andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 6 months ago
Clone
dc8c34
From a9126071d3be754b71a976173f97cf6db34397d4 Mon Sep 17 00:00:00 2001
dc8c34
From: Noriko Hosoi <nhosoi@redhat.com>
dc8c34
Date: Tue, 25 Aug 2015 16:31:10 -0700
dc8c34
Subject: [PATCH 358/363] Ticket #48228 - wrong password check if
dc8c34
 passwordInHistory is decreased.
dc8c34
dc8c34
Description: Regression was added by this commit:
dc8c34
  commit 1a119125856006543aae0520b5800a8b52c3b049
dc8c34
  Ticket #48228 - wrong password check if passwordInHistory is decreased.
dc8c34
Compare function pw_history_cmp used in qsort did not check the correct
dc8c34
address for the timestamp string, which made qsort return the password
dc8c34
history in the wrong order.
dc8c34
dc8c34
https://fedorahosted.org/389/ticket/48228
dc8c34
dc8c34
Reviewed by rmeggins@redhat.com (Thank you, Rich!)
dc8c34
dc8c34
(cherry picked from commit 391acfcf9a67b9b27ebbd98d1dfe30ef54a027c4)
dc8c34
(cherry picked from commit 096b386663c949136095def77a7fb12eee64e542)
dc8c34
(cherry picked from commit 90cf9fdbc8b71e68f615f8a72328c25e41a8fd0c)
dc8c34
(cherry picked from commit 1e2793d5a8984b2e390cb3038f507611b3ebc6e2)
dc8c34
---
dc8c34
 ldap/servers/slapd/pw.c | 21 ++++++++-------------
dc8c34
 1 file changed, 8 insertions(+), 13 deletions(-)
dc8c34
dc8c34
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
dc8c34
index 14a4b0f..dea949c 100644
dc8c34
--- a/ldap/servers/slapd/pw.c
dc8c34
+++ b/ldap/servers/slapd/pw.c
dc8c34
@@ -1089,8 +1089,6 @@ retry:
dc8c34
 static int
dc8c34
 pw_history_cmp(const void *h0, const void *h1)
dc8c34
 {
dc8c34
-	size_t h0sz = 0;
dc8c34
-	size_t h1sz = 0;
dc8c34
 	if (!h0) {
dc8c34
 		if (!h1) {
dc8c34
 			return 0;
dc8c34
@@ -1101,23 +1099,20 @@ pw_history_cmp(const void *h0, const void *h1)
dc8c34
 		if (!h1) {
dc8c34
 			return 1;
dc8c34
 		} else {
dc8c34
-			size_t delta;
dc8c34
-			h0sz = strlen(h0);
dc8c34
-			h1sz = strlen(h1);
dc8c34
-			delta = h0sz - h1sz;
dc8c34
-			if (!delta) {
dc8c34
-				return delta;
dc8c34
-			}
dc8c34
-			if (h0sz < GENERALIZED_TIME_LENGTH) {
dc8c34
+			char *h0str = *(char **)h0;
dc8c34
+			char *h1str = *(char **)h1;
dc8c34
+			size_t h0sz = strlen(h0str);
dc8c34
+			size_t h1sz = strlen(h1str);
dc8c34
+			if ((h0sz < GENERALIZED_TIME_LENGTH) ||
dc8c34
+			    (h1sz < GENERALIZED_TIME_LENGTH)) {
dc8c34
 				/* too short for the history str. */
dc8c34
-				return 0;
dc8c34
+				return h0sz - h1sz;
dc8c34
 			}
dc8c34
+			return PL_strncmp(h0str, h1str, GENERALIZED_TIME_LENGTH);
dc8c34
 		}
dc8c34
 	}
dc8c34
-	return PL_strncmp(h0, h1, GENERALIZED_TIME_LENGTH);
dc8c34
 }
dc8c34
 
dc8c34
-
dc8c34
 static int
dc8c34
 update_pw_history( Slapi_PBlock *pb, const Slapi_DN *sdn, char *old_pw )
dc8c34
 {
dc8c34
-- 
dc8c34
2.4.3
dc8c34