From fc23c81a69fa707d1d47bbd8fb4863942e5e6f2b Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Thu, 30 Nov 2006 14:01:40 +0000
Subject: [PATCH] Update the server to allow the use of the StartTLS extended operation when a user's account is in the "must change" state.

---
 opends/src/server/org/opends/server/core/DirectoryServer.java |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/DirectoryServer.java b/opends/src/server/org/opends/server/core/DirectoryServer.java
index ea8d609..e255767 100644
--- a/opends/src/server/org/opends/server/core/DirectoryServer.java
+++ b/opends/src/server/org/opends/server/core/DirectoryServer.java
@@ -6419,11 +6419,13 @@
                                        msgID);
 
         case EXTENDED:
-          // This will only be allowed if it's a password modify request.
+          // We will only allow the password modify and StartTLS extended
+          // operations.
           ExtendedOperation extOp      = (ExtendedOperation) operation;
           String            requestOID = extOp.getRequestOID();
           if ((requestOID == null) ||
-              (! requestOID.equals(OID_PASSWORD_MODIFY_REQUEST)))
+              ((! requestOID.equals(OID_PASSWORD_MODIFY_REQUEST)) &&
+               (! requestOID.equals(OID_START_TLS_REQUEST))))
           {
             msgID   = MSGID_ENQUEUE_MUST_CHANGE_PASSWORD;
             message = getMessage(msgID);

--
Gitblit v1.10.0