ITS#8080 nssov: allow user pwmod without pwdmgr configured

author Ryan Tandy <ryan@nardis.ca>

Mon, 16 Mar 2015 04:53:32 +0000 (04:53 +0000)

committer Quanah Gibson-Mount <quanah@openldap.org>

Mon, 23 Mar 2015 16:18:31 +0000 (11:18 -0500)
author Ryan Tandy <ryan@nardis.ca>
Mon, 16 Mar 2015 04:53:32 +0000 (04:53 +0000)
committer Quanah Gibson-Mount <quanah@openldap.org>
Mon, 23 Mar 2015 16:18:31 +0000 (11:18 -0500)
diff --git a/contrib/slapd-modules/nssov/pam.c b/contrib/slapd-modules/nssov/pam.c

index a455331ed3f9305b328a98140e5a02969c42f676..25ed22abdc757be782394e27310186bfe7863476 100644 (file)
--- a/contrib/slapd-modules/nssov/pam.c
+++ b/contrib/slapd-modules/nssov/pam.c
@@ -770,13 +770,8 @@ int pam_pwmod(nssov_info *ni,TFILE *fp,Operation *op,uid_t calleruid)
                 goto done;
         }
  
-       if (BER_BVISEMPTY(&ni->ni_pam_pwdmgr_dn)) {
-               Debug(LDAP_DEBUG_TRACE,"nssov_pam_pwmod(), %s\n",
-                       "pwdmgr not configured", 0, 0);
-               ber_str2bv("pwdmgr not configured", 0, 0, &pi.msg);
-               rc = NSLCD_PAM_PERM_DENIED;
-               goto done;
-       } else if (!ber_bvcmp(&pi.dn, &ni->ni_pam_pwdmgr_dn)) {
+       if (!BER_BVISEMPTY(&ni->ni_pam_pwdmgr_dn) &&
+               !ber_bvcmp(&pi.dn, &ni->ni_pam_pwdmgr_dn)) {
                 if (calleruid != 0) {
                         Debug(LDAP_DEBUG_TRACE,"nssov_pam_pwmod(): %s\n",
                                 "caller is not root", 0, 0);
author	Ryan Tandy <ryan@nardis.ca>
	Mon, 16 Mar 2015 04:53:32 +0000 (04:53 +0000)
committer	Quanah Gibson-Mount <quanah@openldap.org>
	Mon, 23 Mar 2015 16:18:31 +0000 (11:18 -0500)