canonusr.c		canonusr.c
	skipping to change at line 243		skipping to change at line 243
	/* Only SASL_CU_AUTHZID was requested.		/* Only SASL_CU_AUTHZID was requested.
	The authz_result value is authoritative. */		The authz_result value is authoritative. */
	result = authz_result;		result = authz_result;
	} else if (result == SASL_OK && authz_result != SASL_NOUSER) {		} else if (result == SASL_OK && authz_result != SASL_NOUSER) {
	/* Use the authz_result value, unless "result"		/* Use the authz_result value, unless "result"
	already contains an error */		already contains an error */
	result = authz_result;		result = authz_result;
	}		}
	}		}
	if (result == SASL_NOUSER && (flags & SASL_CU_EXTERNALLY_VERIFIED)) {		if ((flags & SASL_CU_EXTERNALLY_VERIFIED) && (result == SASL_NOUSER || result == SASL_NOMECH)) {
	/* The called has explicitly told us that the authentication ide ntity		/* The called has explicitly told us that the authentication ide ntity
	was already verified. So a failure to retrieve any associated		was already verified or will be verified independently.
	properties		So a failure to retrieve any associated properties
	is not an error. For example the caller is using Kerberos to verify user,		is not an error. For example the caller is using Kerberos to verify user,
	but the LDAPDB/SASLDB auxprop plugin doesn't contain any auxp rops for		but the LDAPDB/SASLDB auxprop plugin doesn't contain any auxp rops for
	the user. */		the user.
			Another case is PLAIN/LOGIN not using auxprop to verify user
			passwords. */
	result = SASL_OK;		result = SASL_OK;
	}		}
	}		}
	#endif		#endif
	RETURN(conn, result);		RETURN(conn, result);
	}		}
	/* default behavior:		/* default behavior:
	* Eliminate leading & trailing whitespace,		* Eliminate leading & trailing whitespace,
	skipping to change at line 318		skipping to change at line 320
	if(!plugname || strlen(plugname) > (PATH_MAX - 1)) {		if(!plugname || strlen(plugname) > (PATH_MAX - 1)) {
	sasl_seterror(NULL, 0,		sasl_seterror(NULL, 0,
	"bad plugname passed to sasl_canonuser_add_plugin\n");		"bad plugname passed to sasl_canonuser_add_plugin\n");
	return SASL_BADPARAM;		return SASL_BADPARAM;
	}		}
	result = canonuserfunc(sasl_global_utils, SASL_CANONUSER_PLUG_VERSION,		result = canonuserfunc(sasl_global_utils, SASL_CANONUSER_PLUG_VERSION,
	&out_version, &plug, plugname);		&out_version, &plug, plugname);
	if(result != SASL_OK) {		if(result != SASL_OK) {
	_sasl_log(NULL, SASL_LOG_ERR, "canonuserfunc error %i\n",result);		_sasl_log(NULL, SASL_LOG_ERR, "%s_canonuser_plug_init() failed in sa
			sl_canonuser_add_plugin(): %z\n",
			plugname, result);
	return result;		return result;
	}		}
	if(!plug->canon_user_server && !plug->canon_user_client) {		if(!plug->canon_user_server && !plug->canon_user_client) {
	/* We need at least one of these implemented */		/* We need at least one of these implemented */
	_sasl_log(NULL, SASL_LOG_ERR,		_sasl_log(NULL, SASL_LOG_ERR,
	"canonuser plugin without either client or server side");		"canonuser plugin '%s' without either client or server sid e", plugname);
	return SASL_BADPROT;		return SASL_BADPROT;
	}		}
	new_item = sasl_ALLOC(sizeof(canonuser_plug_list_t));		new_item = sasl_ALLOC(sizeof(canonuser_plug_list_t));
	if(!new_item) return SASL_NOMEM;		if(!new_item) return SASL_NOMEM;
	strncpy(new_item->name, plugname, PATH_MAX);		strncpy(new_item->name, plugname, PATH_MAX);
	new_item->plug = plug;		new_item->plug = plug;
	new_item->next = canonuser_head;		new_item->next = canonuser_head;
End of changes. 5 change blocks.
	6 lines changed or deleted		10 lines changed or added
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/