From: Bradley Nicholes <bnicholes@apache.org>
Date: Thu, 4 Nov 2004 15:46:51 +0000 (+0000)
Subject: If the entry has a password then don't allow util_ldap_cache_getuserdn() to update... 
X-Git-Tag: 2.1.1~68
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=056dd981300493ad3dcfd6c4a5b00de7fbbccaaf;p=thirdparty%2Fapache%2Fhttpd.git

If the entry has a password then don't allow util_ldap_cache_getuserdn() to update the expiration timeout since it has no idea when the password was last validated.

Submitted by: Jari Ahonen [jah progress.com]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105681 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c
index 9c44b761971..0fa6187f1f3 100644
--- a/modules/ldap/util_ldap.c
+++ b/modules/ldap/util_ldap.c
@@ -1096,7 +1096,12 @@ start_over:
             /* Nothing in cache, insert new entry */
             util_ald_cache_insert(curl->search_cache, &the_search_node);
         }
-        else {
+        /*
+         * Don't update lastbind on entries with bindpw because
+         * we haven't verified that password. It's OK to update
+         * the entry if there is no password in it.
+         */
+        else if (!search_nodep->bindpw) {
             /* Cache entry is valid, update lastbind */
             search_nodep->lastbind = the_search_node.lastbind;
         }