首页 发现 帮助
注册 登录
Apq
/
389-ds-base
镜像自地址 https://github.com/389ds/389-ds-base.git
1
0
派生 0
文件 工单管理 0 Wiki
浏览代码

Bug 700145 - userpasswd not replicating

https://bugzilla.redhat.com/show_bug.cgi?id=700145
Resolves: bug 700145
Bug Description: userpasswd not replicating
Reviewed by: nkinder, nhosoi (Thanks!)
Branch: master
Fix Description: The problem is happening because we are replicating
the unhashed#user#password attribute.  The consumer gets this sequence:

delete: unhashed#user#password
-
add: unhashed#user#password
unhashed#user#password: value

The code in entry_wsi_apply_mod attempts to apply the delete, but since the
attribute does not exist, it returns LDAP_NO_SUCH_ATTRIBUTE and the entire
modify operation is rejected.  The server removes unhashed#user#password before
doing database operations in the non-replicated case, but in the replicated
case it is assumed we can just apply the operations as they are given by the
supplier.  pw_change is never set in the replicated case, so the consumer
never removes unhashed#user#password.  The solution is to just remove
unhashed#user#password even if pw_change is not set.  If the attribute is
not in the mods list, remove_mod is a no-op.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
Rich Megginson 14 年之前
父节点
c74a13d7c4
当前提交
74e81521cc
共有 1 个文件被更改,包括 7 次插入4 次删除
合并视图 显示文件统计
  1. 7 4
      ldap/servers/slapd/modify.c

+ 7 - 4
ldap/servers/slapd/modify.c
查看文件 

@@ -873,9 +873,11 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
 
 
 
 		/* Remove the unhashed password pseudo-attribute prior */
 
 		/* Remove the unhashed password pseudo-attribute prior */
 
 		/* to db access */
 
 		/* to db access */
 
-		if (pw_change)
 
-		{
 
-			slapi_mods_init_passin (&smods, mods);
 
+		slapi_mods_init_passin (&smods, mods);
 
+		if (!unhashed_pw_attr) {
 
+			unhashed_pw_attr = slapi_attr_syntax_normalize(PSEUDO_ATTR_UNHASHEDUSERPASSWORD);
 
+		}
 
+		if (slapi_mods_get_num_mods(&smods)) {
 
 			remove_mod (&smods, unhashed_pw_attr, &unhashed_pw_smod);
 
 			remove_mod (&smods, unhashed_pw_attr, &unhashed_pw_smod);
 
 			slapi_pblock_set (pb, SLAPI_MODIFY_MODS, 
 			slapi_pblock_set (pb, SLAPI_MODIFY_MODS, 
 							  (void*)slapi_mods_get_ldapmods_passout (&smods));	
 							  (void*)slapi_mods_get_ldapmods_passout (&smods));	
@@ -936,8 +938,9 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
 
 			}
 
 			}
 
 			slapi_pblock_set (pb, SLAPI_MODIFY_MODS, 
 			slapi_pblock_set (pb, SLAPI_MODIFY_MODS, 
 							  (void*)slapi_mods_get_ldapmods_passout (&smods));
 
 							  (void*)slapi_mods_get_ldapmods_passout (&smods));
 
-			slapi_mods_done(&unhashed_pw_smod); /* can finalize now */
 
 		}
 
 		}
 
+		slapi_mods_done(&unhashed_pw_smod); /* can finalize now */
 
+
 
 
 
 		slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, &rc);
 
 		slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, &rc);
 
 		plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_POST_MODIFY_FN :
 
 		plugin_call_plugins(pb, internal_op ? SLAPI_PLUGIN_INTERNAL_POST_MODIFY_FN :