Fixed authentication check for CHAUTHTOK_PRELIM

When changing passwords, treat SDAP_AUTH_PW_EXPIRED as a successful authentication in SSS_PAM_CHAUTHTOK_PRELIM.
author: Ralf Haferkamp <rhafer@suse.de> 2010-03-12 14:42:09 +0100
committer: Stephen Gallagher <sgallagh@redhat.com> 2010-03-15 08:15:28 -0400
commit: b4c01ab6d58519431f2c88deec14e0371233eeef (patch)
tree: 38d603b29df98cf0c8560ebad3136fe93ecafdd7 /src/providers/ldap/ldap_auth.c
parent: 71c4f9723d2f7ffd8450f4ec28d39dda1e3e42a3 (diff)
download: sssd-b4c01ab6d58519431f2c88deec14e0371233eeef.tar.gz
sssd-b4c01ab6d58519431f2c88deec14e0371233eeef.tar.xz
sssd-b4c01ab6d58519431f2c88deec14e0371233eeef.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
index ba1136bdd..522870307 100644
--- a/src/providers/ldap/ldap_auth.c
+++ b/src/providers/ldap/ldap_auth.c
@@ -721,7 +721,7 @@ static void sdap_auth4chpass_done(struct tevent_req *req)
         goto done;
     }
 
-    if (result == SDAP_AUTH_SUCCESS &&
+    if ( (result == SDAP_AUTH_SUCCESS || result == SDAP_AUTH_PW_EXPIRED ) &&
         state->pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) {
         DEBUG(9, ("Initial authentication for change password operation "
                   "successful.\n"));
author	Ralf Haferkamp <rhafer@suse.de>	2010-03-12 14:42:09 +0100
committer	Stephen Gallagher <sgallagh@redhat.com>	2010-03-15 08:15:28 -0400
commit	b4c01ab6d58519431f2c88deec14e0371233eeef (patch)
tree	38d603b29df98cf0c8560ebad3136fe93ecafdd7 /src/providers/ldap/ldap_auth.c
parent	71c4f9723d2f7ffd8450f4ec28d39dda1e3e42a3 (diff)
download	sssd-b4c01ab6d58519431f2c88deec14e0371233eeef.tar.gz sssd-b4c01ab6d58519431f2c88deec14e0371233eeef.tar.xz sssd-b4c01ab6d58519431f2c88deec14e0371233eeef.zip