Author: rmeggins
Update of /cvs/dirsec/dsgw
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv16211/dsgw
Modified Files:
entrydisplay.c
Log Message:
Resolves: bug 471681
Bug Description: DSGW authenticate multi-result hyperlinks broken
Reviewed by: nhosoi (Thanks!)
Fix Description: 1) The quoting was a bit off. The DSGW code adds double quotes at the
beginning and end of the javascript. We have to use %22 to have DSGW emit double quotes
in the right places where other double quotes are needed.
2) If you are attempting to auth as a real user, and you have password policy on such that
the user must change the password after reset, and you are using a binddn instead of the
default anon, the auth screen would not prompt you for your old password, because it
thought you were already bound as the binddn. The binddn is not a real user in this case,
and so should not be considered when testing for "bound".
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: entrydisplay.c
===================================================================
RCS file: /cvs/dirsec/dsgw/entrydisplay.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- entrydisplay.c 20 Mar 2008 02:18:39 -0000 1.10
+++ entrydisplay.c 22 Dec 2008 19:50:15 -0000 1.11
@@ -2912,7 +2912,9 @@
}
if ( strcasecmp( argv[0], DSGW_COND_BOUND ) == 0 ) {
- return( dsgw_get_binddn() != NULL );
+ /* We are not really considered to be bound if we are bound
+ as the binddn user */
+ return( (dsgw_get_binddn() != NULL) && gc->gc_binddn && (0 ==
dsgw_dn_cmp(dsgw_get_binddn(), gc->gc_binddn)) );
}
if ( strcasecmp( argv[0], DSGW_COND_BOUNDASTHISENTRY ) == 0 ) {
Show replies by date