packages/openldap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openldap/backport-ITS-9863-Forward-lastbind-updates-if-configured.patch
compile_success d202e5a62b backport patch
2022-11-08 13:51:53 +00:00

67 lines
2.1 KiB
Diff
Raw Blame History

From fb1151573f8f597bb724df80de7a1664d1e646a4 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Thu, 23 Jun 2022 17:03:07 +0000
Subject: [PATCH] ITS#9863 - Forward lastbind updates if configured
Mark lastbind operations as being on the frontendDB so that chaining configurations are honored.
Make pwdLastSuccess flag SLAP_AT_MANAGEABLE
---
servers/slapd/back-ldap/bind.c | 2 +-
servers/slapd/bind.c | 5 ++---
servers/slapd/schema_prep.c | 2 +-
3 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c
index cad7cfe69..02fb60ea3 100644
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@@ -1417,7 +1417,7 @@ retry_lock:;
sb->sb_realm.bv_val,
sb->sb_authcId.bv_val,
sb->sb_cred.bv_val,
- NULL );
+ sb->sb_authzId.bv_val );
if ( defaults == NULL ) {
rs->sr_err = LDAP_OTHER;
LDAP_BACK_CONN_ISBOUND_CLEAR( lc );
diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c
index 1a74a8cd4..4b8eda69b 100644
--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -472,9 +472,6 @@ fe_op_lastbind( Operation *op )
op2.o_dn = op->o_bd->be_rootdn;
op2.o_ndn = op->o_bd->be_rootndn;
- /*
- * TODO: this is core+frontend, not everything works the same way?
- */
/*
* Code for forwarding of updates adapted from ppolicy.c of slapo-ppolicy
*
@@ -485,6 +482,8 @@ fe_op_lastbind( Operation *op )
* must be configured appropriately for this to be useful.
*/
if ( SLAP_SHADOW( op->o_bd ) ) {
+ op2.o_bd = frontendDB;
+
/* Must use Relax control since these are no-user-mod */
op2.o_relax = SLAP_CONTROL_CRITICAL;
op2.o_ctrls = ca;
diff --git a/servers/slapd/schema_prep.c b/servers/slapd/schema_prep.c
index 2c557905c..b8793f50f 100644
--- a/servers/slapd/schema_prep.c
+++ b/servers/slapd/schema_prep.c
@@ -1028,7 +1028,7 @@ static struct slap_schema_ad_map {
"SINGLE-VALUE "
"NO-USER-MODIFICATION "
"USAGE directoryOperation )",
- NULL, 0,
+ NULL, SLAP_AT_MANAGEABLE,
NULL, NULL,
NULL, NULL, NULL, NULL, NULL,
offsetof(struct slap_internal_schema, si_ad_pwdLastSuccess) },
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink