IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

uuid-plugin: Fix control access bug on replication

Browse Source 
Fixes: https://fedorahosted.org/freeipa/ticket/468
This commit is contained in:
Simo Sorce 2010-11-10 13:34:16 -05:00 committed by Rob Crittenden
parent a8637bdaa0
commit 7aae58fd2d
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c
View File

@ -785,6 +785,8 @@ static int ipauuid_pre_op(Slapi_PBlock *pb, int modtype)
int ret = LDAP_SUCCESS;
bool locked = false;
bool set_attr;
int is_repl_op;
int is_config_dn;
LOG_TRACE("--in-->\n");
@ -798,6 +800,20 @@ static int ipauuid_pre_op(Slapi_PBlock *pb, int modtype)
goto done;
}
is_config_dn = ipauuid_dn_is_config(dn);
ret = slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &is_repl_op);
if (ret != 0) {
LOG_FATAL("slapi_pblock_get failed!?\n");
ret = LDAP_OPERATIONS_ERROR;
goto done;
}
/* pass through if this is a replicated operation */
if (is_repl_op && !is_config_dn) {
return 0;
}
if (modtype != LDAP_CHANGETYPE_ADD &&
modtype != LDAP_CHANGETYPE_MODIFY) {
goto done;
@ -847,7 +863,7 @@ static int ipauuid_pre_op(Slapi_PBlock *pb, int modtype)
goto done;
}
if (ipauuid_dn_is_config(dn)) {
if (is_config_dn) {
/* Validate config changes, but don't apply them.
* This allows us to reject invalid config changes
* here at the pre-op stage. Applying the config