mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-12-27 10:09:43 -05:00
Improve check for schemes vs cleartext passwords
This commit is contained in:
Howard Chu
parent
f15a0f1dea
commit
6cfcae11f2
1 changed files with 8 additions and 3 deletions
|
|
@ -303,10 +303,15 @@ lutil_passwd(
|
|||
}
|
||||
|
||||
#ifdef SLAPD_CLEARTEXT
|
||||
/* Do we think there is a scheme specifier here that we
|
||||
* didn't recognize? Assume a scheme name is at least 1 character.
|
||||
*/
|
||||
if (( passwd->bv_val[0] == '{' ) &&
|
||||
( strchr( passwd->bv_val, '}' ) > passwd->bv_val+1 ))
|
||||
return 1;
|
||||
if( is_allowed_scheme("{CLEARTEXT}", schemes ) ) {
|
||||
return (( passwd->bv_len == cred->bv_len ) &&
|
||||
( passwd->bv_val[0] != '{' /*'}'*/ ))
|
||||
? memcmp( passwd->bv_val, cred->bv_val, passwd->bv_len )
|
||||
return ( passwd->bv_len == cred->bv_len ) ?
|
||||
memcmp( passwd->bv_val, cred->bv_val, passwd->bv_len )
|
||||
: 1;
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Reference in a new issue