RSS feed

nss-pam-ldapd branch master updated. 0.9.6-13-g027df03

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd branch master updated. 0.9.6-13-g027df03

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "nss-pam-ldapd".

The branch, master has been updated
       via  027df03a3b8b8c2753e67c4c38f475f29a3941f0 (commit)
      from  fcea92db2c3069209c1de7f35528560ddb3c216c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------

commit 027df03a3b8b8c2753e67c4c38f475f29a3941f0
Author: Vasilis Tsiligiannis <>
Date:   Wed Dec 23 13:43:16 2015 +0200

    Fix updating of 'shadowLastChange' attribute when chasing referrals
    This fixes a bug where 'shadowLastChange' attribute cannot be updated when
    chasing a referral. After a password is succesfully changed, the credentials
    for binding should also be updated with the new password for the session.
    Signed-off-by: Vasilis Tsiligiannis <>

diff --git a/nslcd/pam.c b/nslcd/pam.c
index 0eff71b..82656ae 100644
--- a/nslcd/pam.c
+++ b/nslcd/pam.c
@@ -3,6 +3,7 @@
    Copyright (C) 2009 Howard Chu
    Copyright (C) 2009-2014 Arthur de Jong
+   Copyright (C) 2015 Nokia Solutions and Networks
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -711,6 +712,14 @@ static int try_pwmod(MYLDAP_SESSION *oldsession,
     rc = myldap_passwd(session, userdn, oldpassword, newpassword);
     if (rc == LDAP_SUCCESS)
+      /* if user modifies own password, update credentials for the session */
+      if (binddn == userdn)
+        if (myldap_set_credentials(session, binddn, newpassword)) {
+          log_log(LOG_WARNING, "%s: shadowLastChange: modification failed: %s",
+                  userdn, ldap_err2string(LDAP_LOCAL_ERROR));
+          myldap_session_close(session);
+          return rc;
+        }
       /* try to update the shadowLastChange attribute */
       if (update_lastchange(session, userdn) != LDAP_SUCCESS)
         /* retry with the normal session */


Summary of changes:
 nslcd/pam.c | 9 +++++++++
 1 file changed, 9 insertions(+)

To unsubscribe send an email to or see