summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2010-06-30 08:26:08 +0200
committerStefan Metzmacher <metze@samba.org>2010-07-05 18:00:15 +0200
commita236bc4b334433eb743cb88a8a5f36c7d694681c (patch)
tree13ee7ae360e39b71a200fd6684783e6b677c9355 /source4/dsdb/samdb
parent6d7b9648e5bff20136dd4462313ce4c3cd502662 (diff)
downloadsamba-a236bc4b334433eb743cb88a8a5f36c7d694681c.tar.gz
samba-a236bc4b334433eb743cb88a8a5f36c7d694681c.tar.bz2
samba-a236bc4b334433eb743cb88a8a5f36c7d694681c.zip
s4:dsdb/password_hash: implement DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID
metze
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c20
1 files changed, 20 insertions, 0 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index f85ae1e5b9..505f2c26f7 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -2187,6 +2187,7 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req)
struct ldb_message_element *userPasswordAttr, *clearTextPasswordAttr,
*ntAttr, *lmAttr;
int ret;
+ struct ldb_control *bypass = NULL;
ldb = ldb_module_get_ctx(module);
@@ -2202,6 +2203,15 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req)
return ldb_next_request(module, req);
}
+ bypass = ldb_request_get_control(req,
+ DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID);
+ if (bypass != NULL) {
+ /* Mark the "bypass" control as uncritical (done) */
+ bypass->critical = false;
+ ldb_debug(ldb, LDB_DEBUG_TRACE, "password_hash_add (bypassing)\n");
+ return ldb_next_request(module, req);
+ }
+
/* nobody must touch password histories and 'supplementalCredentials' */
if (ldb_msg_find_element(req->op.add.message, "ntPwdHistory")) {
return LDB_ERR_UNWILLING_TO_PERFORM;
@@ -2363,6 +2373,7 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r
struct ldb_message *msg;
struct ldb_request *down_req;
int ret;
+ struct ldb_control *bypass = NULL;
ldb = ldb_module_get_ctx(module);
@@ -2378,6 +2389,15 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r
return ldb_next_request(module, req);
}
+ bypass = ldb_request_get_control(req,
+ DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID);
+ if (bypass != NULL) {
+ /* Mark the "bypass" control as uncritical (done) */
+ bypass->critical = false;
+ ldb_debug(ldb, LDB_DEBUG_TRACE, "password_hash_modify (bypassing)\n");
+ return ldb_next_request(module, req);
+ }
+
/* nobody must touch password histories and 'supplementalCredentials' */
if (ldb_msg_find_element(req->op.mod.message, "ntPwdHistory")) {
return LDB_ERR_UNWILLING_TO_PERFORM;