--- libraries/libldap/sasl.c	1999/09/10 20:25:26	1.1.4.1
+++ libraries/libldap/sasl.c	1999/12/17 02:27:17	1.5
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/libraries/libldap/sasl.c,v 1.2 1999/09/08 17:06:29 kdz Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/libldap/sasl.c,v 1.4 1999/12/12 04:02:03 kdz Exp $ */
 /*
  * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
@@ -70,15 +70,20 @@ ldap_sasl_bind(
 		return ld->ld_errno;
 	}
 
-	if( mechanism != LDAP_SASL_SIMPLE
-		&& ld->ld_version < LDAP_VERSION3)
-	{
+	if( mechanism == LDAP_SASL_SIMPLE ) {
+		if( dn == NULL && cred != NULL ) {
+			/* use default binddn */
+			dn = ld->ld_defbinddn;
+		}
+
+	} else if( ld->ld_version < LDAP_VERSION3 ) {
 		ld->ld_errno = LDAP_NOT_SUPPORTED;
 		return ld->ld_errno;
 	}
 
-	if ( dn == NULL )
+	if ( dn == NULL ) {
 		dn = "";
+	}
 
 	/* create a message to send */
 	if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
@@ -252,19 +257,18 @@ ldap_parse_sasl_bind_result(
 		return LDAP_PARAM_ERROR;
 	}
 
-	if(servercredp != NULL) {
+	if( servercredp != NULL ) {
 		if( ld->ld_version < LDAP_VERSION2 ) {
 			return LDAP_NOT_SUPPORTED;
 		}
 		*servercredp = NULL;
 	}
 
-	if( res->lm_msgtype == LDAP_RES_BIND ) {
+	if( res->lm_msgtype != LDAP_RES_BIND ) {
 		ld->ld_errno = LDAP_PARAM_ERROR;
 		return ld->ld_errno;
 	}
 
-	errcode = LDAP_SUCCESS;
 	scred = NULL;
 
 	if ( ld->ld_error ) {
@@ -280,55 +284,69 @@ ldap_parse_sasl_bind_result(
 
 	ber = ber_dup( res->lm_ber );
 
+	if( ber == NULL ) {
+		ld->ld_errno = LDAP_NO_MEMORY;
+		return ld->ld_errno;
+	}
+
 	if ( ld->ld_version < LDAP_VERSION2 ) {
 		tag = ber_scanf( ber, "{ia}",
 			&errcode, &ld->ld_error );
 
+		if( tag == LBER_ERROR ) {
+			ber_free( ber, 0 );
+			ld->ld_errno = LDAP_DECODING_ERROR;
+			return ld->ld_errno;
+		}
+
 	} else {
 		ber_len_t len;
 
 		tag = ber_scanf( ber, "{iaa" /*}*/,
 			&errcode, &ld->ld_matched, &ld->ld_error );
 
-		if( tag != LBER_ERROR ) {
-			tag = ber_peek_tag(ber, &len);
+		if( tag == LBER_ERROR ) {
+			ber_free( ber, 0 );
+			ld->ld_errno = LDAP_DECODING_ERROR;
+			return ld->ld_errno;
 		}
 
+		tag = ber_peek_tag(ber, &len);
+
 		if( tag == LDAP_TAG_REFERRAL ) {
 			/* skip 'em */
-			tag = ber_scanf( ber, "x" );
-
-			if( tag != LBER_ERROR ) {
-				tag = ber_peek_tag(ber, &len);
+			if( ber_scanf( ber, "x" ) == LBER_ERROR ) {
+				ber_free( ber, 0 );
+				ld->ld_errno = LDAP_DECODING_ERROR;
+				return ld->ld_errno;
 			}
+
+			tag = ber_peek_tag(ber, &len);
 		}
 
-		/* need to clean out misc items */
 		if( tag == LDAP_TAG_SASL_RES_CREDS ) {
-			tag = ber_scanf( ber, "O", &scred );
+			if( ber_scanf( ber, "O", &scred ) == LBER_ERROR ) {
+				ber_free( ber, 0 );
+				ld->ld_errno = LDAP_DECODING_ERROR;
+				return ld->ld_errno;
+			}
 		}
 	}
 
-	if ( tag == LBER_ERROR ) {
-		errcode = LDAP_DECODING_ERROR;
-	}
-
-	if( ber != NULL ) {
-		ber_free( ber, 0 );
-	}
+	ber_free( ber, 0 );
 
-	/* return */
-	if ( errcode == LDAP_SUCCESS && servercredp != NULL ) {
+	if ( servercredp != NULL ) {
 		*servercredp = scred;
 
 	} else if ( scred != NULL ) {
 		ber_bvfree( scred );
 	}
 
+	ld->ld_errno = errcode;
+
 	if ( freeit ) {
 		ldap_msgfree( res );
 	}
 
-	ld->ld_errno = errcode;
 	return( ld->ld_errno );
 }