]> git.sur5r.net Git - openldap/commitdiff
Fix crash on modify if userpassword didn't exist yet
authorHoward Chu <hyc@openldap.org>
Sun, 15 Aug 2004 22:23:58 +0000 (22:23 +0000)
committerHoward Chu <hyc@openldap.org>
Sun, 15 Aug 2004 22:23:58 +0000 (22:23 +0000)
servers/slapd/overlays/ppolicy.c

index b146bce1609f0260c12b38f69255019ec72d11e9..77537f64bcd6d592d92b6106213f6d54ab0b92d2 100644 (file)
@@ -1571,39 +1571,41 @@ ppolicy_modify( Operation *op, SlapReply *rs )
                }
        }
 
-       /*
-        * Last check - the password history.
-        */
-       if (slap_passwd_check( op->o_conn, pa, bv, &txt ) == LDAP_SUCCESS) {
+       if (pa) {
                /*
-                * This is bad - it means that the user is attempting
-                * to set the password to the same as the old one.
+                * Last check - the password history.
                 */
-               rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
-               rs->sr_text = "Password is not being changed from existing value";
-               pErr = PP_passwordInHistory;
-               goto return_results;
-       }
-
-       if (pp.pwdInHistory < 1) goto do_modify;
-
-       /*
-        * Iterate through the password history, and fail on any
-        * password matches.
-        */
-       at = *pa;
-       at.a_vals = cr;
-       cr[1].bv_val = NULL;
-       for(p=tl; p; p=p->next) {
-               cr[0] = p->pw;
-               rc = slap_passwd_check( op->o_conn, &at, bv, &txt );
-               
-               if (rc != LDAP_SUCCESS) continue;
-               
-               rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
-               rs->sr_text = "Password is in history of old passwords";
-               pErr = PP_passwordInHistory;
-               goto return_results;
+               if (slap_passwd_check( op->o_conn, pa, bv, &txt ) == LDAP_SUCCESS) {
+                       /*
+                        * This is bad - it means that the user is attempting
+                        * to set the password to the same as the old one.
+                        */
+                       rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
+                       rs->sr_text = "Password is not being changed from existing value";
+                       pErr = PP_passwordInHistory;
+                       goto return_results;
+               }
+       
+               if (pp.pwdInHistory < 1) goto do_modify;
+       
+               /*
+                * Iterate through the password history, and fail on any
+                * password matches.
+                */
+               at = *pa;
+               at.a_vals = cr;
+               cr[1].bv_val = NULL;
+               for(p=tl; p; p=p->next) {
+                       cr[0] = p->pw;
+                       rc = slap_passwd_check( op->o_conn, &at, bv, &txt );
+                       
+                       if (rc != LDAP_SUCCESS) continue;
+                       
+                       rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
+                       rs->sr_text = "Password is in history of old passwords";
+                       pErr = PP_passwordInHistory;
+                       goto return_results;
+               }
        }
 
 do_modify: