lists.arthurdejong.org
RSS feed

nss-pam-ldapd commit: r1064 - nss-pam-ldapd/nslcd

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd commit: r1064 - nss-pam-ldapd/nslcd



Author: arthur
Date: Wed Feb 17 21:21:52 2010
New Revision: 1064
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?view=rev&revision=1064

Log:
first try password modification without the old password and if that fails with 
the old password

Modified:
   nss-pam-ldapd/nslcd/myldap.c

Modified: nss-pam-ldapd/nslcd/myldap.c
==============================================================================
--- nss-pam-ldapd/nslcd/myldap.c        Wed Feb 17 21:21:16 2010        (r1063)
+++ nss-pam-ldapd/nslcd/myldap.c        Wed Feb 17 21:21:52 2010        (r1064)
@@ -1605,19 +1605,33 @@
   /* translate to ber stuff */
   ber_userdn.bv_val=(char *)userdn;
   ber_userdn.bv_len=strlen(userdn);
-  ber_oldpassword.bv_val=(char *)oldpassword;
-  ber_oldpassword.bv_len=oldpassword?strlen(oldpassword):0;
   ber_newpassword.bv_val=(char *)newpasswd;
   ber_newpassword.bv_len=strlen(newpasswd);
   ber_retpassword.bv_val=NULL;
   ber_retpassword.bv_len=0;
   /* perform request */
-  rc=ldap_passwd_s(session->ld,&ber_userdn,oldpassword?&ber_oldpassword:NULL,
+  log_log(LOG_DEBUG,"myldap_passwd(): try ldap_passwd_s() without old 
password");
+  rc=ldap_passwd_s(session->ld,&ber_userdn,NULL,
                    &ber_newpassword,&ber_retpassword,NULL,NULL);
   if (rc!=LDAP_SUCCESS)
-    log_log(LOG_ERR,"ldap_passwd_s() failed: %s",ldap_err2string(rc));
+    log_log(LOG_ERR,"ldap_passwd_s() without old password failed: 
%s",ldap_err2string(rc));
   /* free returned data if needed */
   if (ber_retpassword.bv_val!=NULL)
     ldap_memfree(ber_retpassword.bv_val);
+  if ((rc!=LDAP_SUCCESS)&&(oldpassword!=NULL))
+  {
+    /* retry with old password */
+    log_log(LOG_DEBUG,"myldap_passwd(): try ldap_passwd_s() with old 
password");
+    ber_oldpassword.bv_val=(char *)oldpassword;
+    ber_oldpassword.bv_len=strlen(oldpassword);
+    /* perform request */
+    rc=ldap_passwd_s(session->ld,&ber_userdn,&ber_oldpassword,
+                     &ber_newpassword,&ber_retpassword,NULL,NULL);
+    if (rc!=LDAP_SUCCESS)
+      log_log(LOG_ERR,"ldap_passwd_s() with old password failed: 
%s",ldap_err2string(rc));
+    /* free returned data if needed */
+    if (ber_retpassword.bv_val!=NULL)
+      ldap_memfree(ber_retpassword.bv_val);
+  }
   return rc;
 }
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits