind( Slapi_PBlock *pb )
}
break;
case LDAP_VERSION3:
- if ((method == LDAP_AUTH_SIMPLE) &&
- config_get_force_sasl_external() &&
- (pb->pb_conn->c_external_dn != NULL)) {
- /* Treat this like a SASL EXTERNAL Bind: */
- method = LDAP_AUTH_SASL;
- saslmech = slapi_ch_strdup (LDAP_SASL_EXTERNAL);
- /* This enables a client to establish an identity by sending
- * a certificate in the SSL handshake, and also use LDAPv2
- * (by sending this type of Bind request).
- */
- }
break;
default:
LDAPDebug( LDAP_DEBUG_TRACE, "bind: unknown LDAP protocol version %d\n",
generated by cgit (git 2.34.1) at 2025-01-09 22:24:17 +0000