Steps: 0. assume there is no entry which dn is uid=tuser1,,ou=People,dc=example,dc=com
delete a password of the non-existing entry
$ ldapmodify ... << EOF dn: uid=tuser1,,ou=People,dc=example,dc=com changetype: modify delete: userpassword (userpassword: tuser1) EOF
If the bind user has the privilege to delete the password, the operation crashes the server.
Bug description: When attempting to delete a password from an entry, a password syntax checking api check_pw_syntax_ext missed a check if the target entry exists or not. Note: add and replace checks it and handles the case correctly.
Fix description: In this patch the check is added to the delete case, as well.
git patch file (master) 0001-Ticket-584-Existence-of-an-entry-is-not-checked-when.patch
Reviewed by Rich (Thank you!!)
Pushed to master: commit d559d46
Pushed to 389-ds-base-1.3.0: commit 4dcf155
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=918690
Metadata Update from @nhosoi: - Issue assigned to nhosoi - Issue set to the milestone: 1.3.0.3
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/584
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.