389-ds-base

Clone
Source Code
GIT

8f69048 Bug 829213 - unhashed#user#password visible after changing password

8 files Authored by Noriko Hosoi 11 years ago, Committed by nhosoi 11 years ago,
raw patch tree parent
8 files changed. 122 lines added. 22 lines removed.
ldap/servers/slapd/attr.c
file modified
+8 -1
ldap/servers/slapd/back-ldbm/ldbm_modify.c
file modified
+6 -0
ldap/servers/slapd/entry.c
file modified
+37 -6
ldap/servers/slapd/entrywsi.c
file modified
+25 -6
ldap/servers/slapd/pblock.c
file modified
+17 -0
ldap/servers/slapd/plugin_internal_op.c
file modified
+18 -3
ldap/servers/slapd/schema.c
file modified
+9 -6
ldap/servers/slapd/slapi-private.h
file modified
+2 -0 
    Bug 829213 - unhashed#user#password visible after changing password
    
    https://bugzilla.redhat.com/show_bug.cgi?id=829213
    
    Bug Description: unhashed password is stored in the entry in memory
    when an entry/a password is added or the password is modified.
    The password could be visible by the ordinary search if the type
    "unhashed#user#password" is specified in the attribute list.
    
    Fix Description:
    1. Set "unhashed#user#password" to the forbidden attribute list,
       which is dropped from the search attribute list.
    2. Get effective right does not return "unhashed#user#password"
    3. In the modify operation, adding "unhashed#user#password" to or
       deleting "unhashed#user#password" from the entry never returns
       an error regardless of the attribute value.  Internally, the
       operation is ignored.
file modified
+8 -1
file modified
+6 -0
file modified
+37 -6
file modified
+25 -6
file modified
+17 -0
file modified
+18 -3
file modified
+9 -6
file modified
+2 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.