ITS#8762 Clear pwdFailureTime on unlock

author Ondřej Kuzník <ondra@mistotebe.net>

Wed, 3 Jun 2020 12:40:23 +0000 (13:40 +0100)

committer Quanah Gibson-Mount <quanah@openldap.org>

Fri, 3 Jul 2020 20:42:14 +0000 (20:42 +0000)
author Ondřej Kuzník <ondra@mistotebe.net>
Wed, 3 Jun 2020 12:40:23 +0000 (13:40 +0100)
committer Quanah Gibson-Mount <quanah@openldap.org>
Fri, 3 Jul 2020 20:42:14 +0000 (20:42 +0000)
diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c

index c9610de06ab0fc4aa69b56a1f6a74f2300e5fd2b..e559e17ec947dfe5032f3b640347dbd0a249fd39 100644 (file)
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -2740,6 +2740,17 @@ do_modify:
                         ber_memfree(bv.bv_val);
                         addmod->sml_values[0] = hpw;
                 }
+       } else {
+               /* ITS#8762 Make sure we drop pwdFailureTime if unlocking */
+               if (got_del_lock && !got_del_fail && attr_find(e->e_attrs, ad_pwdFailureTime )) {
+                       mods = (Modifications *) ch_calloc( sizeof( Modifications ), 1 );
+                       mods->sml_op = LDAP_MOD_DELETE;
+                       mods->sml_desc = ad_pwdFailureTime;
+                       mods->sml_flags = SLAP_MOD_INTERNAL;
+                       mods->sml_next = NULL;
+                       modtail->sml_next = mods;
+                       modtail = mods;
+               }
         }
         op->o_bd->bd_info = (BackendInfo *)on->on_info;
         be_entry_release_r( op, e );
author	Ondřej Kuzník <ondra@mistotebe.net>
	Wed, 3 Jun 2020 12:40:23 +0000 (13:40 +0100)
committer	Quanah Gibson-Mount <quanah@openldap.org>
	Fri, 3 Jul 2020 20:42:14 +0000 (20:42 +0000)