git.samba.org / kamenim / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6d7b964)
s4:dsdb/password_hash: implement DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID
authorStefan Metzmacher <metze@samba.org>
Wed, 30 Jun 2010 06:26:08 +0000 (08:26 +0200)
committerStefan Metzmacher <metze@samba.org>
Mon, 5 Jul 2010 16:00:15 +0000 (18:00 +0200)
metze

source4/dsdb/samdb/ldb_modules/password_hash.c patch | blob | history

diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index f85ae1e5b910d1947d677302a531a4dd8f53f411..505f2c26f74bc8663b1c74bfe51f23dbecf2e538 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -2187,6 +2187,7 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req)
        struct ldb_message_element *userPasswordAttr, *clearTextPasswordAttr,
                *ntAttr, *lmAttr;
        int ret;
+       struct ldb_control *bypass = NULL;
 
        ldb = ldb_module_get_ctx(module);
 
@@ -2202,6 +2203,15 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req)
                return ldb_next_request(module, req);
        }
 
+       bypass = ldb_request_get_control(req,
+                                        DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID);
+       if (bypass != NULL) {
+               /* Mark the "bypass" control as uncritical (done) */
+               bypass->critical = false;
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "password_hash_add (bypassing)\n");
+               return ldb_next_request(module, req);
+       }
+
        /* nobody must touch password histories and 'supplementalCredentials' */
        if (ldb_msg_find_element(req->op.add.message, "ntPwdHistory")) {
                return LDB_ERR_UNWILLING_TO_PERFORM;
@@ -2363,6 +2373,7 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r
        struct ldb_message *msg;
        struct ldb_request *down_req;
        int ret;
+       struct ldb_control *bypass = NULL;
 
        ldb = ldb_module_get_ctx(module);
 
@@ -2378,6 +2389,15 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r
                return ldb_next_request(module, req);
        }
 
+       bypass = ldb_request_get_control(req,
+                                        DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID);
+       if (bypass != NULL) {
+               /* Mark the "bypass" control as uncritical (done) */
+               bypass->critical = false;
+               ldb_debug(ldb, LDB_DEBUG_TRACE, "password_hash_modify (bypassing)\n");
+               return ldb_next_request(module, req);
+       }
+
        /* nobody must touch password histories and 'supplementalCredentials' */
        if (ldb_msg_find_element(req->op.mod.message, "ntPwdHistory")) {
                return LDB_ERR_UNWILLING_TO_PERFORM;
kamenim's wip repo