From 056dd981300493ad3dcfd6c4a5b00de7fbbccaaf Mon Sep 17 00:00:00 2001
From: Bradley Nicholes <bnicholes@apache.org>
Date: Thu, 4 Nov 2004 15:46:51 +0000
Subject: [PATCH] If the entry has a password then don't allow
 util_ldap_cache_getuserdn() to update the expiration timeout since it has no
 idea when the password was last validated.

Submitted by: Jari Ahonen [jah progress.com]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105681 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/ldap/util_ldap.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c
index 9c44b761971..0fa6187f1f3 100644
--- a/modules/ldap/util_ldap.c
+++ b/modules/ldap/util_ldap.c
@@ -1096,7 +1096,12 @@ start_over:
             /* Nothing in cache, insert new entry */
             util_ald_cache_insert(curl->search_cache, &the_search_node);
         }
-        else {
+        /*
+         * Don't update lastbind on entries with bindpw because
+         * we haven't verified that password. It's OK to update
+         * the entry if there is no password in it.
+         */
+        else if (!search_nodep->bindpw) {
             /* Cache entry is valid, update lastbind */
             search_nodep->lastbind = the_search_node.lastbind;
         }
-- 
2.47.2