--On Thursday, November 09, 2006 2:20 AM +0000 lsherida@nccs.nasa.gov wrote:

Full_Name: Lee Sheridan Version: 2.3.27 OS: Debian GNU/Linux (etch) URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (69.168.13.7)

In servers/slapd/overlays/ppolicy.c, check_password_quality function, at line 530, the value of the 'ok' variable is discarded by unconditionally assigning it the value LDAP_SUCCESS.

The variable is the return code of the user-defined check_password() function, which is assigned at line 522. The next if-then-else block is checking to see if the module reported an error, at which point 'ok' would be assigned LDAP_OTHER regardless of what check_password() returned. A superfluous else block appears after this check, assigning 'ok' to LDAP_SUCCESS.

It works fine for me if I remove the else block.

Howard checked in a fix to HEAD for this last night, please test.

--Quanah

-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html