diff options
| author | Vasilis Tsiligiannis <vasilis.tsiligiannis@nokia.com> | 2015-12-23 12:43:16 +0100 |
|---|---|---|
| committer | Vasilis Tsiligiannis <vasilis.tsiligiannis@nokia.com> | 2015-12-23 12:52:30 +0100 |
| commit | 027df03a3b8b8c2753e67c4c38f475f29a3941f0 (patch) | |
| tree | e06860de6b5d26ebba167e48028a37109642853d /nslcd/pam.c | |
| parent | fcea92db2c3069209c1de7f35528560ddb3c216c (diff) | |
Fix updating of 'shadowLastChange' attribute when chasing referrals
This fixes a bug where 'shadowLastChange' attribute cannot be updated when
chasing a referral. After a password is succesfully changed, the credentials
for binding should also be updated with the new password for the session.
Signed-off-by: Vasilis Tsiligiannis <vasilis.tsiligiannis@nokia.com>
Diffstat (limited to 'nslcd/pam.c')
| -rw-r--r-- | nslcd/pam.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/nslcd/pam.c b/nslcd/pam.c index 0eff71b..82656ae 100644 --- a/nslcd/pam.c +++ b/nslcd/pam.c @@ -3,6 +3,7 @@ Copyright (C) 2009 Howard Chu Copyright (C) 2009-2014 Arthur de Jong + Copyright (C) 2015 Nokia Solutions and Networks This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -711,6 +712,14 @@ static int try_pwmod(MYLDAP_SESSION *oldsession, rc = myldap_passwd(session, userdn, oldpassword, newpassword); if (rc == LDAP_SUCCESS) { + /* if user modifies own password, update credentials for the session */ + if (binddn == userdn) + if (myldap_set_credentials(session, binddn, newpassword)) { + log_log(LOG_WARNING, "%s: shadowLastChange: modification failed: %s", + userdn, ldap_err2string(LDAP_LOCAL_ERROR)); + myldap_session_close(session); + return rc; + } /* try to update the shadowLastChange attribute */ if (update_lastchange(session, userdn) != LDAP_SUCCESS) /* retry with the normal session */ |