From: Kurt Zeilenga Date: Thu, 29 Sep 2005 20:30:09 +0000 (+0000) Subject: ITS#4021: add new {CLEARTEXT} kludge as bv_len=0 kludge no X-Git-Tag: OPENLDAP_REL_ENG_2_2_MP~354 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=9449c5709e19753fd5ea2cbaeca923d1f2d2a9c7;p=openldap ITS#4021: add new {CLEARTEXT} kludge as bv_len=0 kludge no longer works well. --- diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c index 23d001f7d5..269df67ed1 100644 --- a/libraries/liblutil/passwd.c +++ b/libraries/liblutil/passwd.c @@ -73,6 +73,10 @@ static lutil_cryptfunc lutil_crypt; lutil_cryptfunc *lutil_cryptptr = lutil_crypt; #endif +/* KLUDGE: + * chk_fn is NULL iff name is {CLEARTEXT} + * otherwise, things will break + */ struct pw_scheme { struct berval name; LUTIL_PASSWD_CHK_FUNC *chk_fn; @@ -147,7 +151,7 @@ static const struct pw_scheme pw_schemes_default[] = #ifdef SLAPD_CLEARTEXT /* pseudo scheme */ - { {0, "{CLEARTEXT}"}, NULL, hash_clear }, + { BER_BVC("{CLEARTEXT}"), NULL, hash_clear }, #endif { BER_BVNULL, NULL, NULL } @@ -306,7 +310,9 @@ lutil_passwd( */ if (( passwd->bv_val[0] == '{' ) && ( strchr( passwd->bv_val, '}' ) > passwd->bv_val+1 )) + { return 1; + } if( is_allowed_scheme("{CLEARTEXT}", schemes ) ) { return ( passwd->bv_len == cred->bv_len ) ? memcmp( passwd->bv_val, cred->bv_val, passwd->bv_len ) diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c index e2be24c8f8..be9de3f5ea 100644 --- a/servers/slapd/bconfig.c +++ b/servers/slapd/bconfig.c @@ -1379,7 +1379,7 @@ config_passwd_hash(ConfigArgs *c) { } for(i = 1; i < c->argc; i++) { if(!lutil_passwd_scheme(c->argv[i])) { - sprintf( c->msg, "<%s> schema not available", c->argv[0] ); + sprintf( c->msg, "<%s> scheme not available", c->argv[0] ); Debug(LDAP_DEBUG_ANY, "%s: %s (%s)\n", c->log, c->msg, c->argv[i]); } else { diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c index 5ada68fa92..385e2be3c1 100644 --- a/servers/slapd/passwd.c +++ b/servers/slapd/passwd.c @@ -68,7 +68,9 @@ int passwd_extop( return LDAP_STRONG_AUTH_REQUIRED; } + qpw->rs_old.bv_len = 0; qpw->rs_old.bv_val = NULL; + qpw->rs_new.bv_len = 0; qpw->rs_new.bv_val = NULL; qpw->rs_mods = NULL; qpw->rs_modtail = NULL; diff --git a/tests/scripts/test010-passwd b/tests/scripts/test010-passwd index 8de9baaaf8..9abf3d93c2 100755 --- a/tests/scripts/test010-passwd +++ b/tests/scripts/test010-passwd @@ -171,7 +171,7 @@ fi echo "Logging end state with ldapsearch..." echo "" >> $TESTOUT -echo "++ Initial search" >> $TESTOUT +echo "++ End search" >> $TESTOUT $LDAPSEARCH -h $LOCALHOST -p $PORT1 \ -D "$MANAGERDN" -w $PASSWD \ -b "$BASEDN" \