You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2023/11/24 16:26:41 UTC
svn commit: r1914090 - /httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c
Author: minfrin
Date: Fri Nov 24 16:26:41 2023
New Revision: 1914090
URL: http://svn.apache.org/viewvc?rev=1914090&view=rev
Log:
Remove unnecessary references to r->user within ldap-search.
Modified:
httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c
Modified: httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c?rev=1914090&r1=1914089&r2=1914090&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c Fri Nov 24 16:26:41 2023
@@ -1441,24 +1441,6 @@ static authz_status ldapsearch_check_aut
req = build_request_config(r);
}
ldc = get_connection_for_authz(r, LDAP_SEARCH);
- if (!req->dn && r->user) {
- authz_status rv;
- if (!*r->user) {
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(10487)
- "ldap authorize: Userid is blank, AuthType=%s",
- r->ap_auth_type);
- }
- rv = get_dn_for_nonldap_authn(r, ldc);
- if (rv != AUTHZ_GRANTED) {
- return rv;
- }
- if (req->dn == NULL || !*req->dn) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02636)
- "auth_ldap authorize: require ldap-search: user's DN "
- "has not been defined; failing authorization");
- return AUTHZ_DENIED;
- }
- }
require = ap_expr_str_exec(r, expr, &err);
if (err) {
@@ -1482,6 +1464,7 @@ static authz_status ldapsearch_check_aut
/* Make sure that the filtered search returned a single dn */
if (result == LDAP_SUCCESS && dn) {
+ req->dn = dn;
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02631)
"auth_ldap authorize: require ldap-search: "
"authorization successful");