From 2c9892b85301d530ff8425669f9d5c7d4b6eadaa Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Wed, 20 Sep 2006 03:53:16 +0000
Subject: [PATCH] Update the password modify extended operation to fix a problem in which changes made over an unauthenticated connection with an authorization ID and password were not properly detected as a self change.

---
 opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
index 755b2d7..fe2278a 100644
--- a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
+++ b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
@@ -460,7 +460,7 @@
 
       // Determine whether the user is changing his own password or if it's an
       // administrative reset.
-      boolean selfChange = ((userIdentity == null) ||
+      boolean selfChange = ((userIdentity == null) || (requestorDN == null) ||
                             userDN.equals(requestorDN));
 
 
@@ -943,7 +943,8 @@
       // password" flag in the client connection.  Note that we're using the
       // authentication DN rather than the authorization DN in this case to
       // avoid mistakenly clearing the flag for the wrong user.
-      if (selfChange && (authInfo.getAuthenticationDN().equals(userDN)))
+      if (selfChange && (authInfo.getAuthenticationDN() != null) &&
+          (authInfo.getAuthenticationDN().equals(userDN)))
       {
         operation.getClientConnection().setMustChangePassword(false);
       }

--
Gitblit v1.10.0