diff options
author | Simo Sorce <ssorce@redhat.com> | 2011-02-09 23:48:28 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-02-14 13:36:27 -0500 |
commit | 5341a22ba2dec5099c8a14c0903c7770884ee6be (patch) | |
tree | 2e37685a181133f8a74e495649786c429066a5f9 /daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c | |
parent | 03e83f6cc8445976411751617e6b3d81a575807a (diff) | |
download | freeipa-5341a22ba2dec5099c8a14c0903c7770884ee6be.tar.gz freeipa-5341a22ba2dec5099c8a14c0903c7770884ee6be.tar.xz freeipa-5341a22ba2dec5099c8a14c0903c7770884ee6be.zip |
Update krbExtraData too when changing passwords.
Fixes: https://fedorahosted.org/freeipa/ticket/937
Diffstat (limited to 'daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c')
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c index 34045e208..60a8ca3be 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_prepost.c @@ -786,6 +786,9 @@ static int ipapwd_post_op(Slapi_PBlock *pb) struct tm utctime; char timestr[GENERALIZED_TIME_LENGTH+1]; int ret; + char *errMsg = "Internal operations error\n"; + struct ipapwd_krbcfg *krbcfg = NULL; + char *principal = NULL; LOG_TRACE("=>\n"); @@ -812,6 +815,12 @@ static int ipapwd_post_op(Slapi_PBlock *pb) return 0; } + ret = ipapwd_gen_checks(pb, &errMsg, &krbcfg, 0); + if (ret != 0) { + LOG_FATAL("ipapwd_gen_checks failed!?\n"); + return 0; + } + /* prepare changes that can be made only as root */ smods = slapi_mods_new(); @@ -860,9 +869,19 @@ static int ipapwd_post_op(Slapi_PBlock *pb) if (ret) LOG("Failed to set additional password attributes in the post-op!\n"); + if (pwdop->pwdata.changetype == IPA_CHANGETYPE_NORMAL) { + principal = slapi_entry_attr_get_charptr(pwdop->pwdata.target, + "krbPrincipalName"); + } else { + principal = slapi_ch_smprintf("root/admin@%s", krbcfg->realm); + } + ipapwd_set_extradata(pwdop->pwdata.dn, principal, pwdop->pwdata.timeNow); + done: if (pwdop && pwdop->pwdata.target) slapi_entry_free(pwdop->pwdata.target); slapi_mods_free(&smods); + slapi_ch_free_string(&principal); + free_ipapwd_krbcfg(&krbcfg); return 0; } |