Check and fallthrough attributes are needed for autz profile processing

author Nick Porter <nick@portercomputing.co.uk>

Thu, 27 Feb 2025 12:18:38 +0000 (12:18 +0000)

committer Nick Porter <nick@portercomputing.co.uk>

Thu, 27 Feb 2025 13:51:26 +0000 (13:51 +0000)
author Nick Porter <nick@portercomputing.co.uk>
Thu, 27 Feb 2025 12:18:38 +0000 (12:18 +0000)
committer Nick Porter <nick@portercomputing.co.uk>
Thu, 27 Feb 2025 13:51:26 +0000 (13:51 +0000)
diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c

index 7d68997085702f894b8eaf6f5f1ab0a98c43d08a..26a18716270d50715509d33a12db20bc015be588 100644 (file)
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -1849,7 +1849,8 @@ static unlang_action_t CC_HINT(nonnull) mod_authorize(rlm_rcode_t *p_result, mod
          *      User-Password here.  LDAP authorization can be used
          *      for many things besides searching for users.
          */
-       if (fr_ldap_map_expand(autz_ctx, expanded, request, call_env->user_map, inst->valuepair_attr, NULL, NULL) < 0) {
+       if (fr_ldap_map_expand(autz_ctx, expanded, request, call_env->user_map, inst->valuepair_attr,
+                              inst->profile.check_attr, inst->profile.fallthrough_attr) < 0) {
         fail:
                 talloc_free(autz_ctx);
                 RETURN_MODULE_FAIL;
author	Nick Porter <nick@portercomputing.co.uk>
	Thu, 27 Feb 2025 12:18:38 +0000 (12:18 +0000)
committer	Nick Porter <nick@portercomputing.co.uk>
	Thu, 27 Feb 2025 13:51:26 +0000 (13:51 +0000)