diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-01-25 00:50:39 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2004-01-25 00:50:39 +0000 |
commit | 236adfd9f4ba3ebcb22995431b1935193206e5c2 (patch) | |
tree | eb31c42b2cbbe2dca7109bf7bb25bd318f0baea3 | |
parent | eade7ab7698dd86ceefe2ce70bcdd447ca48a1bb (diff) | |
download | samba-236adfd9f4ba3ebcb22995431b1935193206e5c2.tar.gz samba-236adfd9f4ba3ebcb22995431b1935193206e5c2.tar.bz2 samba-236adfd9f4ba3ebcb22995431b1935193206e5c2.zip |
Fix removal of attributes in LDAP - we would not actually remove the old
value in the previous code.
Andrew Bartlett
(This used to be commit c97d3eb1622ee25c24b0cd81b65ec7d4b854e604)
-rw-r--r-- | source3/lib/smbldap.c | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index b8ce4236e4..2bfaeccd15 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -425,7 +425,7 @@ BOOL fetch_ldap_pw(char **dn, char** pw) /* all of our string attributes are case insensitive */ - if (existed && (StrCaseCmp(oldval, newval) == 0)) { + if (existed && newval && (StrCaseCmp(oldval, newval) == 0)) { /* Believe it or not, but LDAP will deny a delete and an add at the same time if the values are the @@ -433,26 +433,26 @@ BOOL fetch_ldap_pw(char **dn, char** pw) return; } + if (existed) { + /* There has been no value before, so don't delete it. + * Here's a possible race: We might end up with + * duplicate attributes */ + /* By deleting exactly the value we found in the entry this + * should be race-free in the sense that the LDAP-Server will + * deny the complete operation if somebody changed the + * attribute behind our back. */ + /* This will also allow modifying single valued attributes + * in Novell NDS. In NDS you have to first remove attribute and then + * you could add new value */ + + smbldap_set_mod(mods, LDAP_MOD_DELETE, attribute, oldval); + } + /* Regardless of the real operation (add or modify) we add the new value here. We rely on deleting the old value, should it exist. */ if ((newval != NULL) && (strlen(newval) > 0)) { - if (existed) { - /* There has been no value before, so don't delete it. - * Here's a possible race: We might end up with - * duplicate attributes */ - /* By deleting exactly the value we found in the entry this - * should be race-free in the sense that the LDAP-Server will - * deny the complete operation if somebody changed the - * attribute behind our back. */ - /* This will also allow modifying single valued attributes - * in Novell NDS. In NDS you have to first remove attribute and then - * you could add new value */ - - smbldap_set_mod(mods, LDAP_MOD_DELETE, attribute, oldval); - } - smbldap_set_mod(mods, LDAP_MOD_ADD, attribute, newval); } } |