From 0c9b308781b9f2bbc5ee29d3a94351a7c390272e Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Mon, 15 Mar 2004 19:52:17 +0000 Subject: [PATCH] Delete old password if provided --- servers/slapd/passwd.c | 36 +++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c index fde6514a41..5b9fcf61b7 100644 --- a/servers/slapd/passwd.c +++ b/servers/slapd/passwd.c @@ -180,11 +180,27 @@ int passwd_extop( ml->sml_values[i].bv_val = NULL; ml->sml_nvalues = NULL; ml->sml_desc = slap_schema.si_ad_userPassword; - ml->sml_op = LDAP_MOD_REPLACE; + ml->sml_op = qpw->rs_old.bv_val ? LDAP_MOD_ADD : LDAP_MOD_REPLACE; ml->sml_next = qpw->rs_mods; qpw->rs_mods = ml; - if ( rsp ) { - free( qpw->rs_new.bv_val ); + if ( qpw->rs_old.bv_val ) { + ml = ch_malloc( sizeof(Modifications) ); + ml->sml_values = ch_malloc( (nhash+1)*sizeof(struct berval) ); + for ( i=0; hashes[i]; i++ ) { + slap_passwd_hash( hashes[i], &qpw->rs_old, &hash, &rs->sr_text ); + if ( hash.bv_len == 0 ) { + if ( !rs->sr_text ) { + rs->sr_text = "password hash failed"; + } + break; + } + ml->sml_values[i] = hash; + } + ml->sml_values[i].bv_val = NULL; + ml->sml_desc = slap_schema.si_ad_userPassword; + ml->sml_op = LDAP_MOD_DELETE; + ml->sml_next = qpw->rs_mods; + qpw->rs_mods = ml; } if ( hashes[i] ) { rs->sr_err = LDAP_OTHER; @@ -194,6 +210,8 @@ int passwd_extop( op2.o_tag = LDAP_REQ_MODIFY; op2.o_callback = &cb2; op2.orm_modlist = qpw->rs_mods; + cb2.sc_private = qpw; /* let Modify know this was pwdMod, + * if it cares... */ rs->sr_err = slap_mods_opattrs( &op2, ml, qpw->rs_modtail, &rs->sr_text, NULL, 0 ); @@ -208,6 +226,9 @@ int passwd_extop( } } slap_mods_free( qpw->rs_mods ); + if ( rsp ) { + free( qpw->rs_new.bv_val ); + } return rs->sr_err; } @@ -461,6 +482,15 @@ slap_passwd_hash( new->bv_len = 0; new->bv_val = NULL; + if ( !hash ) { + if ( default_passwd_hash ) { + hash = default_passwd_hash[0]; + } + if ( !hash ) { + hash = (char *)defhash[0]; + } + } + #if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD ) ldap_pvt_thread_mutex_lock( &passwd_mutex ); #endif