diff options
author | jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-05-01 21:09:16 +0000 |
---|---|---|
committer | jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-05-01 21:09:16 +0000 |
commit | c255a4e30d0368b6c05112128d5f5e3a4b77d9e6 (patch) | |
tree | ce57224f44df8cbdfd9a72607fe0bc89e2d2566b /pki/base/tps | |
parent | eb1567f555bbfd7f33addf825870b6b80bfdfa21 (diff) | |
download | pki-c255a4e30d0368b6c05112128d5f5e3a4b77d9e6.tar.gz pki-c255a4e30d0368b6c05112128d5f5e3a4b77d9e6.tar.xz pki-c255a4e30d0368b6c05112128d5f5e3a4b77d9e6.zip |
Fix for #494983, unable to re-enroll token.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@425 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/tps')
-rw-r--r-- | pki/base/tps/src/tus/tus_db.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/pki/base/tps/src/tus/tus_db.c b/pki/base/tps/src/tus/tus_db.c index efd8ef922..5984bbad6 100644 --- a/pki/base/tps/src/tus/tus_db.c +++ b/pki/base/tps/src/tus/tus_db.c @@ -3832,16 +3832,38 @@ TPS_PUBLIC int allow_token_enroll_policy(char *cn, const char *policy) LDAPMessage *e = NULL; char **v = NULL; int can_reenroll = 0; + int token_is_uninitialized = 0; + int is_reenroll_attempt = 0; int rc = -1; + char *token_status = NULL; + + if(PL_strstr(policy,"RE_ENROLL")) + is_reenroll_attempt = 1; if (cn != NULL && PL_strlen(cn) > 0) { if ((rc = find_tus_db_entry (cn, 0, &result)) == LDAP_SUCCESS) { e = get_first_entry (result); if (e != NULL) { + if(is_reenroll_attempt) { + token_status = get_token_status(e); + + if(token_status && PL_strcmp(token_status,STATE_UNINITIALIZED) == 0) + token_is_uninitialized = 1; + + if(token_status) { + PR_Free(token_status); + token_status = NULL; + } + } + if ((v = ldap_get_values(ld, e, TOKEN_POLICY)) != NULL) { if (v[0] != NULL && PL_strlen(v[0]) > 0) { if (PL_strstr(v[0], policy)) { can_reenroll = 1; + } else { + if( is_reenroll_attempt && token_is_uninitialized) { + can_reenroll = 1; + } } } if( v != NULL ) { |