nss-pam-ldapd commit: r1079 - nss-pam-ldapd/nslcd

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: "Commits of the nss-pam-ldapd project." <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: nss-pam-ldapd commit: r1079 - nss-pam-ldapd/nslcd
Date: Tue, 13 Apr 2010 21:22:00 +0200 (CEST)

Author: arthur
Date: Tue Apr 13 21:21:58 2010
New Revision: 1079
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?view=rev&revision=1079

Log:
don't have myldap_set_credentials() try to open a connection but have the PAM 
code perform a search with the new credentials so we re-use the fail-over 
mechanism in myldap_search()

Modified:
   nss-pam-ldapd/nslcd/myldap.c
   nss-pam-ldapd/nslcd/myldap.h
   nss-pam-ldapd/nslcd/pam.c

Modified: nss-pam-ldapd/nslcd/myldap.c
==============================================================================
--- nss-pam-ldapd/nslcd/myldap.c        Tue Apr 13 21:17:39 2010        (r1078)
+++ nss-pam-ldapd/nslcd/myldap.c        Tue Apr 13 21:21:58 2010        (r1079)
@@ -677,7 +677,7 @@
 }
 
 /* Set alternative credentials for the session. */
-int myldap_set_credentials(MYLDAP_SESSION *session,const char *dn,
+void myldap_set_credentials(MYLDAP_SESSION *session,const char *dn,
                            const char *password)
 {
   /* copy dn and password into session */
@@ -685,8 +685,6 @@
   session->binddn[sizeof(session->binddn)-1]='\0';
   strncpy(session->bindpw,password,sizeof(session->bindpw));
   session->bindpw[sizeof(session->bindpw)-1]='\0';
-  /* try to open a connection */
-  return do_open(session);
 }
 
 static int do_try_search(MYLDAP_SEARCH *search)

Modified: nss-pam-ldapd/nslcd/myldap.h
==============================================================================
--- nss-pam-ldapd/nslcd/myldap.h        Tue Apr 13 21:17:39 2010        (r1078)
+++ nss-pam-ldapd/nslcd/myldap.h        Tue Apr 13 21:21:58 2010        (r1079)
@@ -68,10 +68,9 @@
    uses the configuration to find the URLs to attempt connections to. */
 MUST_USE MYLDAP_SESSION *myldap_create_session(void);
 
-/* Set alternative credentials for the session and try to open a connection
-   with those credentials. Returns an LDAP status code. */
-int myldap_set_credentials(MYLDAP_SESSION *session,const char *dn,
-                           const char *password);
+/* Set alternative credentials for the session. */
+void myldap_set_credentials(MYLDAP_SESSION *session,const char *dn,
+                            const char *password);
 
 /* Closes all pending searches and deallocates any memory that is allocated
    with these searches. This does not close the session. */

Modified: nss-pam-ldapd/nslcd/pam.c
==============================================================================
--- nss-pam-ldapd/nslcd/pam.c   Tue Apr 13 21:17:39 2010        (r1078)
+++ nss-pam-ldapd/nslcd/pam.c   Tue Apr 13 21:21:58 2010        (r1079)
@@ -47,15 +47,11 @@
   if (session==NULL)
     return NSLCD_PAM_AUTH_ERR;
   /* set up credentials for the session */
-  rc=myldap_set_credentials(session,userdn,password);
-  /* TODO: test rc */
-  if (rc==LDAP_SUCCESS)
-  {
-    /* perform search for own object (just to do any kind of search) */
-    username=lookup_dn2uid(session,userdn,&rc);
-    if (username!=NULL)
-      free(username);
-  }
+  myldap_set_credentials(session,userdn,password);
+  /* perform search for own object (just to do any kind of search) */
+  username=lookup_dn2uid(session,userdn,&rc);
+  if (username!=NULL)
+    free(username);
   /* close the session */
   myldap_session_close(session);
   /* handle the results */
@@ -276,13 +272,19 @@
                      const char *oldpassword,const char *newpassword)
 {
   MYLDAP_SESSION *session;
+  char *username;
   int rc;
   /* set up a new connection */
   session=myldap_create_session();
   if (session==NULL)
     return NSLCD_PAM_AUTH_ERR;
   /* set up credentials for the session */
-  rc=myldap_set_credentials(session,binddn,oldpassword);
+  myldap_set_credentials(session,binddn,oldpassword);
+  /* perform search for own object (just to do any kind of search) */
+  username=lookup_dn2uid(session,userdn,&rc);
+  if (username!=NULL)
+    free(username);
+  /* perform actual password modification */
   if (rc==LDAP_SUCCESS)
   {
     /* if doing password modification as admin, don't pass old password along 
*/
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits

nss-pam-ldapd commit: r1079 - nss-pam-ldapd/nslcd, Commits of the nss-pam-ldapd project.

Prev by Date: nss-pam-ldapd commit: r1078 - in nss-pam-ldapd: nslcd tests
Next by Date: nss-pam-ldapd commit: r1080 - nss-pam-ldapd/debian
Previous by thread: nss-pam-ldapd commit: r1078 - in nss-pam-ldapd: nslcd tests
Next by thread: nss-pam-ldapd commit: r1080 - nss-pam-ldapd/debian