diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-01-25 01:32:37 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2004-01-25 01:32:37 +0000 |
commit | f1c7ebf5432b94dc24e4038530d2c72329c7de2a (patch) | |
tree | 62032926dd4b584a28149351577ffd9b948f0da7 | |
parent | 5f8c17460724f0aaff3226798a0d5c7f7b25854e (diff) | |
download | samba-f1c7ebf5432b94dc24e4038530d2c72329c7de2a.tar.gz samba-f1c7ebf5432b94dc24e4038530d2c72329c7de2a.tar.bz2 samba-f1c7ebf5432b94dc24e4038530d2c72329c7de2a.zip |
(merge from 3.0)
Fix removal of attributes in LDAP - we would not actually remove the old
value in the previous code.
Andrew Bartlett
(This used to be commit 971dd33244918cde6bf49a2f9c650da856d31cd6)
-rw-r--r-- | source3/lib/smbldap.c | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index 1156bd6639..150450c83d 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -425,7 +425,7 @@ BOOL fetch_ldap_pw(char **dn, char** pw) /* all of our string attributes are case insensitive */ - if (existed && (StrCaseCmp(oldval, newval) == 0)) { + if (existed && newval && (StrCaseCmp(oldval, newval) == 0)) { /* Believe it or not, but LDAP will deny a delete and an add at the same time if the values are the @@ -433,26 +433,26 @@ BOOL fetch_ldap_pw(char **dn, char** pw) return; } + if (existed) { + /* There has been no value before, so don't delete it. + * Here's a possible race: We might end up with + * duplicate attributes */ + /* By deleting exactly the value we found in the entry this + * should be race-free in the sense that the LDAP-Server will + * deny the complete operation if somebody changed the + * attribute behind our back. */ + /* This will also allow modifying single valued attributes + * in Novell NDS. In NDS you have to first remove attribute and then + * you could add new value */ + + smbldap_set_mod(mods, LDAP_MOD_DELETE, attribute, oldval); + } + /* Regardless of the real operation (add or modify) we add the new value here. We rely on deleting the old value, should it exist. */ if ((newval != NULL) && (strlen(newval) > 0)) { - if (existed) { - /* There has been no value before, so don't delete it. - * Here's a possible race: We might end up with - * duplicate attributes */ - /* By deleting exactly the value we found in the entry this - * should be race-free in the sense that the LDAP-Server will - * deny the complete operation if somebody changed the - * attribute behind our back. */ - /* This will also allow modifying single valued attributes - * in Novell NDS. In NDS you have to first remove attribute and then - * you could add new value */ - - smbldap_set_mod(mods, LDAP_MOD_DELETE, attribute, oldval); - } - smbldap_set_mod(mods, LDAP_MOD_ADD, attribute, newval); } } |