diff options
author | Sumit Bose <sbose@redhat.com> | 2013-02-22 09:40:35 +0100 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2013-04-02 09:39:28 -0400 |
commit | 7b45e33400355df44e75576ef7f70a39d163bf8e (patch) | |
tree | f4fa4cf9ec4c39f1187a034ac086cbe2821ac0a0 /daemons/ipa-slapi-plugins | |
parent | 40b4faa6d71c00ef06ea5c75da820c7e2b720e4a (diff) | |
download | freeipa-7b45e33400355df44e75576ef7f70a39d163bf8e.tar.gz freeipa-7b45e33400355df44e75576ef7f70a39d163bf8e.tar.xz freeipa-7b45e33400355df44e75576ef7f70a39d163bf8e.zip |
ipa-pwd-extop: do not use dn until it is really set
https://fedorahosted.org/freeipa/ticket/3539
Diffstat (limited to 'daemons/ipa-slapi-plugins')
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 974eda318..b64084e9d 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -240,26 +240,6 @@ static int ipapwd_chpwop(Slapi_PBlock *pb, struct ipapwd_krbcfg *krbcfg) } parse_req_done: - - if (usetxn) { - Slapi_DN *sdn = slapi_sdn_new_dn_byref(dn); - Slapi_Backend *be = slapi_be_select(sdn); - slapi_sdn_free(&sdn); - if (be) { - chpwop_pb = slapi_pblock_new(); - if (slapi_pblock_set(chpwop_pb, SLAPI_BACKEND, be)) { - LOG_FATAL("slapi_pblock_set failed!\n"); - rc = LDAP_OPERATIONS_ERROR; - goto free_and_return; - } - rc = slapi_back_transaction_begin(chpwop_pb); - if (rc) { - LOG_FATAL("failed to start transaction\n"); - } - } else { - LOG_FATAL("failed to get be backend from %s\n", dn); - } - } /* Uncomment for debugging, otherwise we don't want to leak the * password values into the log... */ /* LDAPDebug( LDAP_DEBUG_ARGS, "passwd: dn (%s), oldPasswd (%s), @@ -313,6 +293,26 @@ parse_req_done: goto free_and_return; } + if (usetxn) { + Slapi_DN *sdn = slapi_sdn_new_dn_byref(dn); + Slapi_Backend *be = slapi_be_select(sdn); + slapi_sdn_free(&sdn); + if (be) { + chpwop_pb = slapi_pblock_new(); + if (slapi_pblock_set(chpwop_pb, SLAPI_BACKEND, be)) { + LOG_FATAL("slapi_pblock_set failed!\n"); + rc = LDAP_OPERATIONS_ERROR; + goto free_and_return; + } + rc = slapi_back_transaction_begin(chpwop_pb); + if (rc) { + LOG_FATAL("failed to start transaction\n"); + } + } else { + LOG_FATAL("failed to get be backend from %s\n", dn); + } + } + /* Now we have the DN, look for the entry */ ret = ipapwd_getEntry(dn, &targetEntry, attrlist); /* If we can't find the entry, then that's an error */ |