[PATCH] s4/ldapcmp: Fix the parsing of the second set of credentials

[Kamen Mazdrashki]

Hi Toli,

On Wed, Jan 5, 2011 at 10:18, Anatoliy Atanasov
<anatoliy.atanasov at postpath.com> wrote:
> Hi Kamen,
>
>> > Hi Toli,
>>
>> What didn't work for you so that you had to change the code? I.e.:
>> http://git.samba.org/?p=samba.git;a=commitdiff;h=1cbce84683ef4fa49b85d8
>> 7988c5e8db7057530a
> What happened was that if we pass second set of arguments they were not parsed from creds2, so i had to leave the guess parameter to its default value so we can get the second set of credentials from the command line.
Hm, this is odd. I am sure it was working fine some time ago.
May be this is what we should fix?

> The side effect was that if you parse for the second set creds2.is_anonimous() fails because somehow the creds2 username was set to root(the user we were using to run the script). This showed that the is_anonimous check can't be accurate if you try to parse for the second set of credentials.
>
Yep. That's why the "no_guess" parameter was introduced.

>> http://git.samba.org/?p=samba.git;a=commitdiff;h=f8275bae5d7b471967be72
>> 22170d049c18b8882f
> After this fix the ldapcmp can be called with 2 sets of credential but failed when we passed 1 set of credentials.
> So because we can't get the second set of credentials without parsing, we had to change the wrong assumption that is_anonymous works. The easiest fix was to check for password, because if you don't pass the second set of credentials the parser will get the default username but the password will be empty.
>>
>> As far as I can see, those changes adds no value except that we may
>> get unexpected results
>> if we pass --password2 and forget to pass --username2
>> I think such unexpected result we'll have in case one have 'PASSWD'
>> environment variable set.
> That is correct, we still need to came up with a general fix to this issue.
>
> Regards, Anatoliy
>

-- 
CU,
Kamen Mazdrashki