|
 |
841ac7 |
From 4ab1b754a2659d8e75ae734987ed93f3e1ed047f Mon Sep 17 00:00:00 2001
|
|
|
841ac7 |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
841ac7 |
Date: Wed, 15 May 2019 21:20:26 +0200
|
|
|
841ac7 |
Subject: [PATCH 29/29] LDAP: Return the error message from the extended
|
|
|
841ac7 |
operation password change also on failure
|
|
|
841ac7 |
MIME-Version: 1.0
|
|
|
841ac7 |
Content-Type: text/plain; charset=UTF-8
|
|
|
841ac7 |
Content-Transfer-Encoding: 8bit
|
|
|
841ac7 |
|
|
|
841ac7 |
Resolves: https://pagure.io/SSSD/sssd/issue/4015
|
|
|
841ac7 |
|
|
|
841ac7 |
If password change fails, the tevent request would call
|
|
|
841ac7 |
TEVENT_REQ_RETURN_ON_ERROR before returning the error message that comes
|
|
|
841ac7 |
from the server, so the server message would not be propagated to the caller.
|
|
|
841ac7 |
|
|
|
841ac7 |
This regressed in cf1d7ff
|
|
|
841ac7 |
|
|
|
841ac7 |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
841ac7 |
(cherry picked from commit 9a4d5f0601b432b87c3bf93f7126d07e65993e0d)
|
|
|
841ac7 |
---
|
|
|
841ac7 |
src/providers/ldap/ldap_auth.c | 5 +++--
|
|
|
841ac7 |
src/providers/ldap/sdap_async.c | 1 +
|
|
|
841ac7 |
2 files changed, 4 insertions(+), 2 deletions(-)
|
|
|
841ac7 |
|
|
|
841ac7 |
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
|
|
|
841ac7 |
index 86724e388..4f416c1aa 100644
|
|
|
841ac7 |
--- a/src/providers/ldap/ldap_auth.c
|
|
|
841ac7 |
+++ b/src/providers/ldap/ldap_auth.c
|
|
|
841ac7 |
@@ -1212,10 +1212,11 @@ sdap_pam_change_password_recv(TALLOC_CTX *mem_ctx,
|
|
|
841ac7 |
struct sdap_pam_change_password_state *state;
|
|
|
841ac7 |
state = tevent_req_data(req, struct sdap_pam_change_password_state);
|
|
|
841ac7 |
|
|
|
841ac7 |
- TEVENT_REQ_RETURN_ON_ERROR(req);
|
|
|
841ac7 |
-
|
|
|
841ac7 |
+ /* We want to return the error message even on failure */
|
|
|
841ac7 |
*_user_error_message = talloc_steal(mem_ctx, state->user_error_message);
|
|
|
841ac7 |
|
|
|
841ac7 |
+ TEVENT_REQ_RETURN_ON_ERROR(req);
|
|
|
841ac7 |
+
|
|
|
841ac7 |
return EOK;
|
|
|
841ac7 |
}
|
|
|
841ac7 |
|
|
|
841ac7 |
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
|
|
|
841ac7 |
index 822baf06a..7e78e6b6e 100644
|
|
|
841ac7 |
--- a/src/providers/ldap/sdap_async.c
|
|
|
841ac7 |
+++ b/src/providers/ldap/sdap_async.c
|
|
|
841ac7 |
@@ -696,6 +696,7 @@ errno_t sdap_exop_modify_passwd_recv(struct tevent_req *req,
|
|
|
841ac7 |
struct sdap_exop_modify_passwd_state *state = tevent_req_data(req,
|
|
|
841ac7 |
struct sdap_exop_modify_passwd_state);
|
|
|
841ac7 |
|
|
|
841ac7 |
+ /* We want to return the error message even on failure */
|
|
|
841ac7 |
*user_error_message = talloc_steal(mem_ctx, state->user_error_message);
|
|
|
841ac7 |
|
|
|
841ac7 |
TEVENT_REQ_RETURN_ON_ERROR(req);
|
|
|
841ac7 |
--
|
|
|
841ac7 |
2.20.1
|
|
|
841ac7 |
|