-
Notifications
You must be signed in to change notification settings - Fork 238
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sdap: provide error message when password change fail in ldap_modify mode #979
Conversation
Downstream tests passed. |
TLDR please initialize ldap_msg to NULL here:
Explanation: If in sdap_modify_recv the _ldap_msg equals NULL here:
then in sdap_modify_passwd_done we enter the function sdap_chpass_result
and then all conditions in sdap_chpass_result with ldap_msg may have some garbage value in it. Other than that the code LGTM but I still have to test it. |
Sorry, I can't see how we can get
|
…mode Steps to reproduce: 1. Configure LDAP server to enable password constraints 2. Set ldap_pwmodify_mode = ldap_modify in [domain] 3. Run SSSD and authenticate as a user 4. Run passwd to change password, use password that does not meet requirements It will print "password change successful" without this patch and server error message with this patch applied. Resolves: https://pagure.io/SSSD/sssd/issue/4148
Well, of course you can not :) My bad. Removing changes requested. |
When changing passwd to "foo" (does not meet requirements). Fedora 30 with git master:
master + this patch:
ACK. |
Steps to reproduce:
It will print "password change successful" without this patch and server
error message with this patch applied.
Resolves:
https://pagure.io/SSSD/sssd/issue/4148