From 4ab1b754a2659d8e75ae734987ed93f3e1ed047f Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 15 May 2019 21:20:26 +0200 Subject: [PATCH 29/29] LDAP: Return the error message from the extended operation password change also on failure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Resolves: https://pagure.io/SSSD/sssd/issue/4015 If password change fails, the tevent request would call TEVENT_REQ_RETURN_ON_ERROR before returning the error message that comes from the server, so the server message would not be propagated to the caller. This regressed in cf1d7ff Reviewed-by: Pavel Březina (cherry picked from commit 9a4d5f0601b432b87c3bf93f7126d07e65993e0d) --- src/providers/ldap/ldap_auth.c | 5 +++-- src/providers/ldap/sdap_async.c | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c index 86724e388..4f416c1aa 100644 --- a/src/providers/ldap/ldap_auth.c +++ b/src/providers/ldap/ldap_auth.c @@ -1212,10 +1212,11 @@ sdap_pam_change_password_recv(TALLOC_CTX *mem_ctx, struct sdap_pam_change_password_state *state; state = tevent_req_data(req, struct sdap_pam_change_password_state); - TEVENT_REQ_RETURN_ON_ERROR(req); - + /* We want to return the error message even on failure */ *_user_error_message = talloc_steal(mem_ctx, state->user_error_message); + TEVENT_REQ_RETURN_ON_ERROR(req); + return EOK; } diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index 822baf06a..7e78e6b6e 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -696,6 +696,7 @@ errno_t sdap_exop_modify_passwd_recv(struct tevent_req *req, struct sdap_exop_modify_passwd_state *state = tevent_req_data(req, struct sdap_exop_modify_passwd_state); + /* We want to return the error message even on failure */ *user_error_message = talloc_steal(mem_ctx, state->user_error_message); TEVENT_REQ_RETURN_ON_ERROR(req); -- 2.20.1