ldap/servers/slapd/pw_mgmt.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
New commits:
commit 66a666c669bc2e954758cbfb02209fab5e446ccf
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Tue Jan 11 10:52:41 2011 -0800
Bug 201652 - LDAPv2 bind with expired password doesn't unbind correctly
When an LDAPv2 client binds with an expired password, we call the
unbind code to disconnect the client. The unbind code doesn't handle
this well since we don't have an actual unbind operation to parse.
It seems wrong to call the unbind code to disconnect the client, as
we don't have an actual unbind operation to process and we don't
want to call any unbind plug-ins. The proper thing would be to
just disconnect the client without going through all of the unbind
operation processing.
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
index 97b51c8..7aca148 100644
--- a/ldap/servers/slapd/pw_mgmt.c
+++ b/ldap/servers/slapd/pw_mgmt.c
@@ -210,7 +210,8 @@ skip:
pre and post ops. Maybe we don't want to call them */
if (pb->pb_conn && (LDAP_VERSION2 == pb->pb_conn->c_ldapversion)) {
/* We close the connection only with LDAPv2 connections */
- do_unbind( pb );
+ disconnect_server( pb->pb_conn, pb->pb_op->o_connid,
+ pb->pb_op->o_opid, SLAPD_DISCONNECT_UNBIND, 0);
}
/* Apply current modifications */
pw_apply_mods(dn, &smods);
Show replies by date