mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-12 10:54:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix ACL value checking for bind (ITS#3446)

Browse Source
This commit is contained in:
Pierangelo Masarati 2005-01-07 13:57:16 +00:00
parent 6f2ffa30ed
commit f40527ef49
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
servers/slapd/overlays/ppolicy.c
View File

@ -1376,7 +1376,8 @@ ppolicy_modify( Operation *op, SlapReply *rs )
const char *txt;
bv = oldpw.bv_val ? &oldpw : delmod->sml_values;
rc = slap_passwd_check( op->o_conn, pa, bv, &txt );
/* FIXME: no access checking? */
rc = slap_passwd_check( op, NULL, pa, bv, &txt );
if (rc != LDAP_SUCCESS) {
Debug( LDAP_DEBUG_TRACE,
"old password check failed: %s\n", txt, 0, 0 );
@ -1420,7 +1421,8 @@ ppolicy_modify( Operation *op, SlapReply *rs )
/*
* Last check - the password history.
*/
if (slap_passwd_check( op->o_conn, pa, bv, &txt ) == LDAP_SUCCESS) {
/* FIXME: no access checking? */
if (slap_passwd_check( op, NULL, pa, bv, &txt ) == LDAP_SUCCESS) {
/*
* This is bad - it means that the user is attempting
* to set the password to the same as the old one.
@ -1442,7 +1444,8 @@ ppolicy_modify( Operation *op, SlapReply *rs )
cr[1].bv_val = NULL;
for(p=tl; p; p=p->next) {
cr[0] = p->pw;
rc = slap_passwd_check( op->o_conn, &at, bv, &txt );
/* FIXME: no access checking? */
rc = slap_passwd_check( op, NULL, &at, bv, &txt );
if (rc != LDAP_SUCCESS) continue;