mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

ITS#5146 better check for single val in modify

Browse Source
This commit is contained in:
Howard Chu 2007-11-07 04:58:07 +00:00
parent 115635a5ef
commit 8f56be2ce8
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
servers/slapd/overlays/ppolicy.c
View File

@ -1559,8 +1559,6 @@ ppolicy_modify( Operation *op, SlapReply *rs )
if ((ml->sml_op == LDAP_MOD_ADD) ||
(ml->sml_op == LDAP_MOD_REPLACE))
{
addmod = ml;
/* FIXME: there's no easy way to ensure
* that add does not cause multiple
* userPassword values; one way (that
@ -1572,13 +1570,15 @@ ppolicy_modify( Operation *op, SlapReply *rs )
* Let's check at least that a single value
* is being added
*/
assert( addmod->sml_values != NULL );
assert( !BER_BVISNULL( &addmod->sml_values[ 0 ] ) );
if ( !BER_BVISNULL( &addmod->sml_values[ 1 ] ) ) {
assert( ml->sml_values != NULL );
assert( !BER_BVISNULL( &ml->sml_values[ 0 ] ) );
if ( !BER_BVISNULL( addmod || &ml->sml_values[ 1 ] ) ) {
rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
rs->sr_text = "Password policy only allows one password value";
goto return_results;
}
addmod = ml;
}
} else if ( !is_at_operational( ml->sml_desc->ad_type ) ) {