summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRalf Haferkamp <rhafer@suse.de>2010-03-12 14:42:09 +0100
committerStephen Gallagher <sgallagh@redhat.com>2010-03-15 08:15:28 -0400
commitb4c01ab6d58519431f2c88deec14e0371233eeef (patch)
tree38d603b29df98cf0c8560ebad3136fe93ecafdd7
parent71c4f9723d2f7ffd8450f4ec28d39dda1e3e42a3 (diff)
downloadsssd-b4c01ab6d58519431f2c88deec14e0371233eeef.tar.gz
sssd-b4c01ab6d58519431f2c88deec14e0371233eeef.tar.xz
sssd-b4c01ab6d58519431f2c88deec14e0371233eeef.zip
Fixed authentication check for CHAUTHTOK_PRELIM
When changing passwords, treat SDAP_AUTH_PW_EXPIRED as a successful authentication in SSS_PAM_CHAUTHTOK_PRELIM.
-rw-r--r--src/providers/ldap/ldap_auth.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
index ba1136bdd..522870307 100644
--- a/src/providers/ldap/ldap_auth.c
+++ b/src/providers/ldap/ldap_auth.c
@@ -721,7 +721,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
goto done;
}
- if (result == SDAP_AUTH_SUCCESS &&
+ if ( (result == SDAP_AUTH_SUCCESS || result == SDAP_AUTH_PW_EXPIRED ) &&
state->pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) {
DEBUG(9, ("Initial authentication for change password operation "
"successful.\n"));