[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4049) passwordModify: oldPassword ignored



Quick fix and test cases added to HEAD...

At 10:42 PM 9/28/2005, kurt@OpenLDAP.org wrote:
>Full_Name: Kurt Zeilenga
>Version: HEAD, 2.3, 2.2
>OS: FreeBSD
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (24.205.218.53)
>
>
>slapd(8) is not properly checking oldPasswords.  That is,
>the operation:
>
>ldappasswd -x -D "cn=User,dc=example,dc=com" -w "secret" -a "old" -s "new"
>
>should fail as old != secret.   In HEAD (and likely both re22/23), this
>succeeds!