summaryrefslogtreecommitdiffstats
path: root/daemons/ipa-slapi-plugins
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2013-02-22 09:40:35 +0100
committerRob Crittenden <rcritten@redhat.com>2013-04-02 09:39:28 -0400
commit7b45e33400355df44e75576ef7f70a39d163bf8e (patch)
treef4fa4cf9ec4c39f1187a034ac086cbe2821ac0a0 /daemons/ipa-slapi-plugins
parent40b4faa6d71c00ef06ea5c75da820c7e2b720e4a (diff)
downloadfreeipa-7b45e33400355df44e75576ef7f70a39d163bf8e.tar.gz
freeipa-7b45e33400355df44e75576ef7f70a39d163bf8e.tar.xz
freeipa-7b45e33400355df44e75576ef7f70a39d163bf8e.zip
ipa-pwd-extop: do not use dn until it is really set
https://fedorahosted.org/freeipa/ticket/3539
Diffstat (limited to 'daemons/ipa-slapi-plugins')
-rw-r--r--daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c40
1 files changed, 20 insertions, 20 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
index 974eda318..b64084e9d 100644
--- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
+++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c
@@ -240,26 +240,6 @@ static int ipapwd_chpwop(Slapi_PBlock *pb, struct ipapwd_krbcfg *krbcfg)
}
parse_req_done:
-
- if (usetxn) {
- Slapi_DN *sdn = slapi_sdn_new_dn_byref(dn);
- Slapi_Backend *be = slapi_be_select(sdn);
- slapi_sdn_free(&sdn);
- if (be) {
- chpwop_pb = slapi_pblock_new();
- if (slapi_pblock_set(chpwop_pb, SLAPI_BACKEND, be)) {
- LOG_FATAL("slapi_pblock_set failed!\n");
- rc = LDAP_OPERATIONS_ERROR;
- goto free_and_return;
- }
- rc = slapi_back_transaction_begin(chpwop_pb);
- if (rc) {
- LOG_FATAL("failed to start transaction\n");
- }
- } else {
- LOG_FATAL("failed to get be backend from %s\n", dn);
- }
- }
/* Uncomment for debugging, otherwise we don't want to leak the
* password values into the log... */
/* LDAPDebug( LDAP_DEBUG_ARGS, "passwd: dn (%s), oldPasswd (%s),
@@ -313,6 +293,26 @@ parse_req_done:
goto free_and_return;
}
+ if (usetxn) {
+ Slapi_DN *sdn = slapi_sdn_new_dn_byref(dn);
+ Slapi_Backend *be = slapi_be_select(sdn);
+ slapi_sdn_free(&sdn);
+ if (be) {
+ chpwop_pb = slapi_pblock_new();
+ if (slapi_pblock_set(chpwop_pb, SLAPI_BACKEND, be)) {
+ LOG_FATAL("slapi_pblock_set failed!\n");
+ rc = LDAP_OPERATIONS_ERROR;
+ goto free_and_return;
+ }
+ rc = slapi_back_transaction_begin(chpwop_pb);
+ if (rc) {
+ LOG_FATAL("failed to start transaction\n");
+ }
+ } else {
+ LOG_FATAL("failed to get be backend from %s\n", dn);
+ }
+ }
+
/* Now we have the DN, look for the entry */
ret = ipapwd_getEntry(dn, &targetEntry, attrlist);
/* If we can't find the entry, then that's an error */