andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone
Source Code
GIT

Files

  1.   dc8c345aafdce027e11e93c1bcecc7676bccc6aa
  2.   0229-Revert-Ticket-47423-7-bit-check-plugin-does-not-work.patch
Blob Blame History Raw 
From 32ca9f093c25ee543fe23aa9efc790bfc6b12fe8 Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Mon, 23 Jun 2014 15:01:34 -0700
Subject: [PATCH] Revert "Ticket #47423 - 7-bit check plugin does not work for
 userpassword attribute"

This reverts commit 4457a30decf6e281986310e705ceb6d5c059232b.

This patch should not be in rhel-6.6 branch.
---
 ldap/servers/plugins/uiduniq/7bit.c | 37 ++++++++++---------------------------
 1 file changed, 10 insertions(+), 27 deletions(-)

diff --git a/ldap/servers/plugins/uiduniq/7bit.c b/ldap/servers/plugins/uiduniq/7bit.c
index c98d660..f690b4e 100644
--- a/ldap/servers/plugins/uiduniq/7bit.c
+++ b/ldap/servers/plugins/uiduniq/7bit.c
@@ -218,8 +218,7 @@ preop_add(Slapi_PBlock *pb)
 {
   int result;
   char *violated = NULL;
-  char *pwd = NULL;
-  char *origpwd = NULL;
+
 #ifdef DEBUG
   slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name, "ADD begin\n");
 #endif
@@ -237,14 +236,12 @@ preop_add(Slapi_PBlock *pb)
     const char *dn;
     Slapi_DN *sdn = NULL;
     Slapi_Entry *e;
+    Slapi_Attr *attr;
     char **firstSubtree;
     char **subtreeDN;
     int subtreeCnt;
     int is_replicated_operation;
-    struct berval *vals[2];
-    struct berval val;
-    vals[0] = &val;
-    vals[1] = NULL;
+
     /*
      * Get the arguments
      */
@@ -291,26 +288,19 @@ preop_add(Slapi_PBlock *pb)
     for (attrName = argv; strcmp(*attrName, ",") != 0; attrName++ )
     {
       /* 
-       * if the attribute is userpassword, check unhashed user password 
+       * if the attribute is userpassword, check unhashed#user#password 
        * instead.  "userpassword" is encoded; it will always pass the 7bit 
        * check.
        */
-      char *attr_name = NULL;
-      Slapi_Attr *attr = NULL; 
+      char *attr_name; 
       if ( strcasecmp(*attrName, "userpassword") == 0 )
       {
-         origpwd = pwd = slapi_get_first_clear_text_pw(e);
-         if (pwd == NULL)
-	 {
-            continue;
-         }
-         val.bv_val = pwd;
-         val.bv_len = strlen(val.bv_val);
+         attr_name = "unhashed#user#password";
       } else {
          attr_name = *attrName;
-	 err = slapi_entry_attr_find(e, attr_name, &attr);
-         if (err) continue; /* break;*/  /* no 7-bit attribute */
       }
+      err = slapi_entry_attr_find(e, attr_name, &attr);
+      if (err) continue; /* break;*/  /* no 7-bit attribute */
 
       /*
        * For each DN in the managed list, do 7-bit checking if
@@ -333,14 +323,7 @@ preop_add(Slapi_PBlock *pb)
           /*
            * Check if the value is 7-bit clean
            */
-	  if(pwd)
-	  {
-            result = bit_check(attr, vals, &violated);
-	    if(!result)
-	      pwd = NULL;
-	  }
-          else
-            result = bit_check(attr, NULL, &violated);
+          result = bit_check(attr, NULL, &violated);
           if (result) break;
         }
       }
@@ -352,7 +335,7 @@ preop_add(Slapi_PBlock *pb)
   if (result) {
     issue_error(pb, result, "ADD", violated);
   }
-  slapi_ch_free_string(&origpwd);
+
   return (result==LDAP_SUCCESS)?0:-1;
 }
 
-- 
1.8.1.4

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation