From: Ryan Tandy <ryan@nardis.ca>
Date: Sat, 14 Mar 2015 00:29:32 +0000 (+0000)
Subject: ITS#8079 nssov: fix compare for usergroup
X-Git-Url: https://git.sur5r.net/?p=openldap;a=commitdiff_plain;h=05ea78703b66b1f848ce593d4ba1caa3777fb5db

ITS#8079 nssov: fix compare for usergroup

More for 5c527bc49e5d547e7f092e45d42baf6cb1ae89ae
---

diff --git a/contrib/slapd-modules/nssov/pam.c b/contrib/slapd-modules/nssov/pam.c
index 577ae9adcc..7e1c4d7aaf 100644
--- a/contrib/slapd-modules/nssov/pam.c
+++ b/contrib/slapd-modules/nssov/pam.c
@@ -444,7 +444,8 @@ int pam_authz(nssov_info *ni,TFILE *fp,Operation *op)
 		AttributeAssertion ava = ATTRIBUTEASSERTION_INIT;
 		SlapReply rs = {REP_RESULT};
 		op->o_callback = &cb;
-		cb.sc_response = slap_null_cb;
+		cb.sc_response = pam_compare_cb;
+		cb.sc_private = NULL;
 		op->o_tag = LDAP_REQ_COMPARE;
 		op->o_req_dn = ni->ni_pam_group_dn;
 		op->o_req_ndn = ni->ni_pam_group_dn;
@@ -452,7 +453,7 @@ int pam_authz(nssov_info *ni,TFILE *fp,Operation *op)
 		ava.aa_value = dn;
 		op->orc_ava = &ava;
 		rc = op->o_bd->be_compare( op, &rs );
-		if ( rs.sr_err != LDAP_COMPARE_TRUE ) {
+		if ( cb.sc_private == NULL ) {
 			authzmsg = grpmsg;
 			rc = NSLCD_PAM_PERM_DENIED;
 			goto finish;