diff options
| author | Sumit Bose <sbose@redhat.com> | 2013-02-22 09:40:35 +0100 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2013-04-02 09:39:37 -0400 |
| commit | 193192a257b9234bdbfc4326a3463a5b5953d491 (patch) | |
| tree | 4ffe18e75154673bb660a6544d269098c8f42a4c | |
| parent | bceccbd6b71fa0b361d03c087ad656aa96fabedb (diff) | |
| download | freeipa.git-193192a257b9234bdbfc4326a3463a5b5953d491.tar.gz freeipa.git-193192a257b9234bdbfc4326a3463a5b5953d491.tar.xz freeipa.git-193192a257b9234bdbfc4326a3463a5b5953d491.zip | |
ipa-pwd-extop: do not use dn until it is really set
https://fedorahosted.org/freeipa/ticket/3539
| -rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 974eda31..b64084e9 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -240,26 +240,6 @@ static int ipapwd_chpwop(Slapi_PBlock *pb, struct ipapwd_krbcfg *krbcfg) } parse_req_done: - - if (usetxn) { - Slapi_DN *sdn = slapi_sdn_new_dn_byref(dn); - Slapi_Backend *be = slapi_be_select(sdn); - slapi_sdn_free(&sdn); - if (be) { - chpwop_pb = slapi_pblock_new(); - if (slapi_pblock_set(chpwop_pb, SLAPI_BACKEND, be)) { - LOG_FATAL("slapi_pblock_set failed!\n"); - rc = LDAP_OPERATIONS_ERROR; - goto free_and_return; - } - rc = slapi_back_transaction_begin(chpwop_pb); - if (rc) { - LOG_FATAL("failed to start transaction\n"); - } - } else { - LOG_FATAL("failed to get be backend from %s\n", dn); - } - } /* Uncomment for debugging, otherwise we don't want to leak the * password values into the log... */ /* LDAPDebug( LDAP_DEBUG_ARGS, "passwd: dn (%s), oldPasswd (%s), @@ -313,6 +293,26 @@ parse_req_done: goto free_and_return; } + if (usetxn) { + Slapi_DN *sdn = slapi_sdn_new_dn_byref(dn); + Slapi_Backend *be = slapi_be_select(sdn); + slapi_sdn_free(&sdn); + if (be) { + chpwop_pb = slapi_pblock_new(); + if (slapi_pblock_set(chpwop_pb, SLAPI_BACKEND, be)) { + LOG_FATAL("slapi_pblock_set failed!\n"); + rc = LDAP_OPERATIONS_ERROR; + goto free_and_return; + } + rc = slapi_back_transaction_begin(chpwop_pb); + if (rc) { + LOG_FATAL("failed to start transaction\n"); + } + } else { + LOG_FATAL("failed to get be backend from %s\n", dn); + } + } + /* Now we have the DN, look for the entry */ ret = ipapwd_getEntry(dn, &targetEntry, attrlist); /* If we can't find the entry, then that's an error */ |