From 32ca9f093c25ee543fe23aa9efc790bfc6b12fe8 Mon Sep 17 00:00:00 2001 From: Noriko Hosoi Date: Mon, 23 Jun 2014 15:01:34 -0700 Subject: [PATCH] Revert "Ticket #47423 - 7-bit check plugin does not work for userpassword attribute" This reverts commit 4457a30decf6e281986310e705ceb6d5c059232b. This patch should not be in rhel-6.6 branch. --- ldap/servers/plugins/uiduniq/7bit.c | 37 ++++++++++--------------------------- 1 file changed, 10 insertions(+), 27 deletions(-) diff --git a/ldap/servers/plugins/uiduniq/7bit.c b/ldap/servers/plugins/uiduniq/7bit.c index c98d660..f690b4e 100644 --- a/ldap/servers/plugins/uiduniq/7bit.c +++ b/ldap/servers/plugins/uiduniq/7bit.c @@ -218,8 +218,7 @@ preop_add(Slapi_PBlock *pb) { int result; char *violated = NULL; - char *pwd = NULL; - char *origpwd = NULL; + #ifdef DEBUG slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name, "ADD begin\n"); #endif @@ -237,14 +236,12 @@ preop_add(Slapi_PBlock *pb) const char *dn; Slapi_DN *sdn = NULL; Slapi_Entry *e; + Slapi_Attr *attr; char **firstSubtree; char **subtreeDN; int subtreeCnt; int is_replicated_operation; - struct berval *vals[2]; - struct berval val; - vals[0] = &val; - vals[1] = NULL; + /* * Get the arguments */ @@ -291,26 +288,19 @@ preop_add(Slapi_PBlock *pb) for (attrName = argv; strcmp(*attrName, ",") != 0; attrName++ ) { /* - * if the attribute is userpassword, check unhashed user password + * if the attribute is userpassword, check unhashed#user#password * instead. "userpassword" is encoded; it will always pass the 7bit * check. */ - char *attr_name = NULL; - Slapi_Attr *attr = NULL; + char *attr_name; if ( strcasecmp(*attrName, "userpassword") == 0 ) { - origpwd = pwd = slapi_get_first_clear_text_pw(e); - if (pwd == NULL) - { - continue; - } - val.bv_val = pwd; - val.bv_len = strlen(val.bv_val); + attr_name = "unhashed#user#password"; } else { attr_name = *attrName; - err = slapi_entry_attr_find(e, attr_name, &attr); - if (err) continue; /* break;*/ /* no 7-bit attribute */ } + err = slapi_entry_attr_find(e, attr_name, &attr); + if (err) continue; /* break;*/ /* no 7-bit attribute */ /* * For each DN in the managed list, do 7-bit checking if @@ -333,14 +323,7 @@ preop_add(Slapi_PBlock *pb) /* * Check if the value is 7-bit clean */ - if(pwd) - { - result = bit_check(attr, vals, &violated); - if(!result) - pwd = NULL; - } - else - result = bit_check(attr, NULL, &violated); + result = bit_check(attr, NULL, &violated); if (result) break; } } @@ -352,7 +335,7 @@ preop_add(Slapi_PBlock *pb) if (result) { issue_error(pb, result, "ADD", violated); } - slapi_ch_free_string(&origpwd); + return (result==LDAP_SUCCESS)?0:-1; } -- 1.8.1.4