New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
unhashed#user#password in entry extension #402
Comments
Comment from nhosoi (@nhosoi) at 2012-06-29 04:38:40 Fix description: This patch stashes unhashed password in the |
Comment from nhosoi (@nhosoi) at 2012-06-29 05:14:02 [Example change for unhashed password users]
|
Comment from nhosoi (@nhosoi) at 2012-07-02 23:31:15 git patch file (master) |
Comment from nhosoi (@nhosoi) at 2012-07-02 23:32:43 Fix description: This patch adds the method to use entry It introduces the definition "USE_OLD_UNHASHED" in configure.ac Once all the plugins' migration is done, the old method can be |
Comment from nkinder (@nkinder) at 2012-07-07 02:38:33 There appears to have been a problem merging your changes in ldap/servers/slapd/ldaputil.c with the patch for ticket 399. Your patch reverts the fix made to always get the bind result, which will cause a regression. |
Comment from nkinder (@nkinder) at 2012-07-07 03:03:32 It looks odd that the slapi_entry_apply_mod_extension() and entry_apply_mod_wsi() functions expect SLAPI_PW_* specific extensions since these are generic functions. Is this a safe assumption? If pw_entry_constructor() fails to allocate a lock, should we just return NULL without allocating and returning pw_extp? The slapi_rwlock_*() functions called by the extension get/set functions do check if the lock is NULL before attempting to use them, but this will behave with no protection from the lock. Does pw_copy_entry_ext() need to use the rwlock from the source and destination extensions? |
Comment from nhosoi (@nhosoi) at 2012-07-07 05:27:40 Replying to [comment:5 nkinder]:
Sorry, I don't know why the file was reverted. I recreated the patch which has no change on ldaputil.c.
Yes, you are right! I replaced SLAPI_PW_SET_ADD with SLAPI_EXT_SET_ADD and SLAPI_PW_SET_REPLACE with SLAPI_EXT_SET_REPLACE.
A good point. Thanks for pointing it out. I've modified constructor to return NULL when slapi_new_rwlock fails. If it happens, "struct slapi_pw_entry_ext" won't be allocated. And the following unhashed password set/get fails with ""pw_entry_extension is not set".
Another good point! I added to call slapi_rwlock_wrlock to protect valuearray_add_valuearray. |
Comment from nhosoi (@nhosoi) at 2012-07-07 05:37:04 git patch file (master) - take 3 including autogen'ed files. |
Comment from nkinder (@nkinder) at 2012-07-11 00:27:56 Does pw_copy_entry_ext() also need to obtain a reader lock on src_extp? I would think it should hold a reader lock before it attempts to copy src_extp->pw_entry_values. Aside from that, the patch looks good. |
Comment from nhosoi (@nhosoi) at 2012-07-11 03:27:17 git patch file (master) - take 4 including autogen'ed files. |
Comment from nhosoi (@nhosoi) at 2012-07-11 03:33:12 git patch file (master) - take 4 including autogen'ed files. |
Comment from nhosoi (@nhosoi) at 2012-07-11 03:39:48 Replying to [comment:8 nkinder]:
Thanks a lot, Nathan! I added the read lock and the new patch is attached to this ticket. |
Comment from nhosoi (@nhosoi) at 2012-07-11 03:55:52 Reviewed by Nathan (Thank you!!!) Pushed to master. $ git merge trac402 $ git push |
Comment from nkinder (@nkinder) at 2012-08-28 04:14:44 Added initial screened field value. |
Comment from nhosoi (@nhosoi) at 2013-06-13 07:04:56 git patch file (master) |
Comment from nhosoi (@nhosoi) at 2013-06-13 07:05:37 Description: commit 091c749 This patch eliminated the check and the attribute to be stored |
Comment from nhosoi (@nhosoi) at 2013-06-13 07:29:36 Reviewed by Nathan (Thank you!!) Pushed to master: commit c4667c0 Pushed to 389-ds-base-1.3.1: commit 539419f |
Comment from nhosoi (@nhosoi) at 2017-02-11 23:09:14 Metadata Update from @nhosoi:
|
Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/402
This fix is a hack.
Ticket 378 (closed enhancement: fixed)
unhashed#user#password field
It treats unhashe#user#password specially all over the code, which is not preferable.
Opening a new ticket to enhance the unhashed password handling.
The text was updated successfully, but these errors were encountered: