diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-07-28 06:30:03 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:15:07 -0500 |
commit | 56b1714e9c40dfeae855d0917d78fc0ddc04162e (patch) | |
tree | 3c5465ce40cf88a9fb7f2b2c5ea85cb8070359dd /source4/dsdb/samdb | |
parent | 077180191197e257f97dcea5eabb4e226b87e945 (diff) | |
download | samba-56b1714e9c40dfeae855d0917d78fc0ddc04162e.tar.gz samba-56b1714e9c40dfeae855d0917d78fc0ddc04162e.tar.bz2 samba-56b1714e9c40dfeae855d0917d78fc0ddc04162e.zip |
r17288: Don't mess with entries in the local password prefix, and fix const
warnings.
Andrew Bartlett
(This used to be commit 4569c58a42e1d65ae71ee57e391b9e3dbaba2218)
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/password_hash.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index ec42249633..ae02eb9e98 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -44,6 +44,7 @@ #include "dsdb/samdb/samdb.h" #include "ads.h" #include "hdb.h" +#include "dsdb/samdb/ldb_modules/password_modules.h" /* If we have decided there is reason to work on this request, then * setup all the password hash types correctly. @@ -571,6 +572,13 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } + /* If the caller is manipulating the local passwords directly, let them pass */ + if (ldb_dn_compare_base(module->ldb, + ldb_dn_explode(req, LOCAL_BASE), + req->op.add.message->dn) == 0) { + return ldb_next_request(module, req); + } + /* nobody must touch password Histories */ if (ldb_msg_find_element(req->op.add.message, "sambaNTPwdHistory") || ldb_msg_find_element(req->op.add.message, "sambaLMPwdHistory")) { @@ -740,6 +748,7 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r struct ldb_message_element *sambaAttr; struct ldb_message_element *ntAttr; struct ldb_message_element *lmAttr; + struct ldb_message *msg; ldb_debug(module->ldb, LDB_DEBUG_TRACE, "password_hash_modify\n"); @@ -747,6 +756,13 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r return ldb_next_request(module, req); } + /* If the caller is manipulating the local passwords directly, let them pass */ + if (ldb_dn_compare_base(module->ldb, + ldb_dn_explode(req, LOCAL_BASE), + req->op.mod.message->dn) == 0) { + return ldb_next_request(module, req); + } + /* nobody must touch password Histories */ if (ldb_msg_find_element(req->op.mod.message, "sambaNTPwdHistory") || ldb_msg_find_element(req->op.mod.message, "sambaLMPwdHistory")) { @@ -799,16 +815,16 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r *(ac->down_req) = *req; /* copy the request */ /* use a new message structure so that we can modify it */ - ac->down_req->op.mod.message = ldb_msg_copy_shallow(ac->down_req, req->op.mod.message); + ac->down_req->op.mod.message = msg = ldb_msg_copy_shallow(ac->down_req, req->op.mod.message); /* - remove any imodification to the password from the first commit * we will make the real modification later */ - if (sambaAttr) ldb_msg_remove_attr(ac->down_req->op.mod.message, "sambaPassword"); - if (ntAttr) ldb_msg_remove_attr(ac->down_req->op.mod.message, "ntPwdHash"); - if (lmAttr) ldb_msg_remove_attr(ac->down_req->op.mod.message, "lmPwdHash"); + if (sambaAttr) ldb_msg_remove_attr(msg, "sambaPassword"); + if (ntAttr) ldb_msg_remove_attr(msg, "ntPwdHash"); + if (lmAttr) ldb_msg_remove_attr(msg, "lmPwdHash"); /* if there was nothing else to be modify skip to next step */ - if (ac->down_req->op.mod.message->num_elements == 0) { + if (msg->num_elements == 0) { talloc_free(ac->down_req); ac->down_req = NULL; return password_hash_mod_search_self(h); |