[Fedora-directory-devel] Please review: Bug 232377: PAM passthru ENTRY method not working
Richard Megginson
rmeggins at redhat.com
Thu Mar 15 17:04:01 UTC 2007
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232377
Resolves: bug 232377
Bug Description: PAM passthru ENTRY method not working
Reviewed by: ???
Files: see diff
Branch: HEAD
Fix Description: There are several problems.
1) For the ENTRY method to perform the internal search to get the entry
for the bind DN, it must have a component ID (aka plugin identity). The
code was already there to get/set it, but it was never initialized in
the init function.
2) You cannot mix slapi_sdn_new* with slapi_sdn_init* - slapi_sdn_init
will erase the knowledge that the Slapi_DN was allocated with malloc and
it will not free it in slapi_sdn_free().
3) People may assume they can specify a subtree (e.g.
ou=people,dc=example,dc=com) instead of a suffix for the list of
included/excluded suffixes. The error message will not print a list of
valid suffixes for the admin to use.
4) slapi_be_exist was failing because the database does not notify the
mapping tree code that the backend is started during startup. This
works fine under normal conditions because most all of the code in
mapping_tree.c will lookup the backend if the mtn_be pointer in the
mapping tree node is NULL. However, slapi_be_exist and slapi_be_select
do not do this. The proper solution is to call slapi_mtn_be_started()
at database startup time. This is the same thing that happens when a
backend is added at runtime.
Platforms tested: FC6
Flag Day: no
Doc impact: no
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=150138&action=diff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20070315/c0361a70/attachment.bin>
More information about the Fedora-directory-devel
mailing list