ITS#4596 control can be critical

diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
index f8c7971a08b00bfee827339d2de3660ce2b9234b..63f192dcc3eb4978feb99f19bac4a3af61754305 100644 (file)
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -1928,11 +1928,9 @@ ppolicy_parseCtrl(
                rs->sr_text = "passwordPolicyRequest control value not empty";
                return LDAP_PROTOCOL_ERROR;
        }
-       if ( ctrl->ldctl_iscritical ) {
-               rs->sr_text = "passwordPolicyRequest control invalid criticality";
-               return LDAP_PROTOCOL_ERROR;
-       }
-       op->o_ctrlflag[ppolicy_cid] = SLAP_CONTROL_NONCRITICAL;
+       op->o_ctrlflag[ppolicy_cid] = ctrl->ldctl_iscritical
+               ? SLAP_CONTROL_CRITICAL
+               : SLAP_CONTROL_NONCRITICAL;
 
        return LDAP_SUCCESS;
 }