Trac Ticket 396 - Account Usability Control Not Working [Bug 835238]

https://fedorahosted.org/389/ticket/396

Fix Description: Commit 003812911f56619f0db58ba627037644fb0f68fb
broke the feature.  This patch is backing off the change so that
get_entry accepts NULL pblock, which is necessary for the
Account Usability plugin.
(cherry picked from commit b2a926948b974ac8c64faf80dd0d3b99583e3f33)

ldap/servers/slapd/pw.c

@@ -1548,23 +1548,20 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
 	slapdFrontendConfig_t *slapdFrontendConfig;
 	int optype = -1;
 
-	/* RFE - is there a way to make this work for non-existent entries 
-	 * when we don't pass in pb?  We'll need to do this if we add support 
-	 * for password policy plug-ins. */
-	if (NULL == pb) {
-		LDAPDebug0Args(LDAP_DEBUG_ANY, 
-		               "new_passwdPolicy: NULL pblock was passed.\n");
-		return NULL;
-	}
 	slapdFrontendConfig = getFrontendConfig();
 	pwdpolicy = (passwdPolicy *)slapi_ch_calloc(1, sizeof(passwdPolicy));
 
-	slapi_pblock_get( pb, SLAPI_OPERATION_TYPE, &optype );
+	if (pb) {
+		slapi_pblock_get( pb, SLAPI_OPERATION_TYPE, &optype );
+	}
 
 	if (dn && (slapdFrontendConfig->pwpolicy_local == 1)) {
 		/*  If we're doing an add, COS does not apply yet so we check
 			parents for the pwdpolicysubentry.  We look only for virtual
 			attributes, because real ones are for single-target policy. */
+		/* RFE - is there a way to make this work for non-existent entries 
+		 * when we don't pass in pb?  We'll need to do this if we add support 
+		 * for password policy plug-ins. */
 		if (optype == SLAPI_OPERATION_ADD) {
 			char *parentdn = slapi_ch_strdup(dn);
 			char *nextdn = NULL;

ldap/servers/slapd/pw_retry.c

@@ -210,43 +210,49 @@ int set_retry_cnt ( Slapi_PBlock *pb, int count)
 }
 
 
+/* 
+ * If "dn" is passed, get_entry returns an entry which dn is "dn".
+ * If "dn" is not passed, it returns an entry which dn is set in 
+ * SLAPI_TARGET_SDN in pblock.
+ * Note: pblock is not mandatory for get_entry (e.g., new_passwdPolicy).
+ */
 Slapi_Entry *get_entry ( Slapi_PBlock *pb, const char *dn)
 {
 	int             search_result = 0;
 	Slapi_Entry     *retentry = NULL;
 	Slapi_DN        *target_sdn = NULL;
+	char            *target_dn = (char *)dn;
 	Slapi_DN        sdn;
 
-	if (NULL == pb) {
-		LDAPDebug(LDAP_DEBUG_ANY, "get_entry - no pblock specified.\n",
-		          0, 0, 0);
-		goto bail;
-	}
-
-	slapi_pblock_get( pb, SLAPI_TARGET_SDN, &target_sdn );
-
-	if (dn == NULL) {
-		dn = slapi_sdn_get_dn(target_sdn);
+	if (pb) {
+		slapi_pblock_get( pb, SLAPI_TARGET_SDN, &target_sdn );
+		if (target_dn == NULL) {
+			target_dn = slapi_sdn_get_dn(target_sdn);
+		}
 	}
 
-	if (dn == NULL) {
-		LDAPDebug (LDAP_DEBUG_TRACE, "WARNING: 'get_entry' - no dn specified.\n", 0, 0, 0);
+	if (target_dn == NULL) {
+		LDAPDebug0Args(LDAP_DEBUG_TRACE,
+		               "WARNING: 'get_entry' - no dn specified.\n");
 		goto bail;
 	}
 
-	slapi_sdn_init_dn_byref(&sdn, dn);
-
-	if (slapi_sdn_compare(&sdn, target_sdn)) { /* does not match */
-	    target_sdn = &sdn;
+	if (target_dn == dn) { /* target_dn is NOT from target_sdn */
+		slapi_sdn_init_dn_byref(&sdn, target_dn);
+		target_sdn = &sdn;
 	}
 
 	search_result = slapi_search_internal_get_entry(target_sdn, NULL,
 	                                                &retentry, 
 	                                                pw_get_componentID());
 	if (search_result != LDAP_SUCCESS) {
-		LDAPDebug (LDAP_DEBUG_TRACE, "WARNING: 'get_entry' can't find entry '%s', err %d\n", dn, search_result, 0);
+		LDAPDebug2Args(LDAP_DEBUG_TRACE,
+		               "WARNING: 'get_entry' can't find entry '%s', err %d\n",
+		               target_dn, search_result);
+	}
+	if (target_dn == dn) { /* target_dn is NOT from target_sdn */
+		slapi_sdn_done(&sdn);
 	}
-	slapi_sdn_done(&sdn);
 bail:
 	return retentry;
 }