]> git.sur5r.net Git - openldap/commitdiff
ITS#5794
authorQuanah Gibson-Mount <quanah@openldap.org>
Mon, 10 Nov 2008 23:28:20 +0000 (23:28 +0000)
committerQuanah Gibson-Mount <quanah@openldap.org>
Mon, 10 Nov 2008 23:28:20 +0000 (23:28 +0000)
CHANGES
servers/slapd/passwd.c

diff --git a/CHANGES b/CHANGES
index 9c53c5688d9c3f14b57c311e93b1f3f9a022f690..cea5e0bf4434b0f45023275fea52b6e92e16244d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -15,6 +15,7 @@ OpenLDAP 2.4.13 Engineering
        Added slapd dn.this search limits (ITS#5734)
        Fixed slapd error status on shutdown (ITS#5745)
        Fixed slapd nameUIDPretty bitstring parsing (ITS#5750)
+       Fixed slapd null termination of password (ITS#5794)
        Fixed slapd overlay/database open with real structure (ITS#5724)
        Fixed slapd parsing of read entry control (ITS#5741)
        Added slapd PMI schema (ITS#5695)
index 18d0bd2142fcd0fb7f7a0f3068c84ca568715a99..f711871a6edeaeab21d57be2ec3c29626487d991 100644 (file)
@@ -503,6 +503,7 @@ slap_passwd_check(
        int                     result = 1;
        struct berval           *bv;
        AccessControlState      acl_state = ACL_STATE_INIT;
+       char            credNul = cred->bv_val[cred->bv_len];
 
 #ifdef SLAPD_SPASSWD
        void            *old_authctx = NULL;
@@ -511,6 +512,8 @@ slap_passwd_check(
                op->o_conn->c_sasl_authctx, 0, &old_authctx, NULL );
 #endif
 
+       if ( credNul ) cred->bv_val[cred->bv_len] = 0;
+
        for ( bv = a->a_vals; bv->bv_val != NULL; bv++ ) {
                /* if e is provided, check access */
                if ( e && access_allowed( op, e, a->a_desc, bv,
@@ -525,6 +528,8 @@ slap_passwd_check(
                }
        }
 
+       if ( credNul ) cred->bv_val[cred->bv_len] = credNul;
+
 #ifdef SLAPD_SPASSWD
        ldap_pvt_thread_pool_setkey( op->o_threadctx, (void *)slap_sasl_bind,
                old_authctx, 0, NULL, NULL );