Overview

File forwarded-bind-failure-messages-cause-success-ITS-6607-dif of Package openldap2

From 89beae773738d6e688e2d40e1c5536ef4075de00 Mon Sep 17 00:00:00 2001
From: quanah <quanah>
Date: Mon, 10 Jan 2011 20:36:19 +0000
Subject: forwarded bind failure messages cause success (ITS#6607)

Original log from CVS:
Add rev 1.77 of chain.c for control callbacks

ITS#6475, ITS#6607
bnc#674985
CVE-2011-1024

diff --git a/servers/slapd/back-ldap/chain.c b/servers/slapd/back-ldap/chain.c
index 4b6a24a..11e96a3 100644
--- a/servers/slapd/back-ldap/chain.c
+++ b/servers/slapd/back-ldap/chain.c
@@ -854,6 +854,7 @@ ldap_chain_response( Operation *op, SlapReply *rs )
 
 	/* we need this to know if back-ldap returned any result */
 	lb.lb_lc = lc;
+	sc2.sc_next = sc->sc_next;
 	sc2.sc_private = &lb;
 	sc2.sc_response = ldap_chain_cb_response;
 	op->o_callback = &sc2;
@@ -947,6 +948,7 @@ ldap_chain_response( Operation *op, SlapReply *rs )
 
 	case LDAP_SUCCESS:
 	case LDAP_REFERRAL:
+		sr_err = rs->sr_err;
 		/* slapd-ldap sent response */
 		if ( !op->o_abandon && lb.lb_status != LDAP_CH_RES ) {
 			/* FIXME: should we send response? */
@@ -974,7 +976,7 @@ cannot_chain:;
 		default:
 #endif /* LDAP_CONTROL_X_CHAINING_BEHAVIOR */
 			if ( LDAP_CHAIN_RETURN_ERR( lc ) ) {
-				rs->sr_err = rc;
+				sr_err = rs->sr_err = rc;
 				rs->sr_type = sr_type;
 
 			} else {
@@ -992,7 +994,8 @@ cannot_chain:;
 	}
 
 	if ( lb.lb_status == LDAP_CH_NONE && rc != SLAPD_ABANDON ) {
-		op->o_callback = NULL;
+		/* give the remaining callbacks a chance */
+		op->o_callback = sc->sc_next;
 		rc = rs->sr_err = slap_map_api2result( rs );
 		send_ldap_result( op, rs );
 	}
-- 
1.7.3.4
openSUSE Build Service is sponsored by
Places