X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Foverlays%2Fppolicy.c;h=e13c33a86629945f9d6e7f571356bfbbbcbf12f7;hb=10566c8be384c6435476ec54e842382841cb84b6;hp=3a6ee17d801491cc800d1b72661d6a7bb5342e14;hpb=e5b9bdd8c5eff319866f26752464d6edb189651c;p=openldap diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c index 3a6ee17d80..e13c33a866 100644 --- a/servers/slapd/overlays/ppolicy.c +++ b/servers/slapd/overlays/ppolicy.c @@ -1,7 +1,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 2004-2015 The OpenLDAP Foundation. + * Copyright 2004-2017 The OpenLDAP Foundation. * Portions Copyright 2004-2005 Howard Chu, Symas Corporation. * Portions Copyright 2004 Hewlett-Packard Company. * All rights reserved. @@ -289,7 +289,7 @@ ppolicy_cf_default( ConfigArgs *c ) rc = 0; break; case SLAP_CONFIG_ADD: - /* fallthrough to LDAP_MOD_ADD */ + /* fallthru to LDAP_MOD_ADD */ case LDAP_MOD_ADD: Debug(LDAP_DEBUG_TRACE, "==> ppolicy_cf_default add\n", 0, 0, 0); if ( pi->def_policy.bv_val ) { @@ -468,6 +468,20 @@ add_passcontrol( Operation *op, SlapReply *rs, LDAPControl *ctrl ) return oldctrls; } +static void +ppolicy_get_default( PassPolicy *pp ) +{ + memset( pp, 0, sizeof(PassPolicy) ); + + pp->ad = slap_schema.si_ad_userPassword; + + /* Users can change their own password by default */ + pp->pwdAllowUserChange = 1; + if ( !pp->pwdMaxRecordedFailure ) + pp->pwdMaxRecordedFailure = PPOLICY_DEFAULT_MAXRECORDED_FAILURE; +} + + static void ppolicy_get( Operation *op, Entry *e, PassPolicy *pp ) { @@ -481,12 +495,7 @@ ppolicy_get( Operation *op, Entry *e, PassPolicy *pp ) const char *text; #endif - memset( pp, 0, sizeof(PassPolicy) ); - - pp->ad = slap_schema.si_ad_userPassword; - - /* Users can change their own password by default */ - pp->pwdAllowUserChange = 1; + ppolicy_get_default( pp ); if ((a = attr_find( e->e_attrs, ad_pwdPolicySubentry )) == NULL) { /* @@ -576,8 +585,17 @@ ppolicy_get( Operation *op, Entry *e, PassPolicy *pp ) return; defaultpol: + if ( pe ) { + op->o_bd->bd_info = (BackendInfo *)on->on_info; + be_entry_release_r( op, pe ); + op->o_bd->bd_info = (BackendInfo *)on; + } + Debug( LDAP_DEBUG_TRACE, "ppolicy_get: using default policy\n", 0, 0, 0 ); + + ppolicy_get_default( pp ); + return; }